Scribd
Upload
89 views

Chapter 4

The document discusses authentication methods used in applications. It covers security concerns like confidentiality and timeliness. It then summarizes Kerberos, an authentication system that uses tickets and encryption to allow clients and servers to verify each other's identities. Kerberos versions 4 and 5 are described. The document also discusses X.509, a standard for digital certificates that uses public key cryptography to authenticate users through a certificate authority hierarchy.

Uploaded by

Anupam Dubey
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
89 views

Chapter 4

The document discusses authentication methods used in applications. It covers security concerns like confidentiality and timeliness. It then summarizes Kerberos, an authentication system that uses tickets and encryption to allow clients and servers to verify each other's identities. Kerberos versions 4 and 5 are described. The document also discusses X.509, a standard for digital certificates that uses public key cryptography to authenticate users through a certificate authority hierarchy.

Uploaded by

Anupam Dubey
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 26

Authentication

Applications
Ola Flygt
Växjö University, Sweden
http://w3.msi.vxu.se/users/ofl/
[email protected]
+46 470 70 86 49
1
Outline

 Security Concerns
 Kerberos
 X.509 Authentication Service

2
Security Concerns
 key concerns are confidentiality and
timeliness
 to provide confidentiality one must encrypt
identification and session key info which
requires the use of previously shared private
or public keys
 need timeliness to prevent replay attacks.
provided by using sequence numbers or
timestamps or challenge/response

3
KERBEROS

In Greek mythology, a many headed dog, the


guardian of the entrance of Hades
4
KERBEROS
 Users wish to access services on
servers.
 Three threats exist:
User pretend to be another user.
User alter the network address of a
workstation.
User eavesdrop on exchanges and use a
replay attack.
5
KERBEROS
 Provides a centralized authentication
server to authenticate users to servers
and servers to users.
 Relies on conventional encryption,
making no use of public-key encryption
 Two versions: version 4 and 5
 Version 4 makes use of DES

6
Kerberos terminology
 Terms:
 C = client
 AS = authentication server
 V = server
 IDc = identifier of user on C
 IDv = identifier of V
 Pc = password of user on C
 ADc = network address of C
 Kv = secret encryption key shared by AS an V
 TS = timestamp
 || = concatenation
7
A simple Authentication
Dialogue
(1) C  AS: IDc || Pc || IDv
(2) AS  C: Ticket
(3) C  V: IDc || Ticket

Ticket = EKv[IDc || Pc || IDv]

8
Problems with the
simple dialogue
 Password in clear text
Solution: Encrypt the password
 Need to authenticate on each request
Solution: Let a ticket have a lifetime
 Need to authenticate to each new server
Solution: Split the Kerberos server up in two
parts, one Authentication Server (AS) and
one Ticket Granting Server (TGS).

9
A better Authentication
Dialogue
Once per user logon session:
(1) C  AS: IDc || IDtgs
(2) AS  C: E [Kc , Tickettgs]
Tickettgs =E(Ktgs, [IDc || ADc || IDtgs || TS1 || Lifetime1])

Once per type of service:


(3) C  TGS: IDc || IDv ||Tickettgs
(4) TGS  C: Ticketv

Ticketv =E(Kv, [IDc || ADc || IDv || TS2 || Lifetime2])

Once per server session:


(5) C  V: IDc || Ticketv
10
Problems with the
better dialogue
 Problem 1, Lifetime associated with the
ticket-granting ticket
If too short  repeatedly asked for password
If too long  greater opportunity to replay
The threat is that an opponent will steal
the ticket and use it before it expires.
 Problem 2, a rouge server can give
incorrect credentials
11
Version 4 Authentication Dialogue
Authentication Service Exchange: To obtain Ticket-Granting Ticket
(1) C  AS: IDc || IDtgs ||TS1
(2) AS  C: EKc [Kc,tgs|| IDtgs || TS2 || Lifetime2 || Tickettgs]
Tickettgs =E(Ktgs, [Kc,tgs || IDc || ADc || IDtgs || TS2 || Lifetime2])

Ticket-Granting Service Echange: To obtain Service-Granting Ticket


(3) C  TGS: IDv ||Tickettgs ||Authenticatorc

• TGS  C: E(Kc,tgs,[Kc,v || IDv || TS4 || Ticketv])


Tickettgs =E(Ktgs, [Kc,tgs || IDc || ADc || IDtgs || TS2 || Lifetime2])
Ticketv =E(Kv, [Kc,v || IDc || ADc || IDv || TS4 || Lifetime4])
Authenticatorc =E(Kc,tgs , [IDc || ADc || TS3])
12
Version 4 Authentication Dialogue
cont.

Client/Server Authentication Exchange to obtain Service


(5) C  V: Ticketv || Authenticatorc
(6) V  C: EKc,v[TS5 +1]
Ticketv =E(Kv, [Kc,v || IDc || ADc || IDv || TS4 || Lifetime4])
Authenticatorc =E(Kc,v , [IDc || ADc || TS5])

13
Overview of Kerberos

14
Request for Service in
Another Realm

15
Difference Between
Version 4 and 5
 Encryption system independence (v4 DES)
 Internet protocol independence (v4 IP)
 Message byte ordering (v5 ASN.1)
 Ticket lifetime (v4 max 21 hours)
 Authentication forwarding
 Inter realm authentication

16
Kerberos Encryption Techniques

17
PCBC Mode

18
Kerberos - in practice

 Currently have two Kerberos versions:


 4 : restricted to a single realm
 5 : allows inter-realm authentication
 Kerberos v5 is an Internet standard
 specified in RFC1510, and used by many utilities
 To use Kerberos:
 need to have a KDC on your network
 need to have Kerberized applications running on all
participating systems

19
X.509 Authentication Service
 Distributed set of servers that
maintains a database about users.
 Each certificate contains the public
key of a user and is signed with the
private key of a CA.
 Is used in e.g. S/MIME, IP Security,
SSL/TLS and SET.
 RSA is recommended to use.

20
X.509 Formats

21
Typical Digital
Signature Approach

22
Obtaining a User’s Certificate
 Characteristics of certificates
generated by CA:
Any user with access to the public key of
the CA can recover the user public key
that was certified.
No part other than the CA can modify the
certificate without this being detected.

23
X.509 CA Hierarchy

24
Revocation of Certificates

 Reasons for revocation:


The users secret key is assumed to be
compromised.
The user is no longer certified by this CA.
The CA’s certificate is assumed to be
compromised.

25
Authentication Procedures

26

You might also like