Presentation is loading. Please wait.

Presentation is loading. Please wait.

Distributed Authentication in Kerberos Using Public Key Cryptography

Published byNicholas Wood Modified over 7 years ago

Similar presentations

Presentation on theme: "Distributed Authentication in Kerberos Using Public Key Cryptography"— Presentation transcript:

1 Distributed Authentication in Kerberos Using Public Key Cryptography
Marvin A. Sirbu John Chung-I Chuang Carnegie Mellon University Pittsburgh, Pennsylvania 15213 A Review By Benjamin Lai

2 Presentation Overview
Background The Proposed PKDA Protocol Conclusion

3 Background Kerberos is an authentication protocol
Features a separate Authentication Server (known as KDC – Key Distribution Centre) and Ticket Granting Service (TGS) KDC keeps a symmetric key for all principals in the realm Possible attack would be on the KDC for all symmetric keys – and the subsequent key-recovery is expensive

4 The PKDA Protocol - 1 Stands for “Public key based Kerberos for Distributed Authentication” Proposed to solve the security weaknesses of the KDC Certificate Authority (CA) replaces the KDC as the trusted intermediary Elimination of the KDC and TGS – the client authenticates directly with the application server

5 The PKDA Protocol - 2 Traditional Kerberos PKDA C  AS: AS_REQ
AS  C: AS_REP C  TGS: TGS_REQ TGS  C: TGS_REP C  S: AP_REQ Separate KDC and (possibly) TGS Security provided by short-lived nature of the Ticket Granting Ticket (TGT) PKDA C  S: SCERT_REQ S  C: SCERT_REP C  S: PKTGS_REQ S  C: PKTGS_REP C  S: AP_REQ Server now act as KDC as well as TGS Security provided by checking with the CA for revoked certificates

6 The PKDA Protocol - 3 K(random) is generated by the client
C  S: PKTGS_REQ Encrypted with Server’s Public Key - P(S) S C Auth – Time K(random) Auth – Data C C – Cert K(random) S P(S) Auth – Time Encrypted with Client’s Private Key K(random) is generated by the client Everything is encrypted (besides S) for security reasons Auth – Time is included to prevent replay attacks

7 Encrypted with K(random)
The PKDA Protocol - 4 S  C: PKTGS_REP Encrypted with K(random) Session Ticket (C,S) C S Key(C,S) Auth – Time S C Key(C,S) Auth – Time Encrypted with Key(S) Key(S) is symmetric key known only to the server to prevent the client from modifying the ticket Since K(random) is generated by the client, only he can extract the information from the response

8 Conclusion In Traditional Kerberos KDC poses a big security weakness
PKDA was proposed to eliminate such security weakness. “The solution to a problem is itself another problem.” What are the potential problems that are foreseeable in the PKDA authentication scheme?

Download ppt "Distributed Authentication in Kerberos Using Public Key Cryptography"

Similar presentations

Kerberos Authentication. Kerberos Requires shared secret with KDC ( perhaps not for PKINIT) Shared session key established Time synchronization needed.

Kerberos Authentication. Kerberos Requires shared secret with KDC ( perhaps not for PKINIT) Shared session key established Time synchronization needed.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.

Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security Essentials Chapter 4

Network Security Essentials Chapter 4
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.

Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
Kerberos Authentication for Multi-organization Cross-Realm Kerberos Authentication User sent request to local Authentication Server Local AS shares cross-realm.

Kerberos Authentication for Multi-organization Cross-Realm Kerberos Authentication User sent request to local Authentication Server Local AS shares cross-realm.
1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.

1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.

Similar presentations

Ads by Google