Authentication Applications Kerberos And X 509 Kerberos Motivation
Authentication Applications Kerberos And X. 509
Kerberos • Motivation – – Secure against eavesdropping Reliable – distributed architecture Transparent – almost invisible to user Scalable – to many users and servers • Two versions – Version 4 – basic ideas – Version 5 – fixes and more variety of algorithms
Kerberos Version 4 • Protocol is complex – so – Simplified approach • Client asks authentication server for ticket • AS grants ticket • Client sends ticket to server – Weaknesses • Big load on AS (Provide secondary ticket-granting servers) • Repeated password entry (Password to AS seldom, tickets from TGS when needed, based on AS authentication)
Strategies and Countermoves • What opponents of 4 can do – Wait for long-lived ticket-granting tickets and then reuse – Capture service-granting tickets and then use remaining time • Antitheft of ticket-granting tickets – AS provides both client with a secret, securely – Done by sending a session key • This procedure also makes service-granting tickets reusable
Kerberos Organization • Called a realm, it includes: – Kerberos server, which includes: • UID and hashed password for each user • Shared secret key with each user – Kerberos server includes both AS and TGS • Inter-realm issues – Kerberos servers in each realm are registered with each other (share a secret key) – TGS in server realm issues tickets to client on other realm
Version 5 • Avoids DES suspicion by specifying algorithm and key length • Avoids IP dependence by specifying net address type and length • Allows specifying message byte ordering • Tickets contain start and end time • Authentication forwarding – server can forward authentication to another server • Inter-realm authentication
Version 5 – Continued • Avoids double encryptions • Avoids PCBC (vulnerable to a cipher block exchange attack) • Session and subsession keys • Preauthentication – makes password attacks more difficult (but not impossible)
X. 509 Service • Uses public-key certificates from a CA (certification authority) – Kerberos uses privately distributed keys • Obtaining certificate requires access to public key of a CA • X. 509 service is free-form hierarchical – does this by using forward and reverse certificates • Also provides for certificate revocation – Each CA contains a list of revoked but still in-date keys
X. 509 Service (Continued) • Authentication procedures – One-way • Single transfer of information from user to user – Two-way • Authenticates each to the other – Three-way • Detects replay attacks using nonces (rather than clock synchronization) • New versions – more of the same
- Slides: 9