Presentation is loading. Please wait.

Presentation is loading. Please wait.

A less formal view of the Kerberos protocol J.-F. Pâris.

Published byAndre Harlowe Modified over 10 years ago

Similar presentations

Presentation on theme: "A less formal view of the Kerberos protocol J.-F. Pâris."— Presentation transcript:

1 A less formal view of the Kerberos protocol J.-F. Pâris

2 Dramatis personae The client logged on a workstation The client logged on a workstation The Kerberos server The Kerberos server The Ticket Granting Service The Ticket Granting Service A server s the client wants to access A server s the client wants to access

3 The three acts Talk to Kerberos and get a reply Talk to Kerberos and get a reply Talk to TGS and get a reply Talk to TGS and get a reply Talk to server s Talk to server s

4 Act One WS K S TGS Ticket granting service KerberosServer Client c on workstation WS 1

5 Act One Client sends to Kerberos a message Client sends to Kerberos a message Hello! Hello! I am client c I am client c I want a ticket for TGS I want a ticket for TGS

6 Act One WS K S TGS Ticket granting service KerberosServer Client c on workstation WS 2 1

7 Act One Kerberos replies Kerberos replies Here are the ticket and an encrypted session password Kc,tgs Here are the ticket and an encrypted session password Kc,tgs

8 What if the client lied to Kerberos? He still gets the ticket but this ticket is worthless He still gets the ticket but this ticket is worthless Why? Why?

9 What guarantees ticket integrity?

10 How is Kc,tgs encrypted?

11 How is Kc,tgs passed to the TGS?

12 How long is the ticket valid?

13 Why? Kerberos cannot revoke individual tickets Kerberos cannot revoke individual tickets It can only revoke all tickets It can only revoke all tickets

14 Act Two WS K S TGS Ticket granting service KerberosServer Client c on workstation WS 2 1 3

15 Act Two Client sends to TGS Client sends to TGS A request for server s A request for server s The ticket he/she got from Kerberos The ticket he/she got from Kerberos An authenticator encrypted with Kc,tgs and stating An authenticator encrypted with Kc,tgs and stating Who sent the ticket Who sent the ticket From which address From which address At which time At which time

16 Act Two TGS TGS Decrypts ticket using its Ktgs key Decrypts ticket using its Ktgs key Checks that ticket is valid Checks that ticket is valid Extracts session key Kc,tgs from ticket Extracts session key Kc,tgs from ticket Checks that ticket is not a duplicate by looking at timestamp inside authenticator Checks that ticket is not a duplicate by looking at timestamp inside authenticator

17 Detecting duplicates TGS will reject all tickets accompanied with authenticators whose timestamps are TGS will reject all tickets accompanied with authenticators whose timestamps are Too old Too old Same as the timestamp of a recently sent authenticator Same as the timestamp of a recently sent authenticator

18 Act Two WS K S TGS Ticket granting service KerberosServer Client c on workstation WS 2 1 34

19 Act Two TGS replies TGS replies Here is the ticket for server s and an encrypted session password Kc,s Here is the ticket for server s and an encrypted session password Kc,s

20 What guarantees ticket integrity?

21 How is Kc,s encrypted?

22 How is Kc,s passed to server s?

23 How long is the ticket valid? For a limited time as all ticket should For a limited time as all ticket should

24 Act Three WS K S TGS Ticket granting service KerberosServer Client c on workstation WS 2 1 34 5

25 Act Three Client sends to server s Client sends to server s The ticket he/she got from the TGS The ticket he/she got from the TGS An authenticator encrypted with Kc,s and stating An authenticator encrypted with Kc,s and stating Who sent the ticket Who sent the ticket From which address From which address At which time At which time

26 Act Three Server s processes ticket and authenticator as TGS did in act two Server s processes ticket and authenticator as TGS did in act two

27 Act Three WS K S TGS Ticket granting service KerberosServer Client c on workstation WS 2 1 34 5 6

28 Act Three If mutual authentication is needed, server s sends to client If mutual authentication is needed, server s sends to client Authenticator it received from c with Authenticator it received from c with Timestamp incremented by one Timestamp incremented by one

29 Why? It proves to the client that s can decrypt the authenticator It proves to the client that s can decrypt the authenticator Requires being able to decrypt the ticket issued by TGS Requires being able to decrypt the ticket issued by TGS Requires knowledge of server key Ks Requires knowledge of server key Ks

Download ppt "A less formal view of the Kerberos protocol J.-F. Pâris."

Similar presentations

1 Kerberos Anita Jones November, 2006. 2 Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.

1 Kerberos Anita Jones November, Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
The Authentication Service ‘Kerberos’ and It’s Limitations

The Authentication Service ‘Kerberos’ and It’s Limitations
CS5204 – Operating Systems 1 A Private Key System KERBEROS.

CS5204 – Operating Systems 1 A Private Key System KERBEROS.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –
KERBEROS LtCdr Samit Mehra (05IT 6018).

KERBEROS LtCdr Samit Mehra (05IT 6018).
KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.

KERBEROS A NETWORK AUTHENTICATION PROTOCOL Nick Parker CS372 Computer Networks.
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
NETWORK SECURITY.

NETWORK SECURITY.
KERBEROS www.unix.org.ua/orelly/networking/puis/ch19_06.htm.

KERBEROS
IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.

IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.
Authentication Applications The Kerberos Protocol Standard

Authentication Applications The Kerberos Protocol Standard
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.

Kerberos Part 2 CNS 4650 Fall 2004 Rev. 2. PARC Once Again Once again XEROX PARC helped develop the basis for wide spread technology Needham-Schroeder.
Designing an Authentication System Kerberos; mans best three-headed friend?

Designing an Authentication System Kerberos; mans best three-headed friend?
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Similar presentations

Ads by Google