Authentication Applications The Kerberos Protocol Standard Rabie A. Ramadan Lecture 7.
-
Upload
madisyn-seaford -
Category
Documents
-
view
241 -
download
0
Transcript of Authentication Applications The Kerberos Protocol Standard Rabie A. Ramadan Lecture 7.
Authentication ApplicationsThe Kerberos Protocol Standard
Rabie A. Ramadan
Lecture 7
Outline
I. Introduction
II. Introduction to Kerberos v4
III. Details of Kerberos v4
IV. Kerberos v5
V. Realms and Inter-Realm Authentication
Introduction
Introduction Open distributed environment
• Users at workstations wish to access servers distributed throughout the network
• Servers must restrict access to authorized users
• Servers must authenticate request for service
Workstation
Introduction
Workstation (your computer) can not be trusted to authenticate its user correctly to network services:
Three threats exist:
• User pretends to be another user.
• User alters the network address of a workstation.
• User eavesdrops on exchanges and use a replay attack.
Solutions
Server (V)
Authentication Server (AS)
Client (C)
AS knows all the passwords of all users
AS shares unique secret Keys with each server
A Simple Authentication Dialogue
Security holes? • Password sent as plain ASCII
• No time limits for tickets
• Man-in-the middle can steal the ticket and fake IDC ( simple, because it is sent as clear text).
Server (V)
Authentication Server (AS)
Client (C)
More Secure Dialogue Idea:-Introducing a Ticket Granting Server (TGS)
- Kc’ : A key that is derived from the user password
Problems with the Previous Protocol
Problems ?1. Lifetime associated with the ticket-granting ticket:
If too short → the user is repeatedly asked for the password
If too long → a greater opportunity to replay exists.• The threat is that an opponent will steal the ticket and use it
before it expires.
2. There may be a requirement for servers to authenticate themselves to users. • The false server would then be in a position to act as a real
server and capture any information from the user and deny the true service to the user.
What is Kerberos? Network authentication protocol
Developed at MIT in the mid 1980s
Relies on conventional encryption, making no use of public-key encryption.
Available as open source or in supported commercial software
Two versions: version 4 (passing slowly away) and 5 coexist.
Kerberos 4 Overview
Version 4: Authentication Dialogue
Authenticatorc
First Step : C to AS
Second step: AS to C
Third step: C to TGS
Fourth step: TGS to C
Fifth step: C to V
Sixth step: V to C
Kerberos Realms
A Kerberos environment consists of:• a Kerberos server
• a number of clients, all registered with server
• application servers, sharing keys with server
This is termed a realm• typically a single administrative domain
Request for Service in Another Realm V.4
Users on one realm may need access to servers in other realms
Please consult the book for more details
Difference Between Version 4 and 5 Encryption system dependence (v.4 DES)
Message byte ordering (v.4 arbitrary; v.5 defined by ASN1 Standard)
Ticket lifetime (v.4 21h max; v.5 arbitrary)
Authentication forwarding to other hosts (v.4 no; v.5 yes),• A client accesses a server. The server can not act on another
server on behalf of the client)
Inter-realm authentication: v.4 (v5. simpler)
Kerberos Version 5
Developed in mid 1990’s Provides improvements over v4
• addresses environmental shortcomings• encryption algoithms, network protocol, byte order,
ticket lifetime, authentication forwarding, interrealm authentication
Specified as Internet standard RFC 1510
New Fields in V5
Realm: Indicates realm of userOptions: Used to request that certain flags be set in the returned ticketTimes: Used by the client to request the following time settings in the ticket:
from: the desired start time for the requested tickettill: the requested expiration time for the requested ticketrtime: requested renew-till time
Nonce: A random value to be repeated in message (2) to assure that the response is fresh and has not been replayed by an opponent
New Fields in V5
Subkey: The client's choice for an encryption key to be used to protect this specific application session. If this field is omitted, the session key from the ticket (Kc,v) is used.
Sequence number: An optional field that specifies the starting sequence number to be used by the server for messages sent to the client during this session. Messages may be sequence numbered to detect replays.
Kerberos Limitations Every network service must be individually modified for use with Kerberos
Doesn’t work well in time sharing environment
Requires a secure Kerberos Server
Requires a continuously available Kerberos Server
Stores all passwords encrypted with a single key
Assumes workstations are secure
Scalability