Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Slides:



Advertisements
Similar presentations
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.
Advertisements

1 Kerberos Anita Jones November, Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.
CS5204 – Operating Systems 1 A Private Key System KERBEROS.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Akshat Sharma Samarth Shah
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
A hierarchical key management scheme for secure group communications in mobile ad hoc networks Authors: Nen-Chung Wang and Shian-Zhang Fang Sources: The.
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)
Nov.6, 2002 Secure Routing Protocol for Ad Hoc Networks Li Xiaoqi.
G Robert Grimm New York University Using Encryption for Authentication in Computer Networks.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
A simple remote user authentication scheme 1. M. S. Hwang, C. C. Lee and Y. L. Tang, “A simple remote user authentication.
A password authentication scheme with secure password updating SEC 期末報告 學號: 姓名:翁玉芬.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
A more efficient and secure dynamic ID- based remote user authentication scheme Yan-yan Wang, Jia-yong Liu, Feng-xia Xiao, Jing Dan in Computer Communications.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
1 Authentication Protocols Celia Li Computer Science and Engineering York University.
An Enhanced Two-factor User Authentication Scheme in Wireless Sensor Networks DAOJING HE, YI GAO, SAMMY CHAN, CHUN CHEN, JIAJUN BU Ad Hoc & Sensor Wireless.
1 Trust Mechanisms in Ad Hoc Networks Azar Rahimi Dehaghani Lei Hu Trust and Security Case Study 2.
1 Anonymous Roaming Authentication Protocol with ID-based Signatures Lih-Chyau Wuu Chi-Hsiang Hung Department of Electronic Engineering National Yunlin.
A scalable key pre-distribution mechanism for large-scale wireless sensor networks Author: A. N. Shen, S. Guo, H. Y. Chien and M. Y. Guo Source: Concurrency.
An efficient secure distributed anonymous routing protocol for mobile and wireless ad hoc networks Authors: A. Boukerche, K. El-Khatib, L. Xu, L. Korba.
SOS: Security Overlay Service Angelos D. Keromytis, Vishal Misra, Daniel Rubenstein- Columbia University ACM SIGCOMM 2002 CONFERENCE, PITTSBURGH PA, AUG.
Trust- and Clustering-Based Authentication Service in Mobile Ad Hoc Networks Presented by Edith Ngai 28 October 2003.
Chapter 21 Distributed System Security Copyright © 2008.
Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.
Secure Authentication Scheme with Anonymity for Wireless Communications Speaker : Hong-Ji Wei Date :
Secure emergency communication of cellular phones in ad hoc mode Authors: Arjan Durresi, Vijay Bulusu, Vamsi Paruchuri, and Leonard Barolli. Sources: Ad.
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
Two-tier authentication for cluster and individual sets in mobile ad hoc networks Authors: Yuh-Ren Tsai and Shiuh-Jeng Wang Sources: Computer Networks,
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Kerberos By Robert Smithers. History of Kerberos Kerberos was created at MIT, and was named after the 3 headed guard dog of Hades in Greek mythology Cerberus.
Secure and efficient key management in mobile ad hoc networks Authors: Bing Wu, Jie Wu, Eduardo B. Fernandez, Mohammad Ilyas, and Spyros Magliveras Sources:
Secure Communication between Set-top Box and Smart Card in DTV Broadcasting Authors: T. Jiang, Y. Hou and S. Zheng Source: IEEE Transactions on Consumer.
SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.
Key management for wireless sensor networks Sources: ACM Transactions on Sensor Networks, 2(4), pp , Sources: Computer Communications, 30(9),
Lecture 24 Wireless Network Security
Security in Wireless Ad Hoc Networks. 2 Outline  wireless ad hoc networks  security challenges  research directions  two selected topics – rational.
October 21th, 2009 HGP Team Hyunho Park, Gianni M. Ricciardi, Pierre Alauzet Hyunho Park, Gianni M. Ricciardi, Pierre Alauzet CS642 - Distributed Systems.
A flexible biometrics remote user authentication scheme Authors: Chu-Hsing Lin and Yi-Yi Lai Sources: Computer Standards & Interfaces, 27(1), pp.19-23,
Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.
User authentication schemes with pseudonymity for ubiquitous sensor network in NGN Authors: Binod Vaidya, Joel J. Rodrigues and Jong Hyuk Park Source:
Establishing authenticated channels and secure identifiers in ad-hoc networks Authors: B. Sieka and A. D. Kshemkalyani (University of Illinois at Chicago)
Security Issues in Distributed Sensor Networks Yi Sun Department of Computer Science and Electrical Engineering University of Maryland, Baltimore County.
Password-based user authentication and key distribution protocols for client-server applications Authors: Her-Tyan Yeh and Hung-Min Sun Sources: The Journal.
The Sybil attack “One can have, some claim, as many electronic persons as one has time and energy to create.” – Judith S. Donath.
Network Security Celia Li Computer Science and Engineering York University.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
Security Review Q&A Session May 1. Outline  Class 1 Security Overview  Class 2 Security Introduction  Class 3 Advanced Security Constructions  Class.
Threshold password authentication against guessing attacks in Ad hoc networks ► Chai, Zhenchuan; Cao, Zhenfu; Lu, Rongxing ► Ad Hoc Networks Volume: 5,
A secure anonymous routing protocol with authenticated key exchange for ad hoc networks Authors: R. Lu, Z. Cao, L. Wang, and C. Sun Sources: Computer Standards.
Threshold password authentication against guessing attacks in Ad hoc networks Authors: Zhenchuan Chai, Zhenfu Cao, Rongxing Lu Sources: Ad Hoc Networks,
1 SUBMITTED BY- PATEL KUMAR C.S.E(8 th - sem). SUBMITTED TO- Mr. DESHRAJ AHIRWAR.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
Cryptography CSS 329 Lecture 13:SSL.
1 Example security systems n Kerberos n Secure shell.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
1 Authentication Celia Li Computer Science and Engineering York University.
Computer Security Distributed System Security
Authors: Chun-Ta Li and Min-Shiang Hwang Reporter: Chun-Ta Li (李俊達)
Privacy Protection for E-Health Systems by
Presentation transcript:

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian Computer Science Conference (ACSC '04 ), vol. 26, pp , 2004 Reporter: Chun-Ta Li ( 李俊達 )

2 Outline  Introduction  Kerberos  Kaman  Comments

3 Introduction  Ad hoc network Wireless connections to route both data and control packets within the network Trust relationship can be threatened by malicious nodes Security demands that all packets be authenticated before being used between nodes

4 Kerberos  Kerberos [Kohl and Neuman 1993] symmetric key based indirect authentication mechanism  Participants: Kerberos server and communication clients  Significant feature Prevention of node identity forgery Detection of replay attacks Establishment of secure channels Mutual endpoint authentication

5 Kaman  For ad hoc networks Participants: multiple Kerberos servers and clients Assumptions:  All users have a secret key or password known only to them  All servers know the hashed passwords of all the users  All servers share a secret key with each other server

6 Kaman (cont.)  Operation of Kaman S1S2 C1C2 1. Request for Tickets 2. Tickets 3. Tickets 4. Acknowledgement Repository Exchange

7 Kaman (cont.)  Initialization Format of the Kaman server repository

8 Kaman (cont.)  Notations

9 Kaman (cont.)  Authentication S1 C1C //

10 Kaman (cont.)  Key revocation S1 C

11 Kaman (cont.)  Replication of repository S1S2 1.

12 Comments  Denial of service attack S1 C plaintext S1 C plaintext Authentication Key revocation

13 Comments (cont.)  Improvement S1 C1 S1 C1 Authentication Key revocation 1. Options, ID C1, {Nonce}K C1 2. ID C1, {K C, Times, Nonce+1, ID C1 }K C1 1. Options, ID C1, ID C2, Times, {Nonce}K C1 2. ID C1, {Ticket C2, K C1,C2, Times, Nonce+1, ID C2 }K C1