Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Kerberos – Private Key System Ahmad Ibrahim. History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as.

Published byMarvin Bishop Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Kerberos – Private Key System Ahmad Ibrahim. History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as."— Presentation transcript:

1 1 Kerberos – Private Key System Ahmad Ibrahim

2 History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as open source or supported commercial software CS 5204 – Fall, 2009 2 Combination of topics covered previously in class

3 What do we want to do? Want to be able to access all resources from anywhere on the network. Don't want to be entering password to authenticate for each access to a network service.  Time consuming  Insecure CS 5204 – Fall, 2009 3

4 Ingredients Confidentiality CS 5204 – Fall, 2009 4 Integrity Authentication Authorization

5 Review: Cryptology Cryptology is the study of mathematical techniques related to aspects of information security such as confidentiality, data integrity, authentication, and non-repudiation CS 5204 – Fall, 2009 5

6 Review: Cryptology (cont) CS 5204 – Fall, 2009 6 Private Key Mechanism  A single secret key (Y) is used for both encryption and decryption by the parties  Symmetric Algorithm M D Y (C) E Y (M) M

7 Review: Authentication Authentication is a mechanism that verifies a claim of identity Various systems provide means to reliably authenticate  Difficult to reproduce artifact; digital signatures  Shared secret; symmetric key systems  Electronic signature; private key infrastructure CS 5204 – Fall, 2009 7 Needham-Schroeder with Denning-Sacco modification

8 Review: Authorization Authorization is the process of giving individuals access to system objects based on their identity CS 5204 – Fall, 2009 8

9 Putting it all together CS 5204 – Fall, 2009 9 User's passwords are never sent across the network Secret keys are only passed across the network in encrypted form Client and server systems mutually authenticate It limits the duration of their users’ authentication Authentications are reusable and durable

10 Kerberos Terminology Realm: Kerberos “site” Process: client Principle: basic entity: user, service, host  Associated with a key Instance: optional additional identifier to make associated principles unique within a realm Verifier: application server Authenticator: encrypted data structure that confirms identity Ticket: a block of data sent to a service containing a user id, server id, and timestamp and time-to-live, encrypted with secret key CS 5204 – Fall, 2009 10

11 Kerberos Structure CS 5204 – Fall, 2009 11 Requirements: each user has a private password known only to the user a user’s secret key can be computed by a one-way function from the user’s password the Kerberos server knows the secret key of each user and the tgs each server has a secret key know by itself and tgs User (U) Kerberos Server (K) Application Server (S) Ticket Granting Server (tgs) user secret key database server secret key database Client (C) ***** password u u* tgs s s*

12 Key Distribution Center (KDC) CS 5204 – Fall, 2009 12 Client (C) User (U) Kerberos Server (K) Application Server (S) Ticket Granting Server (tgs) user secret key database server secret key database authentication authorization

13 Ticket Encrypted certificate issued by KDC  name of the principle (C)  name of server (S)  random session key( K C,S )  expiration time (lifetime)  timestamp CS 5204 – Fall, 2009 13 Ticket Structure: E K(s) {C, S, K C,S, timestamp, lifetime}

14 Kerberos Protocol Simplified Client to Authentication Server  Authentication request Authentication to Server  Reply with ticket and session key Client to Verifier  User authenticates to verifier  Communicates with session key Verifier to Client  Optional, mutual authentication CS 5204 – Fall, 2009 14

15 Protocol Overview CS 5204 – Fall, 2009 15 Kerberos Server (K) Ticket Granting Server (tgs) Client (C) Server 2. T u,tgs 1. U: user id 3. (T u,tgs, S) 4. T C,S 5. (T C,S, request) ( 6. T' ) User (U)

16 Kerberos: Phase 1 CS 5204 – Fall, 2009 16 1. The user logs on to the client and the client asks for credentials for the user from Kerberos U ­­> C : U (user id) C ­­> K: (U, tgs) 2. Kerberos constructs a ticket for U and tgs and a credential for the user and returns them to the client T u,tgs = E K(tgs) { U, tgs, K u,tgs, ts, lt} K ­­> C: E K(u) {T u,tgs, K u,tgs, ts, lt} The client obtains the user's password, P, and computes: K'(u) = f(P) The user is authenticated to the client if and only if K'(u) decrypts the credential.

17 Kerberos: Phase 2 3. The client constructs an “authenticator” for user U and requests from TGS a ticket for server, S: A U = E K(u,tgs) {C, ts } C ­­> TGS : (S, T u,tgs, A U ) 4. The ticket granting server authenticates the request as coming from C and constructs a ticket with which C may use S: T c,s = E K(s) { C, S, K c,s, ts, lt} TGS ­­> C: E K(u,tgs) {T c,s, K c,s, ts, lt } CS 5204 – Fall, 2009 17

18 Kerberos: Phase 3 CS 5204 – Fall, 2009 18 5. The client builds an “authenticator” and send it together with the ticket for the server to S: A c = E K(c,s) { C, ts } C ­­> S : (T c,s, A c ) 6. The server (optionally) authenticates itself to the client by replying: S ­­> C: E K(c,s) {ts + 1 }

19 Final Product CS 5204 – Fall, 2009 19

20 Limitations Every network service must be individually modified for use with Kerberos Doesn't work well in time sharing environment Requires a secure Kerberos Server Requires a continuously available Kerberos Server Stores all passwords encrypted with a single key Assumes workstations are secure May result in cascading loss of trust Scalability CS 5204 – Fall, 2009 20

21 Further Reading RFC 1510 Kerberos web site http://web.mit.edu/kerberos/www http://web.mit.edu/kerberos/www O'Reilly Kerberos The Definitive Guide by Jason Garman Video on Kerberos from Oslo University College Video on Kerberos CS 5204 – Fall, 2009 21

22 Questions ? CS 5204 – Fall, 2009 22

Download ppt "1 Kerberos – Private Key System Ahmad Ibrahim. History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as."

Similar presentations

AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
CS5204 – Operating Systems 1 A Private Key System KERBEROS.

CS5204 – Operating Systems 1 A Private Key System KERBEROS.
A less formal view of the Kerberos protocol J.-F. Pâris.

A less formal view of the Kerberos protocol J.-F. Pâris.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
KERBEROS LtCdr Samit Mehra (05IT 6018).

KERBEROS LtCdr Samit Mehra (05IT 6018).
Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.

Windows 2000 Security --Kerberos COSC513 Project Sihua Xu June 13, 2014.
NETWORK SECURITY.

NETWORK SECURITY.
KERBEROS www.unix.org.ua/orelly/networking/puis/ch19_06.htm.

KERBEROS
IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.

IT 221: Introduction to Information Security Principles Lecture 8:Authentication Applications For Educational Purposes Only Revised: October 20, 2002.
Authentication Applications The Kerberos Protocol Standard

Authentication Applications The Kerberos Protocol Standard
SCSC 455 Computer Security

SCSC 455 Computer Security
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.

1 Distributed Computer Security: Authentication and Key Distribution Vijay Jain CSc 8320, Spring 2007.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google