ECE8843 - PowerPoint PPT Presentation

About This Presentation
Title:

ECE8843

Description:

{Bob,Kab,Ticket -Bob; Ka} 4. 5. Master. KDC. Slave. KDC {db;Kmaster} Slave. KDC. Slave. KDC ... stolen from network as well as Ticket from Alice. ... – PowerPoint PPT presentation

Number of Views:84
Avg rating:3.0/5.0
Slides: 17
Provided by: JohnCo66
Category:
Tags: ece8843 | master | ticket

less

Transcript and Presenter's Notes

Title: ECE8843


1
ECE-8843 http//www.csc.gatech.edu/copeland/jac/88
43/ Prof. John A. Copeland john.copeland_at_ece.gat
ech.edu 404 894-5177 fax 404 894-0035 Office
GCATT Bldg 579 email or call for office visit, or
call Kathy Cheek, 404 894-5696 Chapter 4a -
Kerberos
2
Kerberos, v4 and v5
Provides a complete protocol for authentication
and
secure communications for hosts connected by a
data
communications network

Provides secure "tickets" to hosts that can be
used
to initiate a secure message exchange

Standard message formats for encrypted and signed
messages, or signed plaintext messages

Formats for encoding expiration time, names, ...

Allows "read-only" slave KDC's (distributed KDCs)
2
3
Keberos uses Mediated Authentication
)
(with a Key Distribution Center, KDC
Bob
Jack
Alice
Kbob
Kalice
Mary
Tom
KDC
Paul
Dick
Trudi
Jip
Harry
Peter
3
KDC has unique Secret Keys with all legitimate
hosts.
4
Alice
Alice
Bob has
Alice PC
(human)
Key
Ka,TGTKk
hashes
Shared
logs on
Dist.
Kak
Alice's
to
Ctr
Secret Key
passwork
Alice,
Alice wants
gen.s
to get a
with KDC,
(PC)
Bob,TGTKk,
DES Key,
Kab, has Kk
timeKa
Kbob
KaliceKa
Bob,Kab,Ticket
-Bob Ka
time Kab,
Kab,Alice Kbob "Ticket"
time 1, Kab
After the 1st exchange with the KDC, Alice has a
session key, Ka, and a "Ticket-Granting Ticket"
that she can use to request "Tickets" from KDC

PC erases Alice's password and Kak from disk and
RAM.

Time(stamp) is used as nonce (seconds after
1/1/1970)
4
5
5
6
Slave
Host
KDC
Host
Slave
Host
Host
KDC
Host
Master
Host
KDC
Slave
dbKmaster
Host
KDC
Host
Host
Slave
Host
Slave
KDC
Host
Realm
KDC

Replicated KDCs (slaves) are read only.

Entire Host-KDC dasebase is downloaded
periodically
6
7
KDC
(Hatter)
KDC
Lion
(Lion)
1
2
Dorothy
Alice
3
Lion can also be a
Realm
Realm
"principal" in
Wonderland
Oz
Wonderland (with the
Queen's OK)
Alice wants to talk to Dorothy
7
8
Plaintext
Cipher Block Chaining (
P
PCBC)

m1
m2
m3
IV
()
()
()

E
E
E
Key

c1
c2
c3
The 1st 64-bit message segment is XOR'ed with
an initial vector (IV). Each following message
segment is XOR'ed with the preceding ciphertext
and plaintext segments-for privacy integrity
.
8
9
Kerberos Message Integrity Check
(Message Digest)
MIC is Hash()
The Hash algorithm was never published (but
source code can be obtained)
It is based on a checksum algorithm designed
by Juneman to use mod 231-1 (prime), but
changed to use 263-1 (not prime).
Cryptographers worry that it might be
breakable, or reversible (to get Ksession).
9
10
Network Layer (IP) Addresses in Tickets
Only 4 bytes available, so limited to Internet
Protocol (Novel, IBM, Appletalk, IPv6... longer)
Makes "spoofing" harder, IP address must be
stolen from network as well as Ticket from Alice.
Prevents delegation, giving the ticket to another
host to represent you (which is allowed by
Kerberos V5)
10
11
Why Study Kerberos v4
(Why doesn't everyone switch to v5)
Kerberos V4 is working well in many systems
Switching to V5 requires stopping the network
and upgrading every host at once before restart
Kerberos V5 is inefficient in some ways compared
to V4

Specified in ASN.1 (abstraction good and bad)

Example 11 bytes required for 4-byte IP address.
11
12
Kerberos v5 Cryptographic Algorithms
Kerberos v4 used Plaintext Cipher Block Chaining
and modified Juneman hash
Kerberos v5 can use a variety of encryptions
(DES in practice) and hashes (MD4, MD5).
One primary MIC uses

confounder MD5(confounder message)K'

K' Kalice-bob () F0F0F0F0F0F0F0F0
A more modern MIC that is not used is

MD5(Kalice-bob message)
12
13
Password security
Originally UNIX stored a hash of each Users
password in a globally readable account. This
can be attacked by hashing all common words for a
reverse lookup table.
13
14
Message Security and Integrity
Only exchange messages with authenticated hosts
Develop a session key and separate MIC key
using initial password exchange
Encrypt Diffie-Hellman exchanges to prevent
Bucket Brigade (man-in-middle) attacks.
Use MICs, especially with self-synchronizing
encryptions (e.g., PCBC) which survive
permutations of message blocks.
Get "random" numbers from true sources
Protect Master KDC Key and hashed-key database
14
15
Bonus
Entropy of Data, H H sumi1 to kPi
log2(1/Pi) (bits of information per
symbol) Where k number of states (or
symbols) Pi probability of the ith state
(ni/N) If the symbols are binary numbers with 8
bits H 8 - complete disorder or
randomness H some order (ASCII text, H
4 - 5 bits)
15
16
16
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "ECE8843" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!