Download presentation

Presentation is loading. Please wait.

1
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz

2
Otway-Rees A B: N C, K A (N A, N C, Alice, Bob) B KDC: K A (…), K B (N B, N C, Alice, Bob) –KDC checks that N C is the same… KDC B: N C, K A (N A, K AB ), K B (N B, K AB ) B A: K A (…) A B: K AB (timestamp) –Note: KDC already authenticated Bob

3
Analysis? N C should be unpredictable, not just a nonce –Otherwise, can impersonate B to KDC Send first message: (next N C ), “garbage” B forwards to KDC along with encryption of the next N C Next time A initiates a conversation, replay previous message from B Still uses encryption for authentication… –Serious attack if ECB is used Replace K AB with N C

4
Kerberos (May discuss in more detail later) A KDC: N 1, Alice, Bob KDC A: K A (N 1, Bob, K AB, ticket), where ticket = K B (K AB, Alice, expiration time) A B: ticket, K AB (time) B A: K AB (time+1)

5
Certificate authorities and PKI

Similar presentations

© 2021 SlidePlayer.com Inc.

All rights reserved.

To make this website work, we log user data and share it with processors. To use this website, you must agree to our Privacy Policy, including cookie policy.

Ads by Google