Presentation is loading. Please wait.

Presentation is loading. Please wait.

NTP Header and Extension Fields Message DigestKey IDCompute Hash Message DigestCompare Message Authenticator Code (MAC) Figure 1 Message Authentication.

Published byChristiana Bennett Modified over 9 years ago

Similar presentations

Presentation on theme: "NTP Header and Extension Fields Message DigestKey IDCompute Hash Message DigestCompare Message Authenticator Code (MAC) Figure 1 Message Authentication."— Presentation transcript:

1 NTP Header and Extension Fields Message DigestKey IDCompute Hash Message DigestCompare Message Authenticator Code (MAC) Figure 1 Message Authentication

2 Source Address Key ID Dest Address Cookie Figure 2 NTPv4 Autokey

3 Session Key ID List Source Address Next Key ID Dest Address Compute Hash Final Key ID Final Index Index n Index n + 1 Key IDCookie Compute Signature Signature Figure 3 Consgtructing the Key List

4 Session Key ID List NTP Header and Extension Fields Message Authenticator Code (MAC) Key IDCompute Hash Figure 4 Transmittinig Messages

5 Alice Denise Alice Carol Brenda Alice Alice* Subject Group KeyIssuer Alice Alice* Carol Carol* Alice Alice* Brenda Alice Eileen Carol Carol* Brenda Denise Eileen Brenda Denise Carol Eileen Carol Alice Carol* AliceBrendaDeniseEileen Group KeyCertificate 1 3 1 3 11 33 3 1 2 4 22 2 44 Stratum 1Stratum 2 Stratum 3 s s s = step * = trusted Figure 5 NTP Secure Groups

6 A S B X ZY R C D 2 Stratum 1 3 4 Figure 6 Hierarchical Overlapping Groups

7 Carol Denise Alice Carol Brenda Alice Alice* Alice Alice* Carol Carol* Alice Alice* Brenda Alice Eileen Carol Carol* Brenda Denise Eileen Brenda Denise Carol Eileen Carol Carol* AliceBrendaDeniseEileen 1 3 1 3 11 33 3 1 2 4 22 2 44 Stratum 1Stratum 2 Stratum 3 s Carol Figure 7 Multiple Overlapping Groups Subject Group KeyIssuer Group KeyCertificate s s s = step * = trusted

8 ClientServer Verify response and signature Challenge Response Challenge Request Send response and signature Compute nonce1 and send Compute nonce2 and response Figure 8 Autokey Exchange

9 Digest/Signature NIDIdentClient 01624 Host 2831 Figure 9 Status Word

10 StratPollLIModeVN Root Delay Root Dispersion Reference Identifier Reference Timestamp (64) Originate Timestamp (64) Receive Timestamp (64) Transmit Timestamp (64) Message Digest (128) Key/Algorithm Identifier Cryptosum Authenticator (Optional) Extension Field 1 (optional) Extension Field 2… (optional) Prec Figure 10 NTP Header Format

11 Padding (as needed) CodeLength Association ID Value Signature Length Signature Timestamp Filestamp Value Length Value Fields (optional) Figure 11 Extension Field Format ER VN

12 Trusted Authority Certificate Server Certificate Client Certificate Secure Figure 12 Private Certificate (PC) Identity Scheme

13 Host Subject Signature Issuer Host Subject Signature Issuer Trusted Host Subject Signature Subject … Figure 13 Trusted Certificate (TC) Identity Scheme

14 Trusted Authority Parameters Group Key Client Key Server Parameters Client Parameters Client Key SecureInsecure Response Challenge Group Key Figure 14 Schnorr (IFF) Identity Scheme

15 Trusted Authority Parameters Group Key Server Parameters Server Key Client Parameters Client Key Secure Response Challenge Group Key Figure 15 Guillou-Quisquater (GQ) Identity Scheme

16 Trusted Authority Parameters Group Key Server Key Client Key Server Parameters Server Key Client Parameters Client Key Secure Response Challenge Figure 16 Mu-Varadharajan (MV) Identity Scheme

17 NTP Header and Extension Fields Message DigestKey IDCompute Hash Message DigestCompare Message Authenticator Code (MAC)

18 Client Address Cookie Server Address Compute Hash Cookie Private Value Key ID (0) Compute Signature Signature and Timestamp

19 Session Key ID List Source Address Next Key ID Dest Address Compute Hash Final Key ID Final Index Index n Index n + 1 Key IDCookie Compute Signature Signature

20 Session Key ID List NTP Header and Extension Fields Message Authenticator Code (MAC) Key IDCompute Hash

Download ppt "NTP Header and Extension Fields Message DigestKey IDCompute Hash Message DigestCompare Message Authenticator Code (MAC) Figure 1 Message Authentication."

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
NETWORK SECURITY.

NETWORK SECURITY.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Sir John Tenniel; Alice’s Adventures in Wonderland,Lewis Carroll 12-Jan-151 NTP Security Model David L. Mills University of Delaware

Sir John Tenniel; Alice’s Adventures in Wonderland,Lewis Carroll 12-Jan-151 NTP Security Model David L. Mills University of Delaware
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.

Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Page # Advanced Telecommunications/Information Distribution Research Program (ATIRP) Authentication Scheme for Distributed, Ubiquitous, Real-Time Protocols.

Page # Advanced Telecommunications/Information Distribution Research Program (ATIRP) Authentication Scheme for Distributed, Ubiquitous, Real-Time Protocols.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Similar presentations

Ads by Google