1. KERBEROS
Miah, Md. Saef Ullah

2. What Is Kerberos?
An authentication Service, designed for using in a distributed networked environment.
Developed at MIT in mid 1980s
Named after a Greek mythological creature named “Cerberus”, a three headed dog.

3. Why Kerberos Secure Reliable Transparent Scalable
An opponent does not find it to be the weak link
Reliable
The system should be able to back up another
Transparent
An user should not be aware of authentication
Scalable
The system supports large number of clients and severs

4. Cryptography Approach
Private Key: Each party uses the same secret key to encode and decode messages.
Uses a trusted third party which can guaranty for the identity of both parties in a transaction. Security of third party is imperative.

5. How Kerberos Works
Instead of client sending password to application server:
Request Ticket from authentication server
Ticket and encrypted request sent to application server
Ticket contains Id of client, Network Address of Client and Id of server and secret encryption key shared by Application server and Authentication server.

6. How Kerberos Works

7. How Kerberos works? Ticket Granting Tickets
C → AS: IDc || IDtgs || TS1
AS → C: E Kc [Kc,tgs|| IDtgs || TS2 || Lifetime2 || Tickettgs]
Tickettgs = E Ktgs[Kc,tgs || IDC || ADC || IDtgs || TS2 || Lifetime2]

8. How Kerberos Works? The Ticket Granting Service
C → TGS: IDS || Tickettgs || AuthenticatorC
TGS → C: EKc,tgs[ KC,S || IDS || TS4 || TicketS ]
Ticket tgs = EKtgs[ KC,tgs || IDC || ADC || IDtgs || TS2 || Lifetime2 ]
Ticket S = EKS [ KC,S || IDC || ADC || IDs || TS4 || Lifetime4 ]
Authenticator C = E Kc, tgs[ IDC || ADC || TS3 ]

9. How Kerberos works? The Application Server
C → S: TicketS || AuthenticatorC
S → C: EKc,s[ TS5 + 1 ]
TicketS = EKs[ KC,S || IDC || ADC || IDs || TS4 || Lifetime4 ]
AuthenticatorC = EKc, s[ IDC || ADC || TS5 ]

10. Multiple Kerberi

11. Multiple Kerberi (contd..)
C -> AS: IDc||IDtgs||TS1
AS -> C: EKc[Kc,tgs||IDtgs||TS2||Lifetime2||Tickettgs]
C -> TGS: IDtgsrem||Tickettgs||Authenticatorc
TGS -> C: EKc,tgs[Kc,tgsrem||IDtgsrem||TS4||Lifetime2||Tickettgsrem]
C -> TGSrem: IDsrem|| Tickettgsrem|| Authenticatorc
TGSrem -> C: EKc,tgsrem[Kc,srem||IDsrem||TS6|| Ticketsrem]
C -> Srem: Ticket srem|| Authenticatorc

12. KERBEROS Version 5 versus Version4
Environmental shortcomings of Version 4:
Encryption system dependence: DES
Internet protocol dependence
Ticket lifetime
Authentication forwarding
Inter-realm authentication
Technical deficiencies of Version 4:
Double encryption
Session Keys
Password attack

13. New Elements in Kerberos Version 5
Realm
Indicates realm of the user
Options
Times
From: the desired start time for the ticket
Till: the requested expiration time
Rtime: requested renew-till time
Nonce
A random value to assure the response is fresh

14. Weaknesses and Solutions
If TGT stolen, can be used to access network services.
Only a problem until ticket expires in a few hours.
Subject to dictionary attack.
Timestamps require hacker to guess in 5 minutes.
Very bad if Authentication Server compromised.
Physical protection for the server.

15. References Cryptography and Network Security by William Stallings
erberos.htm
rotocol)
all2009