Presentation is loading. Please wait.

Presentation is loading. Please wait.

More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

Similar presentations


Presentation on theme: "More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System."— Presentation transcript:

1 More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz, Galvin, & Gagne, Distributed Systems: Principles & Paradigms, 2 nd ed. By Tanenbaum and Van Steen, and Modern Operating Systems, 2 nd ed., by Tanenbaum)

2 More on AuthenticationCS-4513 D-term 20082 Authentication and Message Integrity Both are necessary If Bob knows that Alice sent message m what good is it if m could be compromised? Encryption for message integrity If Bob receives a securely encrypted message, what good is it if he doesn’t know who from? Authentication to establish who is speaking to whom

3 More on AuthenticationCS-4513 D-term 20083 Basic Challenge-Response Protocol Assume that Alice and Bob share a key K A,B

4 More on AuthenticationCS-4513 D-term 20084 Authentication using Secure Channels At this point, Bob knows he is talking with Alice

5 More on AuthenticationCS-4513 D-term 20085 Authentication using Secure Channels At this point, Bob knows he is talking with Alice Not until this point, does Alice know she is talking with Bob

6 More on AuthenticationCS-4513 D-term 20086 What is wrong with this “Optimization”?

7 More on AuthenticationCS-4513 D-term 20087 Subject to “Reflection Attack” Attacker cons Bob into encrypting R B for him “Reflection” attack

8 More on AuthenticationCS-4513 D-term 20088 Reflection Attack

9 More on AuthenticationCS-4513 D-term 20089 Reflection Attack Bob sends a crucial piece of information without knowing to whom he is sending

10 More on AuthenticationCS-4513 D-term 200810 Challenge-Response Summary Method for two principals to mutually establish who they are talking to Essential for building up additional protocols

11 More on AuthenticationCS-4513 D-term 200811 Questions?

12 More on AuthenticationCS-4513 D-term 200812 Review – Authentication in Grapevine

13 More on AuthenticationCS-4513 D-term 200813 Grapevine Authentication (continued) Every service must authenticate every user with a Registration service every time! Services handle all credentials  credentials must be secure from theft! Lots of network traffic Can we do better?

14 More on AuthenticationCS-4513 D-term 200814 Key Distribution Server Alice requests secure channel to Bob KDC generates session key K A,B KDC sends secure messages to both Alice and Bob containing K A,B

15 More on AuthenticationCS-4513 D-term 200815 Key Distribution Server Result –Bob trusts KDC  he knows a message encrypted with K A,B can only come from Alice –Alices trusts KDC  she knows that only Bob can read her messages encrypted with K A,B

16 More on AuthenticationCS-4513 D-term 200816 Key Distribution Server Inconvenient problem –Alice cannot begin talking with Bob until KDC has completed its exchange of information with Bob Can we do better?

17 More on AuthenticationCS-4513 D-term 200817 Key Distribution Server (continued) Result –Alice trusts KDC  she knows only Bob can open ticket –Bob trusts KDC  he knows only Alice could use K A,B This is the ticket

18 More on AuthenticationCS-4513 D-term 200818 Needham-Schroeder Protocol Nonce – a random number that is never re-used E.g., R A1, R A2, and R B Prevents intruder from replaying old tickets

19 More on AuthenticationCS-4513 D-term 200819 Kerberos Single sign-on system One login used to generate tickets for authenticating shared services on distributed system No passwords maintained by any client Two parts AS – Authentication Service TGS – Ticket Granting Service Once authenticated, user may ask TGS for a ticket for a session with any service.

20 More on AuthenticationCS-4513 D-term 200820 Kerberos (continued)

21 More on AuthenticationCS-4513 D-term 200821 Kerberos (continued) With ticket, Alice can communicate securely with Bob. Alice knows it is Bob because only Bob could descript ticket Bob knows that it is Alice because TGS said it was Timestamp prevents replaying old sessions

22 More on AuthenticationCS-4513 D-term 200822 Key Distribution Many variations –Secret (symmetric) keys –Public (asymmetric) keys Always based on trust Central part of any distributed system that requires authentication

23 More on AuthenticationCS-4513 D-term 200823 Questions?

24 More on AuthenticationCS-4513 D-term 200824 Message Integrity– Problem Alice agrees to an online purchase from Bob for $500 Alice needs to know that Bob cannot increase the agreed price in Alice’s message Bob needs to know that Alice cannot renege on previous commitment

25 More on AuthenticationCS-4513 D-term 200825 Solution – Digital Signatures Alice encrypts message in her private key  Bob knows it is from Alice Alice re-encrypts the result in Bob’s public key  no one else can read the message

26 More on AuthenticationCS-4513 D-term 200826 Solution – Digital Signatures (continued) Bob receives message, descrypts with his private key Bob sees that result is from Alice, descripts with her public key

27 More on AuthenticationCS-4513 D-term 200827 Digital Signature Many variations Used to authenticate important messages E.g., software update messages from Microsoft Used to protect messages from change Message may be in the clear with appended signature

28 More on AuthenticationCS-4513 D-term 200828 Questions


Download ppt "More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System."

Similar presentations


Ads by Google