Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel:...
-
Upload
gregory-clark -
Category
Documents
-
view
214 -
download
2
Transcript of Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel:...
![Page 1: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/1.jpg)
Information Security
Depart. of Computer Science and Engineering
刘胜利 ( Liu Shengli)Tel: 62932135
Email: [email protected]
![Page 2: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/2.jpg)
Kerberos
An authentication service developed by MIT. Distributed environment: workstations and
servers distributed throughout the network Users at workstations access to services on
servers provides centralised authentication Employment of conventional encryption. two versions in use: 4 & 5
![Page 3: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/3.jpg)
first published report identified its requirements as: security reliability transparency scalability
implemented using an authentication protocol based on Needham-Schroeder
![Page 4: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/4.jpg)
A simple authentication dialogue
Each server authenticates users who apply the server’s services. When a user applies a service from a server, the server
can authenticate the user. There is too much burden for the servers.
Authentication Server shares a secret key with each server. Be Responsible for authentication of users. Other servers is free of authentication burden.
![Page 5: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/5.jpg)
(1) C AS: IDC || PC || IDV
(2) AS C: Ticket(3) C V : IDC || Ticket
Ticket=EKV[IDC||ADC|| IDV]
C : clientAS : Authentication ServerV : serverIDC : identifier of user on C
IDV : identifier of VPC : password of user on CADC : network address of CKV : secret key shared between AS and server V
C V
AS
(1)(2)
(3)
![Page 6: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/6.jpg)
Problems Password is transmitted as a plaintext
from workstation to AS. Users have to re-enter passwords from
time to time. Solutions
ticket reusable Employment of ticket-granting server,
TGS
![Page 7: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/7.jpg)
Improved protocol
Once per user logon session:(1) C AS : IDC || IDtgs
(2) AS C : EKC[Tickettgs]
Once per type of service(3) C TGS : IDC || IDv || Tickettgs
(4) TGS C : TicketV
Once per service session(5) C V : IDC || TicketV
Tickettgs = EKtgs[IDC||ADC||IDtgs||TS1||Lifetime1]
TicketV = EKV[IDC||ADC||IDV||TS2||Lifetime2]
C V
AS
(1) (2) (3)
TGS
(4)
(5)
Kerberos
![Page 8: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/8.jpg)
Details(1) Client applies for a ticket-granting ticket from AS by sending iden
tity of the user and identity of TGS (IDC, IDTGS) to AS.(2) AS returns an encrypted ticket with a key derived from the user’s
password.
TicketTGS=[IDC, AD, IDTGS, TS, Lifetime](3) The client applies for a service-granting ticket from TGS by sendi
ng (IDC, IDV, TicketTGS).
(4) TGS verifies the validness of TicketTGS by decryption of the ticket, and grant TicketV.
(5) The client presents (IDC, TicketV) to the server.
(6) Server V verifies the validness of TicketV and provide services to the user.
![Page 9: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/9.jpg)
Two problems Lifetime of TicketTGS;
If too short, the user will be asked for password frequently.
If too long, Eve may have a greater opportunity to steal the ticket.
When Eve gets TicketTGS or TicketV, she will have access to the corresponding service.
Without authentication of the server to the user.Eve configures a false server to act as a real one
Capture information from the user. Denial of service.
![Page 10: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/10.jpg)
Solutions
To prove the ticket presenter is just the same user for whom the ticket was issued. AS acts as KDC to distribute a session key to the Client and
TGS. To proves the identity of the user, the client shows to TGS
that he knows the session key shared between the Client and TGS.
TGS acts as KDC to distribute a session key to the Client and Server V.
To proves the identity of the user, the client shows to Server V that he knows the session key shared between the Client and Server V.
![Page 11: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/11.jpg)
Kerberos Realms and Multiple Kerberos
An Kerberos environment consists of a Kerberos server A number of users A number of application servers
Requirement Users are registered with the Kerberos server. the Kerbe
ros server stores identity of the user and password. All application servers are registered with the Kerberos s
erver. The Kerberos server must share a secret key with each server.
![Page 12: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/12.jpg)
Kerberos V4
Authentication Service Exchange: to obtain ticket-granting ticket.
(1) C AS : IDC || IDtgs || TS1
(2) AS C : EKC[Kc,tgs || IDtgs || TS2 || Lifetime2 |
| Tickettgs]
Tickettgs = EKtgs [Kc,tgs || IDC || ADC || IDtgs || TS2 ||
Lifetime2]
![Page 13: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/13.jpg)
Kerberos V4
Ticket-Granting Service Exchange: to obtain service-granting ticket
(3) C TGS : IDV || Tickettgs || Authenticatorc
(4) TGS C : EKc,tgs[Kc,v || IDV || TS4 || Ticketv]
Tickettgs = EKtgs[Kc,tgs|| IDC|| ADC|| IDtgs || TS2 || Lifetime2]
Ticketv = EKV[Kc,v||IDC||ADC|| IDv||TS4||Lifetime4]
Authenticatorc = EKc,tgs[IDc||ADc||TS3]
![Page 14: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/14.jpg)
Kerberos V4
Client/Server authentication exchange: to obtain service
(5) C V : Ticketv || Authenticatorc
(6) V C : EKc,v[TS5+1]
( bidirectional authentication)
Ticketv = EKV[Kc,v||IDc||ADc||IDv||TS4||Lifetime4]
Authenticatorc = EKc,v[IDc||ADc||TS5]
![Page 15: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/15.jpg)
Kerberos 4 Overview
a basic third-party authentication scheme have an Authentication Server (AS)
users initially negotiate with AS to identify self AS provides a non-corruptible authentication
credential (ticket granting ticket TGT) have a Ticket Granting server (TGS)
users subsequently request access to other services from TGS on basis of users TGT
![Page 16: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/16.jpg)
Kerberos 4 Overview
![Page 17: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/17.jpg)
Kerberos Realms
a Kerberos environment consists of: a Kerberos server a number of clients, all registered with server application servers, sharing keys with server
this is termed a realm typically a single administrative domain
if have multiple realms, their Kerberos servers must share keys and trust
![Page 18: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/18.jpg)
Multiple Kerberos Realms An Kerberos environment consists of
a Kerberos server A number of users A number of application servers
Requirement Users are registered with the Kerberos server. the Kerberos se
rver stores identity of the user and password. All application servers are registered with the Kerberos server.
The Kerberos server must share a secret key with each server. Any two Kerberos servers are registered with each other. The
Kerberos server in each interoperating realm shares a secret key with the server in the other realm.
![Page 19: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/19.jpg)
![Page 20: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/20.jpg)
To access an application server in another realm
1. Apply a ticket to access the local TGS;2. Local TGS issues a ticket to access the remo
te TGS;
3. The remote TGS issues a ticket to access the remote application server.
![Page 21: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/21.jpg)
details(1) C AS : IDC || IDtgs || TS1 (2) AS C : EKC
[Kc,tgs || IDtgs || TS2 || Lifetime2 || Tickettgs]
(3) C TGS: IDtgsrem || Tickettgs || Authenticatorc
(4) TGS C: EKc,tgs[Kc,tgsrem || IDtgsrem || TS4 || Tickettgsrem]
(5) C TGSrem: IDvrem || Tickettgsrem || Authenticatorc
(6) TGS C: EKc,tgsrem[Kc,vrem || IDvrem || TSb || Ticketvrem]
(7) C Vrem: Ticketvrem || Authenticatorc
C
AS TGS TGSrem
Vrem
(1) (2)(3)
(4) (5)
(6)
(7)
![Page 22: Information Security Depart. of Computer Science and Engineering 刘胜利 ( Liu Shengli) Tel: 62932135 Email: liu-sl@cs.sjtu.edu.cn.](https://reader036.fdocument.pub/reader036/viewer/2022070407/56649e1b5503460f94b0938b/html5/thumbnails/22.jpg)
Kerberos Version 5
developed in mid 1990’s provides improvements over v4
addresses environmental shortcomingsencryption alg, network protocol, byte order, ticket
lifetime, authentication forwarding, interrealm auth and technical deficiencies
double encryption, non-std mode of use, session keys, password attacks
specified as Internet standard RFC 1510