"When you have crossed the river and have advanced a little further, some aged women weaving at the loom will beg you to lend a hand for a short
|
|
- Kevin Abraham Preston
- 6 years ago
- Views:
Transcription
1 KERBEROS: the fierce watchdog of Haides, depicted as a three headed dog with a serpent's tail, a mane of snakes, and a lion's claws. "And before them a dreaded hound, on watch, who has no pity, but a vile stratagem: as people go in he fawns on all, with actions of his tail and both ears, but he will not let them go back out, but lies in wait for them and eats them up, when he catches any going back through the gates." Theogony
2 "Herakles asked Pluto for Kerberos, and was told to take the hound if he could overpower it without using any of the weapons he had brought with him. He found Kerberos at the gates of Akheron, and there, pressed inside his armour and totally covered by the lion's skin, he threw his arms round its head and hung on, despite bites from the serpent tail, until he convinced the beast with his choke hold. Then, with it in tow, he made his ascent through Troizen. After showing Kerberos to Eurystheus, he took it back to Hades' realm." Apollodorus
3 "When you have crossed the river and have advanced a little further, some aged women weaving at the loom will beg you to lend a hand for a short time. But you are not permitted to touch that either, for all these and many other distractions are part of the ambush which Venus will set to induce you to release one of the cakes from your hands. Do not imagine that the loss of a mere barley cake is a trivial matter, for if you relinquish either of them, the daylight of this world above will be totally denied you. Posted there is a massive hound with a huge, triple formed head. This monstrous, fearsome brute confronts the dead with thunderous barking, though his menaces are futile since he can do them no harm. He keeps constant guard before the very threshold and the dark hall of Proserpina, protecting that deserted abode of Dis. You must disarm him by offering him a cake as his spoils. Then you can easily pass him, and gain immediate access to Proserpina herself When you have obtained what she gives you, you must make your way back, using the remaining cake to neutralize the dog s savagery.
4 (Modern Times) Distributed authentication service Allows a process (a client) running on behalf of a principal (a user) to prove its identity to a verifier (an application server, or just server) without sending data across the network that might allow an attacker or the verifier to subsequently impersonate the principal. Optionally provides integrity and confidentiality for data sent between the client and server. Uses 3 DES in CBC for encryption. Developed in the mid '80s as part of MIT's Project Athena. As its use spread to other environments, changes were needed to support new policies and patterns of use. To address these needs, design of Version 5 of Kerberos began in Though V4 still runs at many sites, V5 is considered to be standard Kerberos.
5 Project Athena: Developed at MIT with cooperation of IBM Creates a distrbuted campus wide computing environment Still in use makes a computer a thin client that downloads applications from servers as needed Started in 1983 Based on the Needham Schroeder protocol Resulted in: kerberos X windows Influenced: Active Directory a directory service LDAP maintains distributed directory services Instant Messaging
6 Built upon the assumption that the network is "unsafe". Example: data sent over the network can be eavesdropped and altered, and addresses can also be faked. Therefore they cannot be used for authentication purposes. Trusted third party service: the kerberos server is trusted by all the entities on the network (users and services, usually called principals). Kerberos cannot be used to connect to unknown or untrusted servers, say in the cloud. All principals share a secret password (or key) with the kerberos server and this enables principals to verify that the messages from the kerberos server are authentic. Thus trusting the kerberos server, users and services can authenticate each other.
7 C Client V Server C addr address of client Kerberos K C Secret Key of client known to Authenticating Server K V Secret Key of server known to Authenticating Server K C,V Session Key for secure client/server communication T C,V Ticket issued for client to send to server contains: session key, timestamp, lifetime, client address The Client's secret key is a function of the Client's password e.g. a hash of the password The Server's secret key is chosen randomly
8 Principals use tickets to prove that they are who they claim to be. Example: Client C wishes to use service V. Authentication Server (AS) (AS) Client (C) (C) Server (V) (V) 1. C sends a ticket request to the Authentication Server AS 2. T C,V = K C,V, time, lifetime, C addr To C: K C {K V {T C,V }, V, time, K C,V, lifetime}
9 Authentication Authentication Server (AS) Server (AS) Client (C) Client (C) Server (V) Server (V) Before sending a message to V, C creates an authenticator consisting of C's name, C's address, the current time, and a "nonce" chosen by C, all encrypted with the secret session key K C,V {C, C addr, time, nonce}. Authenticator is sent together with ticket T C,V to V. V decrypts the ticket using V's secret key. V gets the session key from the ticket. V uses the session key to decrypt the authenticator. V compares the contents of the ticket with that of the authenticator. V compares the timestamp and nonce to prevent a replay attack. If everything matches, V considers C to be properly authenticated
10 Authentication Authentication Server (AS) Server (AS) Client (C) Client (C) 4. Mutual Authentication (Optional) 4. Server (V) Server (V) Server extracts C's time from the authenticator of step 3. Server returns time to C encrypted with session key: K C,V {time} (the Server V was able to decrypt the authenticator so if the Kerberos Authentication Server is OK, the Server V must be OK since its secret key was used to decrypt the authenticator)
11 Obtaining additional tickets: Protocol allows client with knowledge of user's password to obtain ticket and session key for, and to prove its identity to any server registered with the authentication server.
12 Obtaining additional tickets: Protocol allows client with knowledge of user's password to obtain ticket and session key for, and to prove its identity to any server registered with the authentication server. Should the user's password be presented each time the user performs authentication with a new server????.
13 Obtaining additional tickets: Protocol allows client with knowledge of user's password to obtain ticket and session key for, and to prove its identity to any server registered with the authentication server. Should the user's password be presented each time the user performs authentication with a new server????. Cumbersome: instead, system should support single sign on, where the user logs in to the system once, providing the password at that time, and with subsequent authentication occurring automatically.
14 Obtaining additional tickets: Protocol allows client with knowledge of user's password to obtain ticket and session key for, and to prove its identity to any server registered with the authentication server. Should the user's password be presented each time the user performs authentication with a new server????. Cumbersome: instead, system should support single sign on, where the user logs in to the system once, providing the password at that time, and with subsequent authentication occurring automatically. Obvious way to support this: cache user's password on the workstation (dangerous) ticket and key valid for short time. But user's password can be used to obtain tickets, and to impersonate the user until the password is changed.
15 Obtaining additional tickets: Better approach: cache only tickets and encryption keys (collectively called credentials) that will work for a limited period (typically on the order of 8 hours).
16 Obtaining additional tickets: Better approach: cache only tickets and encryption keys (collectively called credentials) that will work for a limited period (typically on the order of 8 hours). This is how Kerberos does it.
17 Obtaining additional tickets: Better approach: cache only tickets and encryption keys (collectively called credentials) that will work for a limited period (typically on the order of 8 hours). This is how Kerberos does it. When a user first logs in, an authentication request is issued and a ticket and session key for the ticket granting service is returned by the authentication server.
18 Obtaining additional tickets: Better approach: cache only tickets and encryption keys (collectively called credentials) that will work for a limited period (typically on the order of 8 hours). This is how Kerberos does it. When a user first logs in, an authentication request is issued and a ticket and session key for the ticket granting service is returned by the authentication server. This ticket, called a ticket granting ticket, has a relatively short life (8 hours). The response is decrypted, the ticket and session key are saved, and the user's password is forgotten.
19 Obtaining additional tickets: Subsequently, when a user wishes to prove its identity to a new server, a new ticket is requested from the Authentication Server using the ticket granting exchange.
20 Obtaining additional tickets: Subsequently, when a user wishes to prove its identity to a new server, a new ticket is requested from the Authentication Server using the ticket granting exchange. The ticket granting exchange is identical to the authentication exchange except that the ticket granting request has embedded within it an application request, authenticating the client to the authentication server, and the ticket granting response is encrypted using the session key from the ticket granting ticket, rather than the user's password.
21 Authentication Server (AS) (AS) Ticket Granting Server (TGS) Client (C) (C) Server (V) (V) 1. [C, TGS, time, nonce] 1 and 2. Only on first login 2. [K C {K C,TGS, TGS, time, nonce}, K TGS {C, K C,TGS }] 3. [K C,TGS {C, C addr, time, nonce}, K TGS {C, K C,TGS }, V, time, nonce] 4. [K C,TGS {K C,V, V, time, nonce}, K V {C, K C,V }] 5. [K C,V {C, C addr, time, nonce}, K V {C, K C,V }] 6. [K C,V {time+1}] (optional for mutual authentication) Green text is Authenticator
22 Assume interorganizational communication Users will not be registered with same Authentication Server Realm: Authentication Server with registered users Cross Realm Authentication: a principal of one realm proves its identity to an Authentication Server of another realm Client gets cross realm ticket to another TGS:
23 ASV TSV ASV TSV ASV TSV ASC TSC ASV TSV 1. Request for ticket to V addr C V
24 ASV TSV ASV TSV ASV TSV 2. Is V addr in your domain? ASC TSC ASV TSV C V
25 ASV TSV 3. Is V addr in your domain? ASV TSV ASV TSV ASC TSC ASV TSV C V
26 ASV TSV 4. Looking for V addr Auth. Server ASV TSV ASV TSV ASC TSC ASV TSV C V
27 ASV TSV ASV TSV ASV TSV 5. Looking for V addr Auth. Server ASC TSC ASV TSV C V
28 ASV TSV ASV TSV ASV TSV 6. Send a session key for TSv ASC TSC ASV TSV C V
29 ...
30 ASV TSV ASV TSV ASV TSV 9. Send a session key for TSv ASC TSC ASV TSV C V
31 ASV TSV ASV TSV ASV TSV ASC TSC ASV TSV 10. Send a session key for TSv C V
32 ASV TSV ASV TSV ASV TSV ASC TSC ASV TSV 11. Request ticket to V from TSv C V
33 Limitations: Kerberos Kerberos must be integrated with other parts of the system.
34 Limitations: Kerberos Kerberos must be integrated with other parts of the system. Does not protect all messages sent between two computers: only protects the messages from software that has been written or modified to use it.
35 Limitations: Kerberos Kerberos must be integrated with other parts of the system. Does not protect all messages sent between two computers: only protects the messages from software that has been written or modified to use it. While it may be used to exchange encryption keys when establishing link encryption (encryption/decryption on each communication line) and network level security services, this would require changes to the network software of the hosts involved.
36 Limitations: Kerberos Kerberos must be integrated with other parts of the system. Does not protect all messages sent between two computers: only protects the messages from software that has been written or modified to use it. While it may be used to exchange encryption keys when establishing link encryption (encryption/decryption on each communication line) and network level security services, this would require changes to the network software of the hosts involved. Kerberos does not itself provide authorization, but V5 Kerberos passes authorization information generated by other services. In this manner, Kerberos can be used as a base for building separate distributed authorization services
37 Attacks: Password Guessing Not effective against password guessing attacks: If a user chooses a poor password, then an attacker guessing that password can impersonate the user.
38 Attacks: Password Guessing Not effective against password guessing attacks: If a user chooses a poor password, then an attacker guessing that password can impersonate the user. Post Password Theft Kerberos requires a trusted path through which passwords are entered. If the user enters a password to a program that has already been modified by an attacker (a Trojan horse), or if the path between the user and the initial authentication program can be monitored, then an attacker may obtain sufficient information to impersonate the user.
39 Attacks: Impersonating C An impostor, I, could steal the authenticator and the ticket as it is transmitted across the network, and use them to impersonate C. The address in the ticket and the authenticator was added to make it more difficult to perform this attack. To succeed I will have to either use the same machine as C or fake the source addresses of the packets. By including the time stamp in the authenticator, I does not have much time in which to mount the attack.
40 Attacks: Impersonating C An impostor, I, could steal the authenticator and the ticket as it is transmitted across the network, and use them to impersonate C. The address in the ticket and the authenticator was added to make it more difficult to perform this attack. To succeed I will have to either use the same machine as C or fake the source addresses of the packets. By including the time stamp in the authenticator, I does not have much time in which to mount the attack. Impersonating V I can masquerade V's network address, and when C sends its credentials, I just pretends to verify them. C can't be sure that it is talking to I.
41 Defenses: Replay Cache (in Kerberos v.5) Save the authenticators sent during the last few minutes, so that V can detect when someone is trying to retransmit an already used message. Somewhat impractical (mostly regarding efficiency).
42 Defenses: Replay Cache (in Kerberos v.5) Save the authenticators sent during the last few minutes, so that V can detect when someone is trying to retransmit an already used message. Somewhat impractical (mostly regarding efficiency). Mutual Authentication To authenticate V, C requests V send something back that proves V has access to the session key. Example: checksum that C sent as part of authenticator plus 1.
43 Defenses: Replay Cache (in Kerberos v.5) Save the authenticators sent during the last few minutes, so that V can detect when someone is trying to retransmit an already used message. Somewhat impractical (mostly regarding efficiency). Mutual Authentication To authenticate V, C requests V send something back that proves V has access to the session key. Example: checksum that C sent as part of authenticator plus 1. Message Integrity and Confidentiality Session key used to add cryptographic checksums to the messages sent between C and V. Encryption can also be added. This is probably the best approach in all cases.
CSCI 667: Concepts of Computer Security. Lecture 9. Prof. Adwait Nadkarni
CSCI 667: Concepts of Computer Security Lecture 9 Prof. Adwait Nadkarni 1 Derived from slides by William Enck, Micah Sherr, Patrick McDaniel, Peng Ning, and Vitaly Shmatikov Authentication Alice? Bob?
More informationCIS 6930/4930 Computer and Network Security. Topic 7. Trusted Intermediaries
CIS 6930/4930 Computer and Network Security Topic 7. Trusted Intermediaries 1 Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC) Representative
More informationAuthentication in real world: Kerberos, SSH and SSL. Zheng Ma Apr 19, 2005
Authentication in real world: Kerberos, SSH and SSL Zheng Ma Apr 19, 2005 Where are we? After learning all the foundation of modern cryptography, we are ready to see some real world applications based
More informationAuthentication Handshakes
AIT 682: Network and Systems Security Topic 6.2 Authentication Protocols Instructor: Dr. Kun Sun Authentication Handshakes Secure communication almost always includes an initial authentication handshake.
More informationSecurity Handshake Pitfalls
Hello Challenge R f(k, R f(k, R Problems: 1. Authentication is not mutual only authenticates Anyone can send the challenge R. f(k, R Problems: 1. Authentication is not mutual only authenticates Anyone
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 3.3: Security Handshake Pitfalls CSC 474/574 Dr. Peng Ning 1 Authentication Handshakes Secure communication almost always includes an initial authentication
More informationCIS 6930/4930 Computer and Network Security. Topic 6.2 Authentication Protocols
CIS 6930/4930 Computer and Network Security Topic 6.2 Authentication Protocols 1 Authentication Handshakes Secure communication almost always includes an initial authentication handshake. Authenticate
More information0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple
More informationIntroduction. Trusted Intermediaries. CSC/ECE 574 Computer and Network Security. Outline. CSC/ECE 574 Computer and Network Security.
Trusted Intermediaries CSC/ECE 574 Computer and Network Security Topic 7. Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center () Representative solution:
More informationKey distribution and certification
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must be ensured. Problem solution: Certification Authority
More information13/10/2013. Kerberos. Key distribution and certification. The Kerberos protocol was developed at MIT in the 1980.
Key distribution and certification Kerberos In the case of public key encryption model the authenticity of the public key of each partner in the communication must be ensured. Problem solution: Certification
More informationSecurity Handshake Pitfalls
Security Handshake Pitfalls Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr 1 Cryptographic Authentication Password authentication is subject to eavesdropping Alternative: Cryptographic challenge-response
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Authentication Applications We cannot enter into alliance with neighbouring princes until
More informationTrusted Intermediaries
AIT 682: Network and Systems Security Topic 7. Trusted Intermediaries Instructor: Dr. Kun Sun Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC)
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 7. Trusted Intermediaries Instructor: Dr. Kun Sun Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC)
More informationCPSC 467b: Cryptography and Computer Security
CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 24 April 16, 2012 CPSC 467b, Lecture 24 1/33 Kerberos Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management
More informationSecurity Handshake Pitfalls
Cryptographic Authentication Security Handshake Pitfalls Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr Password authentication is subject to eavesdropping Alternative: Cryptographic challenge-response
More informationSecurity Handshake Pitfalls
Security Handshake Pitfalls 1 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: Authenticate each other Establish sessions keys This process may
More informationAcknowledgments. CSE565: Computer Security Lectures 16 & 17 Authentication & Applications
CSE565: Computer Security Lectures 16 & 17 Authentication & Applications Shambhu Upadhyaya Computer Science & Eng. University at Buffalo Buffalo, New York 14260 Lec 16.1 Acknowledgments Material for some
More informationCryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 38 A Tutorial on Network Protocols
More informationIn any of these cases, an unauthorized user may be able to gain access to services and data that he or she is not authorized to access.
e-pgpathshala Subject: Computer Science Paper: Cryptography and Network Security Module: Authentication Application Kerberos Module No: CS/CNS/31 Quadrant 1 e-text Learning Objectives To introduce authentication
More informationSecurity and Privacy in Computer Systems. Lecture 7 The Kerberos authentication system. Security policy, security models, trust Access control models
CS 645 Security and Privacy in Computer Systems Lecture 7 The Kerberos authentication system Last Week Security policy, security models, trust Access control models The Bell-La Padula (BLP) model The Biba
More informationIssues. Separation of. Distributed system security. Security services. Security policies. Security mechanism
Module 9 - Security Issues Separation of Security policies Precise definition of which entities in the system can take what actions Security mechanism Means of enforcing that policy Distributed system
More informationAUTHENTICATION APPLICATION
AUTHENTICATION APPLICATION WHAT IS KERBEROS? Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography.
More informationLecture 1: Course Introduction
Lecture 1: Course Introduction Thomas Johansson T. Johansson (Lund University) 1 / 37 Chapter 9: Symmetric Key Distribution To understand the problems associated with managing and distributing secret keys.
More informationSecurity issues in Distributed Systems
Security issues in Distributed Systems Is Kerberos the Answer? Types of Distributed Systems There are many different types of distributed computing systems and many challenges to overcome in successfully
More informationKerberos Introduction. Jim Binkley-
Kerberos Introduction Jim Binkley- jrb@cs.pdx.edu 1 outline intro to Kerberos (bark, bark) protocols Needham Schroeder K4 K5 miscellaneous issues conclusion 2 Kerberos history Kerberos came from MIT part
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationAuthentication & Authorization
Authentication & Authorization Anuj Gupta 1, 1 M.Tech Scholar, Department of C.F.I.S, G.I.T.A.M, Kablana, Jhajjar Ashish Kumar Sharma 2 2 Assistant Professor, Department of C.F.I.S & C.S.E, G.I.T.A.M,
More informationThe Kerberos Authentication System Course Outline
The Kerberos Authentication System Course Outline Technical Underpinnings - authentication based on key sharing - Needham-Schroeder protocol - Denning and Sacco protocol Kerbeors V - Login and client-server
More informationProtocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh
Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols
More informationCHAPTER 3. ENHANCED KERBEROS SECURITY: An application of the proposed system
CHAPTER 3 ENHANCED KERBEROS SECURITY: An application of the proposed system 3.1 Introduction Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server
More informationNetwork Security CHAPTER 31. Solutions to Review Questions and Exercises. Review Questions
CHAPTER 3 Network Security Solutions to Review Questions and Exercises Review Questions. A nonce is a large random number that is used only once to help distinguish a fresh authentication request from
More information6. Security Handshake Pitfalls Contents
Contents 1 / 45 6.1 Introduction 6.2 Log-in Only 6.3 Mutual Authentication 6.4 Integrity/Encryption of Data 6.5 Mediated Authentication (with KDC) 6.6 Bellovin-Merrit 6.7 Network Log-in and Password Guessing
More informationCSCE 813 Internet Security Kerberos
CSCE 813 Internet Security Kerberos Professor Lisa Luo Fall 2017 What is Kerberos? An authentication server system from MIT; versions 4 and 5 Provide authentication for a user that works on a workstation
More informationCryptographic Checksums
Cryptographic Checksums Mathematical function to generate a set of k bits from a set of n bits (where k n). k is smaller then n except in unusual circumstances Example: ASCII parity bit ASCII has 7 bits;
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationBACHELOR THESIS CAPABILITY OF KERBEROS MATTHIJS MEKKING
BACHELOR THESIS CAPABILITY OF KERBEROS MATTHIJS MEKKING JUNE 2006 Contents 1 Introduction 5 1.1 Outline.................................. 5 2 The Kerberos Protocol 7 2.1 Term definitions.............................
More informationSecurity: Focus of Control. Authentication
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationChapter 9: Key Management
Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #9-1 Overview Key exchange Session vs. interchange
More informationOverview of Kerberos(I)
Overview of Kerberos(I) Network Authentication Protocol for C/S application based on symmetric cryptosystem TTP authentication service Based on secret key, single login Part of MIT's project Athena (public
More informationCryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1
Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography CS555 Spring 2012/Topic 16 1 Outline and Readings Outline Private key management between two parties Key management
More informationThis chapter examines some of the authentication functions that have been developed to support network-based use authentication.
1 This chapter examines some of the authentication functions that have been developed to support network-based use authentication. In most computer security contexts, user authentication is the fundamental
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationRadius, LDAP, Radius, Kerberos used in Authenticating Users
CSCD 303 Lecture 5 Fall 2018 Radius, LDAP, Radius, Kerberos used in Authenticating Users Kerberos Authentication and Authorization Previously Said that identification, authentication and authorization
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationThe Kerberos Authentication Service
The Kerberos Authentication Service By: Cule Stevan ID#: 0047307 SFWR 4C03 April 4, 2005 Last Revision: April 5, 2005 Stevan Cule 0047307 SOFTWARE ENGINEERING 4C03 WINTER 2005 The Kerberos Authentication
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationChapter 4 Authentication Applications
Chapter 4 Authentication Applications Henric Johnson Blekinge Institute of Technology,Sweden http://www.its.bth.se/staff/hjo/ henric.johnson@bth.se Henric Johnson 1 Outline Security Concerns Kerberos X.509
More information(2½ hours) Total Marks: 75
(2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.
More informationSecurity: Focus of Control
Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized
More informationAuthentication, Passwords. Robert H. Sloan
Authentication, Passwords Robert H. Sloan authenticate verb [ trans. ] prove or show (something) to be true or genuine : they were invited to authenticate artifacts from the Italian Renaissance. [ intrans.
More informationNetwork Security (NetSec)
Chair of Network Architectures and Services Department of Informatics Technical University of Munich Network Security (NetSec) IN2101 WS 17/18 Prof. Dr.-Ing. Georg Carle Dr. Heiko Niedermayer Cornelius
More informationKerberos V Security: Replay Attacks
Abstract Kerberos V Security: Replay Attacks Kerberos V is a trusted third-party authentication mechanism designed for TCP/IP networks. It uses strong symmetric cryptography to enable secure authentication
More informationKerberos MIT protocol
Kerberos MIT protocol December 11 th 2009 Amit Shinde Kerberos MIT protocol Motivation behind the design Overview of Kerberos Protocol Kerberized applications Attacks and Security analysis Q & A Motivations
More informationUser Authentication Protocols
User Authentication Protocols Class 5 Stallings: Ch 15 CIS-5370: 26.September.2016 1 Announcement Homework 1 is due today by end of class CIS-5370: 26.September.2016 2 User Authentication The process of
More informationNetwork Security: Kerberos. Tuomas Aura
Network Security: Kerberos Tuomas Aura Kerberos authentication Outline Kerberos in Windows domains 2 Kerberos authentication 3 Kerberos Shared-key protocol for user login authentication Uses passwords
More informationICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification
ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification Hossen Asiful Mustafa Introduction Entity Authentication is a technique designed to let one party prove the identity of another
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2017 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationNetwork Security. Kerberos and other Frameworks for Client Authentication. Dr. Heiko Niedermayer Cornelius Diekmann. Technische Universität München
Network Security Kerberos and other Frameworks for Client Authentication Dr. Heiko Niedermayer Cornelius Diekmann Lehrstuhl für Netzarchitekturen und Netzdienste Institut für Informatik Version: January
More informationCS3235 Seventh set of lecture slides
CS3235 Seventh set of lecture slides Hugh Anderson National University of Singapore School of Computing October, 2007 Hugh Anderson CS3235 Seventh set of lecture slides 1 Warp 9... Outline 1 Public Key
More information10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms
Authentication IT443 Network Security Administration Instructor: Bo Sheng Authentication Mechanisms Key Distribution Center and Certificate Authorities Session Key 1 2 Authentication Authentication is
More information1 Identification protocols
ISA 562: Information Security, Theory and Practice Lecture 4 1 Identification protocols Now that we know how to authenticate messages using MACs, a natural question is, how can we use MACs to prove that
More informationCS Protocol Design. Prof. Clarkson Spring 2017
CS 5430 Protocol Design Prof. Clarkson Spring 2017 Review Cryptography: Encryption, block ciphers, block cipher modes, MACs, cryptographic hash functions, digital signatures, authenticated encryption,
More informationCSC 482/582: Computer Security. Security Protocols
Security Protocols Topics 1. Basic Concepts of Cryptography 2. Security Protocols 3. Authentication Protocols 4. Key Exchange Protocols 5. Kerberos 6. Public Key Infrastructure Encryption and Decryption
More informationISSN: EverScience Publications 149
An Eager Strategy for TGT Generation at Client Side for Kerberos Protocol Deepika Yadav M.Tech Scholar, B.S.Anangpuria Institute of Technology &Management, Faridabad. Dr. A.K.Sharma Dean & Prof., Department
More informationEEC-682/782 Computer Networks I
EEC-682/782 Computer Networks I Lecture 25 Wenbing Zhao wenbingz@gmail.com http://academic.csuohio.edu/zhao_w/teaching/eec682.htm (Lecture nodes are based on materials supplied by Dr. Louise Moser at UCSB
More informationUser Authentication Protocols Week 7
User Authentication Protocols Week 7 CEN-5079: 2.October.2017 1 Announcement Homework 1 is posted on the class webpage Due in 2 weeks 10 points (out of 100) subtracted each late day CEN-5079: 2.October.2017
More informationFrom Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005
Chapter 7: Security From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design Edition 4 Introduction Security policies Provide for the sharing of resources within specified limits
More informationL7: Key Distributions. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806
L7: Key Distributions Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806 9/16/2015 CSCI 451 - Fall 2015 1 Acknowledgement Many slides are from or are
More informationKEY DISTRIBUTION AND USER AUTHENTICATION
KEY DISTRIBUTION AND USER AUTHENTICATION Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman
More informationComputer Security. 10. Exam 2 Review. Paul Krzyzanowski. Rutgers University. Spring 2017
Computer Security 10. Exam 2 Review Paul Krzyzanowski Rutgers University Spring 2017 March 23, 2018 CS 419 2017 Paul Krzyzanowski 1 Question 1(a) Suppose you come across some old text in the form GEPPQ
More informationMITOCW watch?v=qota76ga_fy
MITOCW watch?v=qota76ga_fy The following content is provided under a Creative Commons license. Your support will help MIT OpenCourseWare continue to offer high quality educational resources for free. To
More informationOutline. Login w/ Shared Secret: Variant 1. Login With Shared Secret: Variant 2. Login Only Authentication (One Way) Mutual Authentication
Outline Security Handshake Pitfalls (Chapter 11 & 12.2) Login Only Authentication (One Way) Login i w/ Shared Secret One-way Public Key Lamport s Hash Mutual Authentication Shared Secret Public Keys Timestamps
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationPassword. authentication through passwords
Password authentication through passwords Human beings Short keys; possibly used to generate longer keys Dictionary attack: adversary tries more common keys (easy with a large set of users) Trojan horse
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationNetwork Working Group. C. Neuman ISI September 1993
Network Working Group Request for Comments: 1510 J. Kohl Digital Equipment Corporation C. Neuman ISI September 1993 Status of this Memo The Kerberos Network Authentication Service (V5) This RFC specifies
More informationOverview. Cryptographic key infrastructure Certificates. May 13, 2004 ECS 235 Slide #1. Notation
Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures May
More informationCryptographic Protocols 1
Cryptographic Protocols 1 Luke Anderson luke@lukeanderson.com.au 5 th May 2017 University Of Sydney Overview 1. Crypto-Bulletin 2. Problem with Diffie-Hellman 2.1 Session Hijacking 2.2 Encrypted Key Exchange
More informationComputer Security 4/12/19
Authentication Computer Security 09. Authentication Identification: who are you? Authentication: prove it Authorization: you can do it Paul Krzyzanowski Protocols such as Kerberos combine all three Rutgers
More informationKEY DISTRIBUTION AND USER AUTHENTICATION
PART 2: NETWORK SECURITY APPLICATIONS KEY DISTRIBUTION AND USER AUTHENTICATION 4.1 Symmetric Key Distribution Using Symmetric Encryption 4.2 Kerberos Kerberos Version 4 Kerberos Version 5 4.3 Key Distribution
More informationNetwork Working Group Request for Comments: 4120 Obsoletes: 1510 Category: Standards Track K. Raeburn MIT July 2005
Network Working Group Request for Comments: 4120 Obsoletes: 1510 Category: Standards Track C. Neuman USC-ISI T. Yu S. Hartman K. Raeburn MIT July 2005 Status of This Memo The Kerberos Network Authentication
More informationLecture 9. Authentication & Key Distribution
Lecture 9 Authentication & Key Distribution 1 Where are we now? We know a bit of the following: Conventional (symmetric) cryptography Hash functions and MACs Public key (asymmetric) cryptography Encryption
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2018 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationCS530 Authentication
CS530 Authentication Bill Cheng http://merlot.usc.edu/cs530-s10 1 Identification vs. Authentication Identification associating an identity (or a claimed identity) with an individual, process, or request
More informationLecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall Nitesh Saxena
Lecture 5: Protocols - Authentication and Key Exchange* CS 392/6813: Computer Security Fall 2009 Nitesh Saxena *Adopted from a previous lecture by Gene Tsudik Course Admin HW3 Problem 3 due Friday midnight
More informationCryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology
Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems
More informationKerberos and Active Directory symmetric cryptography in practice COSC412
Kerberos and Active Directory symmetric cryptography in practice COSC412 Learning objectives Understand the function of Kerberos Explain how symmetric cryptography supports the operation of Kerberos Summarise
More informationHow to Integrate an External Authentication Server
How to Integrate an External Authentication Server Required Product Model and Version This article applies to the Barracuda Load Balancer ADC 540 and above, version 5.1 and above, and to all Barracuda
More informationCS Computer Networks 1: Authentication
CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores
More informationIntroduction to Modern Cryptography. Benny Chor
Introduction to Modern Cryptography Benny Chor Identification (User Authentication) Fiat-Shamir Scheme Lecture 12 Tel-Aviv University 4 January 2010 Model and Major Issues Alice wishes to prove to Bob
More informationComputer Networks & Security 2016/2017
Computer Networks & Security 2016/2017 Network Security Protocols (10) Dr. Tanir Ozcelebi Courtesy: Jerry den Hartog Courtesy: Kurose and Ross TU/e Computer Science Security and Embedded Networked Systems
More informationOutline More Security Protocols CS 239 Computer Security February 4, 2004
Outline More Security Protocols CS 239 Computer Security February 4, 2004 Combining key distribution and authentication Verifying security protocols Page 1 Page 2 Combined Key Distribution and Authentication
More informationECE596C: Handout #9. Authentication Using Shared Secrets. Electrical and Computer Engineering, University of Arizona, Loukas Lazos
ECE596C: Handout #9 Authentication Using Shared Secrets Electrical and Computer Engineering, University of Arizona, Loukas Lazos Abstract. In this lecture we introduce the concept of authentication and
More informationCSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L
CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any
More informationDigital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)
Message Authentication Code (MAC) Key-dependent one-way hash function Only someone with a correct key can verify the hash value Easy way to turn one-way hash function into MAC is to encrypt hash value
More informationKerberos: An Authentication Service for Open Network Systems
Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Project Athena Massachusetts Institute of Technology Cambridge, MA 02139 steiner@athena.mit.edu Clifford Neuman Department
More informationDistributed Systems Principles and Paradigms
Distributed Systems Principles and Paradigms Chapter 09 (version April 7, 2008) Maarten van Steen Vrije Universiteit Amsterdam, Faculty of Science Dept. Mathematics and Computer Science Room R4.20. Tel:
More informationOutline More Security Protocols CS 239 Computer Security February 6, 2006
Outline More Security Protocols CS 239 Computer Security February 6, 2006 Combining key distribution and authentication Verifying security protocols Page 1 Page 2 Combined Key Distribution and Authentication
More information