3. Introduction
Authentication: can be defined as determining an
identity to the required level of assurance.
Authentication Application : Deals with the
authentication function that have been developed to
support application-level authentication
7/10/2013
KERBEROS
3
4. Introduction to Kerberos
An authentication service developed for Project Athena at
MIT
Provides
strong security on physically insecure network
a centralized authentication server which authenticates
Users to servers
Servers to users
Relies on conventional encryption rather than public-key
encryption
7/10/2013
KERBEROS
4
5. Why Kerberos is needed ?
Problem: Not trusted workstation to identify
their users correctly in an open distributed environment
3 Threats:
7/10/2013
Pretending to be another user from the workstation
Sending request from the impersonated workstation
Replay attack to gain service or disrupt operations
KERBEROS
5
6. Why Kerberos is needed ? Cont.
Solution:
Building elaborate authentication protocols at
each server
A centralized authentication server (Kerberos)
7/10/2013
KERBEROS
6
7. Requirements for KERBEROS
Secure:
An opponent does not find it to be the weak link
Reliable:
The system should be able to back up another
Transparent:
An user should not be aware of authentication
Scalable:
The system supports large number of clients and
severs
7/10/2013
KERBEROS
7
8. KERBEROS VERSION 4
Version 4 is most widely used version
Version 4 uses of DES
Version 4 build up to the full protocol by
looking at several hypothetical dialogues
Version 5 corrects some of the security
deficiencies of Version 4
7/10/2013
KERBEROS
8
9. Problem:
An opponent can pretend to be another client and
obtain unauthorized privileges on server machine.
Solution :
Server must be able to confirm the identities of client
who request service.
7/10/2013
KERBEROS
9
11. Problem:
1. the no. of times the password should be entered
should be minimized.
2. Plaintext transmission of password
Solution :
1. Ticket-granting Server; Issues ticket to user who have
been authenticated to AS
2. The client can use this ticket to request multiple
service granting ticket.
7/10/2013
KERBEROS
11
12. Kerberos Version 4 : Dialog 2-More Secure
ticketTGS=EKtgs[IDc,ADc,IDtgs,TS1,LifeTime1
]
Once per user logon session
Once per type of service
4-TicketV
7/10/2013
KERBEROS
12
13. Kerberos Version 4 : Dialog 2
- More Secure Cont.
Once per service session
5- TicketV+ IDc
TicketV=EKv[IDc,ADc,IDv,Ts2,Lifetime2]
7/10/2013
KERBEROS
13
14. Problem:
Lifetime associated with ticket granting ticket
2. Requirement for servers to authenticate themselves to
user.
1.
7/10/2013
KERBEROS
14
15. Kerberos: The Version 4 Authentication Dialog
Once per user logon session
ticketTGS=EKtgs
[Kc.tgs, IDc,ADc,IDtgs,TS2, LifeTi
me2 ]
7/10/2013
KERBEROS
KERBEROS
15
16. Kerberos: The Version 4 Authentication Dialog
Cont.
Once per type of service
ticketTGS=EKtgs
[Kc.tgs,IDc,ADc,IDtgs, TS2, LifeTime2 ]
KERBEROS
AuthenticatorC=EKc.tgs[IDc,ADc,TS3]
ticketV=EKV[Kc.v,IDc,ADc,IDv, TS4, LifeTime4 ]
3- TicketTGS + AuthenticatorC +
IDv
4-EKc.tgs[ Kc.v,IDv,Ts4,Ticketv]
7/10/2013
KERBEROS
16
17. Kerberos: The Version 4 Authentication Dialog
Cont.
Once per service session
5- TicketV+ AuthenticatorC
6- EKc.v[TS5+1]
TicketV=EKv [Kv.c, IDc, ADc, IDv, TS4, Lifetime4]
AuthenticatorC=EKc.v [IDc,ADc,TS5]
7/10/2013
KERBEROS
17
18. Tickets:
Contains information which must be considered
private to the user
Allows user to use a service or to access TGS
Reusable for a period of particular time
Used for distribution of keys securely
7/10/2013
KERBEROS
18
19. Authenticators
Proves the client’s identity
Proves that user knows the session key
Prevents replay attack
Used only once and has a very short life time
One authenticator is typically built per session of use
of a service
7/10/2013
KERBEROS
19
21. Kerberos Realms
A single administrative domain includes:
a Kerberos server
a number of clients, all registered with server
application servers, sharing keys with server
What will happen when users in one realm need access
to service from other realms?:
Kerberos provide inter-realm authentication
7/10/2013
KERBEROS
21
22. Inter-realm Authentication:
Kerberos server in each realm shares a secret key with
other realms.
It requires
Kerberos server in one realm should trust the one in
other realm to authenticate its users
The second also trusts the Kerberos server in the first
realm
7/10/2013
KERBEROS
22
24. KERBEROS Version 5 versus Version4
Environmental shortcomings of Version 4:
Encryption system dependence: DES
Message byte ordering
Internet protocol dependence
Ticket lifetime
Authentication forwarding
Inter-realm authentication
7/10/2013
KERBEROS
24
25. KERBEROS Version 5 versus Version4
Technical deficiencies of Version 4:
Double encryption
Session Keys
Password attack
Mode of Encryption
7/10/2013
KERBEROS
25
26. New Elements in Kerberos Version 5
Realm
Indicates realm of the user
Options
Times
From: the desired start time for the ticket
Till: the requested expiration time
Rtime: requested renew-till time
Nonce
A random value to assure the response is fresh
7/10/2013
KERBEROS
26
27. Kerberos Version 5 Message Exchange:1
To obtain ticket-granting ticket:
(1)C AS : Options || IDc || Realmc || IDtgs ||Times ||
Nonce1
(2) AS C : Realmc || IDc || Ticket tgs ||
EKc [ Kc,tgs || IDtgs || Times || Nonce1 ||| Realm tgs ]
Ticket tgs= EKtgs [ Flags || Kc,tgs || Realm c ||
IDc || ADc || Times]
7/10/2013
KERBEROS
27
28. Kerberos Version 5 Message Exchange:2
To obtain service-granting ticket :
(3)C TGS : Options || IDv || Times || Nonce2 || Ticket tgs ║
Authenticator c
(4)TGS C : Realmc || IDc || Ticket v || EK c,tgs [ Kc,v ║Times||
Nonce2 || IDv ║ Realm v]
Ticket tgs= EKtgs [ Flags || Kc,tgs || Realm c || IDc || ADc ||
Times]
Ticket v : EK v [Kc,,v ║ Realmc || IDc ║ ADc ║ Times ]
Authenticator c : EK c,tgs [IDc ║ Realmc ║ TS1]
7/10/2013
KERBEROS
28
29. Kerberos Version 5 Message Exchange:3
To obtain service
(5) C S : Options || Ticket v|| Authenticator c
(6) S C : EK c,v [TS2|| Subkey || Seq# ]
Ticket v : EK v [Flags || Kc,v || Realmc ||
IDc || ADc || Times ]
Authenticator c : EK c,v [IDc || Realmc ||
TS2 || Subkey|| Seq# ]
7/10/2013
KERBEROS
29
30. Kerberos : Strengths
User's passwords are never sent across the
network, encrypted or in plain text
Secret keys are only passed across the network in encrypted
form
Client and server systems mutually authenticate
It limits the duration of their users' authentication.
Authentications are reusable and durable
7/10/2013
KERBEROS
30
31. Conclusion
Kerberos is an authentication service using convention
encryption
Kerberos the solution to network security is a protocol
designed to provide centralized authentication whose
function is to authenticate user to server and server to
user.
7/10/2013
KERBEROS
31
C = clientAS = Authentication serverV = ServerIDc = Identifier of user on CIdv = Identifier of VPc = Password of user on CAdc = Network address of Ckv=Secret Key between AS and V (Server)
The ticket is encrypted with a secret key (Kv) known only to TGS and the server , preventing alteration.
C -> AS : IDc + IDtgs + TS1AS -> C : E(Kc, [Kc,tgs + IDtgs + TS1 + Lifetime2 + Ticket tgs ])C -> TGS :