Presentation is loading. Please wait.

Presentation is loading. Please wait.

Kerberos : An Authentication Service for Computer Networks B.Clifford Neuman and Theodore Ts’o IEEE Communication Magazine September 1994 Presented by:

Published byBarbra Goodman Modified over 9 years ago

Similar presentations

Presentation on theme: "Kerberos : An Authentication Service for Computer Networks B.Clifford Neuman and Theodore Ts’o IEEE Communication Magazine September 1994 Presented by:"— Presentation transcript:

1

2 Kerberos : An Authentication Service for Computer Networks B.Clifford Neuman and Theodore Ts’o IEEE Communication Magazine September 1994 Presented by: Jian-jun Dong “When using authentication based on cryptography, an attacker listening to the network gains no infor mation that would enable it to falsely claim another’s identity. Kerberos is an example of this type of authentication technology…”

3 Outline  Introduction  Basic Kerberos authentication protocol  How Kerberos works  Vulnerabilities I see in Kerberos  Conclusion

4 Introduction  In computer networks, data my be exposed to unauthorized access. So it is important to protect data from being accessed by an attacker. Encryption techniques are considered to be the most powerful protection to prevent unauthorized access to data. Kerberos is an example of authentication technology, which based on secret encryption keys.

5 C Customer Client Basic Kerberos authentication protocol  AS: Authentication Server, distributes keys and tickets to Client AS (1) (2) (3) (4) V Services Server  (1)as_req:c,v,time exp, n  (2)as_rep:{Kc,v, v, timeexp,n,…}Kc, {Tc,v}Kv  (3)ap_req:{ts,ck,Ksubsession,…}Kc,v {Tc,v}Kv  (4)ap_rep:{ts}Kc,v (optional)  Client: the entity want certain service from Server  Server: the entity verifies Client’s identity and allow Client to access certain service

6 How Kerberos works Step 1 My name, and the name of the guy I want to know AS Client

7 How Kerberos works (continue) Step 2 AS Client TKT Client’s name, Address, validate time

8 How Kerberos works?(continue) Client TKT Client’s name, Address, validate time What I want Client’s name address Server Step 3

9 How Kerberos works(continue) Client Server server’s name address Step 4

10 Vulnerabilities I See in Kerberos  AS holds too many keys, if he lost some keys or he is sick will result serious problem.  When the client first time sends a box to AS, the box is not locked, if someone steal the key inside, this person will be able to impersonate the client. Question: Have you got any idea to solve these vulnerabilities?

11 Conclusion  This article is a reasonably good tutorial for introducing the basic concept of Kerberos’ protocol.  Kerberos is quite comprehensive, but is not perfect.

Download ppt "Kerberos : An Authentication Service for Computer Networks B.Clifford Neuman and Theodore Ts’o IEEE Communication Magazine September 1994 Presented by:"

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.6 Kerberos.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
A less formal view of the Kerberos protocol J.-F. Pâris.

A less formal view of the Kerberos protocol J.-F. Pâris.
KERBEROS LtCdr Samit Mehra (05IT 6018).

KERBEROS LtCdr Samit Mehra (05IT 6018).
IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.

IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.
Authentication Applications The Kerberos Protocol Standard

Authentication Applications The Kerberos Protocol Standard
SCSC 455 Computer Security

SCSC 455 Computer Security
1 Kerberos Revised: June 21, 2006, Version 2 Team 2 Members John Casarella Dave Fronckowiak Larry Immohr Linda Liu Sandy Westcott.

1 Kerberos Revised: June 21, 2006, Version 2 Team 2 Members John Casarella Dave Fronckowiak Larry Immohr Linda Liu Sandy Westcott.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.

1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Winter 2006Prof. R. Aviv: Kerberos1 Kerberos Authentication Systems.

Winter 2006Prof. R. Aviv: Kerberos1 Kerberos Authentication Systems.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Similar presentations

Ads by Google