Presentation is loading. Please wait.

Presentation is loading. Please wait.

More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System."— Presentation transcript:

1 More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz, Galvin, & Gagne, Distributed Systems: Principles & Paradigms, 2 nd ed. By Tanenbaum and Van Steen, and Modern Operating Systems, 2 nd ed., by Tanenbaum)

2 More on AuthenticationCS-4513 D-term 20082 Authentication and Message Integrity Both are necessary If Bob knows that Alice sent message m what good is it if m could be compromised? Encryption for message integrity If Bob receives a securely encrypted message, what good is it if he doesn’t know who from? Authentication to establish who is speaking to whom

3 More on AuthenticationCS-4513 D-term 20083 Basic Challenge-Response Protocol Assume that Alice and Bob share a key K A,B

4 More on AuthenticationCS-4513 D-term 20084 Authentication using Secure Channels At this point, Bob knows he is talking with Alice

5 More on AuthenticationCS-4513 D-term 20085 Authentication using Secure Channels At this point, Bob knows he is talking with Alice Not until this point, does Alice know she is talking with Bob

6 More on AuthenticationCS-4513 D-term 20086 What is wrong with this “Optimization”?

7 More on AuthenticationCS-4513 D-term 20087 Subject to “Reflection Attack” Attacker cons Bob into encrypting R B for him “Reflection” attack

8 More on AuthenticationCS-4513 D-term 20088 Reflection Attack

9 More on AuthenticationCS-4513 D-term 20089 Reflection Attack Bob sends a crucial piece of information without knowing to whom he is sending

10 More on AuthenticationCS-4513 D-term 200810 Challenge-Response Summary Method for two principals to mutually establish who they are talking to Essential for building up additional protocols

11 More on AuthenticationCS-4513 D-term 200811 Questions?

12 More on AuthenticationCS-4513 D-term 200812 Review – Authentication in Grapevine

13 More on AuthenticationCS-4513 D-term 200813 Grapevine Authentication (continued) Every service must authenticate every user with a Registration service every time! Services handle all credentials  credentials must be secure from theft! Lots of network traffic Can we do better?

14 More on AuthenticationCS-4513 D-term 200814 Key Distribution Server Alice requests secure channel to Bob KDC generates session key K A,B KDC sends secure messages to both Alice and Bob containing K A,B

15 More on AuthenticationCS-4513 D-term 200815 Key Distribution Server Result –Bob trusts KDC  he knows a message encrypted with K A,B can only come from Alice –Alices trusts KDC  she knows that only Bob can read her messages encrypted with K A,B

16 More on AuthenticationCS-4513 D-term 200816 Key Distribution Server Inconvenient problem –Alice cannot begin talking with Bob until KDC has completed its exchange of information with Bob Can we do better?

17 More on AuthenticationCS-4513 D-term 200817 Key Distribution Server (continued) Result –Alice trusts KDC  she knows only Bob can open ticket –Bob trusts KDC  he knows only Alice could use K A,B This is the ticket

18 More on AuthenticationCS-4513 D-term 200818 Needham-Schroeder Protocol Nonce – a random number that is never re-used E.g., R A1, R A2, and R B Prevents intruder from replaying old tickets

19 More on AuthenticationCS-4513 D-term 200819 Kerberos Single sign-on system One login used to generate tickets for authenticating shared services on distributed system No passwords maintained by any client Two parts AS – Authentication Service TGS – Ticket Granting Service Once authenticated, user may ask TGS for a ticket for a session with any service.

20 More on AuthenticationCS-4513 D-term 200820 Kerberos (continued)

21 More on AuthenticationCS-4513 D-term 200821 Kerberos (continued) With ticket, Alice can communicate securely with Bob. Alice knows it is Bob because only Bob could descript ticket Bob knows that it is Alice because TGS said it was Timestamp prevents replaying old sessions

22 More on AuthenticationCS-4513 D-term 200822 Key Distribution Many variations –Secret (symmetric) keys –Public (asymmetric) keys Always based on trust Central part of any distributed system that requires authentication

23 More on AuthenticationCS-4513 D-term 200823 Questions?

24 More on AuthenticationCS-4513 D-term 200824 Message Integrity– Problem Alice agrees to an online purchase from Bob for $500 Alice needs to know that Bob cannot increase the agreed price in Alice’s message Bob needs to know that Alice cannot renege on previous commitment

25 More on AuthenticationCS-4513 D-term 200825 Solution – Digital Signatures Alice encrypts message in her private key  Bob knows it is from Alice Alice re-encrypts the result in Bob’s public key  no one else can read the message

26 More on AuthenticationCS-4513 D-term 200826 Solution – Digital Signatures (continued) Bob receives message, descrypts with his private key Bob sees that result is from Alice, descripts with her public key

27 More on AuthenticationCS-4513 D-term 200827 Digital Signature Many variations Used to authenticate important messages E.g., software update messages from Microsoft Used to protect messages from change Message may be in the clear with appended signature

28 More on AuthenticationCS-4513 D-term 200828 Questions

Download ppt "More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System."

Similar presentations

AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.

Efficient Kerberized Multicast Olga Kornievskaia University of Michigan Giovanni Di Crescenzo Telcordia Technologies.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
CSC 474 Information Systems Security

CSC 474 Information Systems Security
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:
Authentication & Kerberos

Authentication & Kerberos
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.

1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.

 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

Similar presentations

Ads by Google