Authentication Advanced Software Engineering (CSE870) Instructor: Dr. B. Cheng Contact info: chengb at cse dot msu dot edu Eduardo Diaz Dan Fiedler Andres.

Slides:



Advertisements
Similar presentations
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Advertisements

AUTHENTICATION AND KEY DISTRIBUTION
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Chapter 10 Real world security protocols
Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –
Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Handshake Protocols COEN 350. Simple Protocol Alice: Hi, I am Alice. My password is “fiddlesticks”. Bob: Welcome, Alice.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:
Computer Security Key Management
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
Kerberos Authenticating Over an Insecure Network.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
1 Key Management CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute April 1, 2004.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.
More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
Slide 1 Vitaly Shmatikov CS 378 Key Establishment Pitfalls.
Computer Security1 Bishop: Chapter 9 Key Management.
Key Distribution CS 470 Introduction to Applied Cryptography
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
1 Authentication Protocols Celia Li Computer Science and Engineering York University.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.
Key Agreement Guilin Wang School of Computer Science 12 Nov
Chapter 21 Distributed System Security Copyright © 2008.
Security protocols  Authentication protocols (this lecture)  Electronic voting protocols  Fair exchange protocols  Digital cash protocols.
Security protocols and their verification Mark Ryan University of Birmingham Midlands Graduate School University of Birmingham April 2005 Steve Kremer.
Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.
Key Management Celia Li Computer Science and Engineering York University.
Week 4 - Wednesday.  What did we talk about last time?  RSA algorithm.
Q: How do Ole and Lena get a shared private key? 1) Lena  LockmasterE keyLena ( ID Lena || ID Ole ) Example (Suppose Lena wants a key to shared with Ole.)
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
Hypertext transfer family of protocols (HTTP, HTTPS, SOAP) CSE 870 Miniproject on Frameworks Advanced Software Engineering Contact: Dr. B. Cheng, chengb.
1 Needham-Schroeder A --> S: A,B, N A S --> A: {N A,B,K AB,{K AB,A} KBS } KAS A --> B:{K AB,A} KBS B --> A:{N B } KAB A --> B:{N B -1} KAB.
Lecture 5.2: Key Distribution: Private Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.
Kerberos Guilin Wang School of Computer Science 03 Dec
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.
1 Kerberos n Part of project Athena (MIT). n Trusted 3rd party authentication scheme. n Assumes that hosts are not trustworthy. n Requires that each client.
Lecture 5.1: Message Authentication Codes, and Key Distribution
COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management.
Week 4 - Friday.  What did we talk about last time?  Public key cryptography  A little number theory.
KERBEROS SYSTEM Kumar Madugula.
Fall 2006CS 395: Computer Security1 Key Management.
Chapter 3 Basic Protocols. 3.1 Key Exchange n Session Key - Why? n Key Exchange with Symmetric Cryp. KDC request E KA (K AB ), E KB (K AB ) E KB (K AB.
1 SUBMITTED BY- PATEL KUMAR C.S.E(8 th - sem). SUBMITTED TO- Mr. DESHRAJ AHIRWAR.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.
1 Authentication Celia Li Computer Science and Engineering York University.
Chapter 9. Key management
Key Management Session and Interchange Key Key Exchange
Kayra Hopkins Loretta Macklem
Network Security – Kerberos
AIT 682: Network and Systems Security
Presentation transcript:

Authentication Advanced Software Engineering (CSE870) Instructor: Dr. B. Cheng Contact info: chengb at cse dot msu dot edu Eduardo Diaz Dan Fiedler Andres Ramirez Eduardo Diaz Dan Fiedler Andres Ramirez

Road Map  Introduction to Authentication  Needham-Schroeder, Otway-Rees, Kerberos  Commonalities  Additional Requirements  Class Diagrams  State Diagrams  Conclusions  Introduction to Authentication  Needham-Schroeder, Otway-Rees, Kerberos  Commonalities  Additional Requirements  Class Diagrams  State Diagrams  Conclusions

Authentication  Meet:  Alice (Staff)  Bob (MISys)  Meet:  Alice (Staff)  Bob (MISys)

Authentication  Purpose  Key exchange.  Allow Alice to secretly communicate with Bob using a shared cryptographic key.  Methods  Private keys, shared keys, public keys…  Potential Problems  Trustworthy?  Safe handling of private keys?  Purpose  Key exchange.  Allow Alice to secretly communicate with Bob using a shared cryptographic key.  Methods  Private keys, shared keys, public keys…  Potential Problems  Trustworthy?  Safe handling of private keys?

Needham-Schroeder 1.Alice Cathy: {Alice || Bob || rand 1 } 2.Cathy Alice: {Alice || Bob || rand 1 } Ksess || {Alice || Ksess} kbob } kalice 3. Alice Bob: {Alice || ksess} kbob 4. Bob Alice: {rand 2 } ksess 5. Alice Bob: {rand 2 - 1} ksess 1.Alice Cathy: {Alice || Bob || rand 1 } 2.Cathy Alice: {Alice || Bob || rand 1 } Ksess || {Alice || Ksess} kbob } kalice 3. Alice Bob: {Alice || ksess} kbob 4. Bob Alice: {rand 2 } ksess 5. Alice Bob: {rand 2 - 1} ksess

Needham Schroeder  Motive?  Prevent replay attacks  A valid data transmission is retransmitted maliciously.  Nonces  Randomly generated numbers to identify exchanges.  Key idea: Cathy is trusted by Alice and Bob.  Motive?  Prevent replay attacks  A valid data transmission is retransmitted maliciously.  Nonces  Randomly generated numbers to identify exchanges.  Key idea: Cathy is trusted by Alice and Bob.

Otway-Rees 1.Alice Bob: num || Alice || Bob || { rand 1 || num || Alice|| Bob} kalice 2. Bob Cathy: num || Alice || Bob || {rand 1 || num || Alice || Bob} kalice || {rand 2 || num || Alice || Bob} kbob 3. Cathy Bob: num || {rand 1 || k sess } kalice || {rand 2 || k sess } kbob 4. Bob Alice: num || {rand 1 || k sess } kalice 1.Alice Bob: num || Alice || Bob || { rand 1 || num || Alice|| Bob} kalice 2. Bob Cathy: num || Alice || Bob || {rand 1 || num || Alice || Bob} kalice || {rand 2 || num || Alice || Bob} kbob 3. Cathy Bob: num || {rand 1 || k sess } kalice || {rand 2 || k sess } kbob 4. Bob Alice: num || {rand 1 || k sess } kalice

Otway-Rees  Motivation  Needham-Schroeder assumes all cryptographic keys are secure… in practice generated pseudorandomly… but it can be predicted.  Num  Verify that num agrees through the exchanges.  Key Idea  Cathy is again the trustworthy element.  Motivation  Needham-Schroeder assumes all cryptographic keys are secure… in practice generated pseudorandomly… but it can be predicted.  Num  Verify that num agrees through the exchanges.  Key Idea  Cathy is again the trustworthy element.

Kerberos 1.Alice Cerberus: Alice || Barnum 2.Cerberus Alice: {k alice,barnum } kalice || T alice,barnum 3.Alice Barnum: Guttenberg || A alice,barnum || T alice,barnum 4.Barnum Alice: Alice || {k alice,guttenberg } kalicebarnum || T alice,guttenberg 5.Alice Guttenberg: A alice,guttenberg || T alice,guttenberg 6. Guttenberg Alice: {t+1} kalice,guttenberg 1.Alice Cerberus: Alice || Barnum 2.Cerberus Alice: {k alice,barnum } kalice || T alice,barnum 3.Alice Barnum: Guttenberg || A alice,barnum || T alice,barnum 4.Barnum Alice: Alice || {k alice,guttenberg } kalicebarnum || T alice,guttenberg 5.Alice Guttenberg: A alice,guttenberg || T alice,guttenberg 6. Guttenberg Alice: {t+1} kalice,guttenberg

Kerberos  What is T?  T alice,barnum = Barnum || {Alice || Alice Address || valid time || k alice,barnum } kbarnum  What is A?  {Alice || generation time || kt} kalice,barnum  Kt… not used.  What is T?  T alice,barnum = Barnum || {Alice || Alice Address || valid time || k alice,barnum } kbarnum  What is A?  {Alice || generation time || kt} kalice,barnum  Kt… not used.

Kerberos  Motivation  Separate authentication of the user to ticket granting server and resource being requested.  2 Servers  Authenticate first  Obtain ticket second  Key Idea:  Time windows  Separation of trusted parties  Motivation  Separate authentication of the user to ticket granting server and resource being requested.  2 Servers  Authenticate first  Obtain ticket second  Key Idea:  Time windows  Separation of trusted parties

Commonalities  Message Passing  Authentication Requests  Encryption / Decryption  Key Passing  … other than that, not much!  Each protocol has slight variants.  Message Passing  Authentication Requests  Encryption / Decryption  Key Passing  … other than that, not much!  Each protocol has slight variants.

Additional Requirements  Same as other groups plus:  Incorporate 2 design patterns  1 must be a security design pattern  Strategy Design Pattern (encryption algorithms)  Single Access Point (entry and logging)  Instantiate the framework at MISys  At the whitebox level  Same as other groups plus:  Incorporate 2 design patterns  1 must be a security design pattern  Strategy Design Pattern (encryption algorithms)  Single Access Point (entry and logging)  Instantiate the framework at MISys  At the whitebox level

Whitebox Class Diagram

N.S. Class Diagram

O.R. Class Diagram

Kerberos Class Diagram

Whitebox Class Diagram-MISys

State Diagrams, NS

State Diagrams, N.S.

State Diagram, O.R.

State Diagram, Kerberos

Graybox Class Diagram

BlackBox Class Diagram

Conclusions  Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.