1. Presented By: Vidula Shukla M.Tech., Computer Science & EngineeringDept. of Computer Science & Engineering Sagar Inst. of Research & Technology Bhopal

2. Overview Introduction Motivation Requirement Kerberos Version 4 Kerberos Realms Kerberos V4 V/s V5 Kerberos Version 5 Strength Conclusion 7/10/2013KERBEROS2 3. Introduction Authentication: can be defined as determining anidentity to the required level of assurance. Authentication Application : Deals with theauthentication function that have been developed to support application-level authentication7/10/2013KERBEROS3 4. Introduction to Kerberos An authentication service developed for Project Athena atMIT Provides strong security on physically insecure network a centralized authentication server which authenticates Users to servers Servers to users Relies on conventional encryption rather than public-keyencryption7/10/2013KERBEROS4 5. Why Kerberos is needed ? Problem: Not trusted workstation to identify their users correctly in an open distributed environment3 Threats: 7/10/2013Pretending to be another user from the workstation Sending request from the impersonated workstation Replay attack to gain service or disrupt operationsKERBEROS5 6. Why Kerberos is needed ? Cont. Solution: Building elaborate authentication protocols ateach server A centralized authentication server (Kerberos)7/10/2013KERBEROS6 7. Requirements for KERBEROS Secure: An opponent does not find it to be the weak link Reliable: The system should be able to back up another Transparent: An user should not be aware of authentication Scalable: The system supports large number of clients and severs 7/10/2013KERBEROS7 8. KERBEROS VERSION 4 Version 4 is most widely used version Version 4 uses of DES Version 4 build up to the full protocol bylooking at several hypothetical dialogues Version 5 corrects some of the security deficiencies of Version 47/10/2013KERBEROS8 9. Problem:An opponent can pretend to be another client and obtain unauthorized privileges on server machine. Solution : Server must be able to confirm the identities of client who request service.7/10/2013KERBEROS9 10. Kerberos Version 4: Dialog 1- SimpleTicket=E(kv[IDc,ADc,IDv]) 107/10/2013KERBEROS 11. Problem:1. the no. of times the password should be entered should be minimized. 2. Plaintext transmission of password Solution : 1. Ticket-granting Server; Issues ticket to user who have been authenticated to AS 2. The client can use this ticket to request multiple service granting ticket.7/10/2013KERBEROS11 12. Kerberos Version 4 : Dialog 2-More Secure ticketTGS=EKtgs[IDc,ADc,IDtgs,TS1,LifeTime1 ] Once per user logon sessionOnce per type of service4-TicketV 7/10/2013KERBEROS12 13. Kerberos Version 4 : Dialog 2 - More Secure Cont. Once per service session5- TicketV+ IDcTicketV=EKv[IDc,ADc,IDv,Ts2,Lifetime2]7/10/2013KERBEROS13 14. Problem:Lifetime associated with ticket granting ticket 2. Requirement for servers to authenticate themselves to user. 1.7/10/2013KERBEROS14 15. Kerberos: The Version 4 Authentication Dialog Once per user logon sessionticketTGS=EKtgs [Kc.tgs, IDc,ADc,IDtgs,TS2, LifeTi me2 ]7/10/2013KERBEROSKERBEROS15 16. Kerberos: The Version 4 Authentication Dialog Cont. Once per type of serviceticketTGS=EKtgs [Kc.tgs,IDc,ADc,IDtgs, TS2, LifeTime2 ]KERBEROSAuthenticatorC=EKc.tgs[IDc,ADc,TS3] ticketV=EKV[Kc.v,IDc,ADc,IDv, TS4, LifeTime4 ]3- TicketTGS + AuthenticatorC + IDv 4-EKc.tgs[ Kc.v,IDv,Ts4,Ticketv] 7/10/2013KERBEROS16 17. Kerberos: The Version 4 Authentication Dialog Cont. Once per service session5- TicketV+ AuthenticatorC 6- EKc.v[TS5+1] TicketV=EKv [Kv.c, IDc, ADc, IDv, TS4, Lifetime4] AuthenticatorC=EKc.v [IDc,ADc,TS5] 7/10/2013KERBEROS17 18. Tickets: Contains information which must be consideredprivate to the user Allows user to use a service or to access TGS Reusable for a period of particular time Used for distribution of keys securely7/10/2013KERBEROS18 19. Authenticators Proves the clients identity Proves that user knows the session key Prevents replay attack Used only once and has a very short life time One authenticator is typically built per session of useof a service7/10/2013KERBEROS19 20. Kerberos Overview7/10/2013KERBEROS20 21. Kerberos Realms A single administrative domain includes: a Kerberos server a number of clients, all registered with server application servers, sharing keys with server What will happen when users in one realm need accessto service from other realms?: Kerberos provide inter-realm authentication7/10/2013KERBEROS21 22. Inter-realm Authentication: Kerberos server in each realm shares a secret key withother realms. It requires Kerberos server in one realm should trust the one inother realm to authenticate its users The second also trusts the Kerberos server in the first realm7/10/2013KERBEROS22 23. Request for Service in another realm:7/10/2013KERBEROS23 24. KERBEROS Version 5 versus Version4 Environmental shortcomings of Version 4: Encryption system dependence: DES Message byte ordering Internet protocol dependence Ticket lifetime Authentication forwarding Inter-realm authentication7/10/2013KERBEROS24 25. KERBEROS Version 5 versus Version4 Technical deficiencies of Version 4: Double encryption Session Keys Password attack Mode of Encryption7/10/2013KERBEROS25 26. New Elements in Kerberos Version 5 Realm Indicates realm of the user Options Times From: the desired start time for the ticket Till: the requested expiration time Rtime: requested renew-till time Nonce A random value to assure the response is fresh7/10/2013KERBEROS26 27. Kerberos Version 5 Message Exchange:1 To obtain ticket-granting ticket:(1)C AS : Options || IDc || Realmc || IDtgs ||Times || Nonce1(2) AS C : Realmc || IDc || Ticket tgs || EKc [ Kc,tgs || IDtgs || Times || Nonce1 ||| Realm tgs ]Ticket tgs= EKtgs [ Flags || Kc,tgs || Realm c || IDc || ADc || Times]7/10/2013KERBEROS27 28. Kerberos Version 5 Message Exchange:2 To obtain service-granting ticket : (3)C TGS : Options || IDv || Times || Nonce2 || Ticket tgs Authenticator c (4)TGS C : Realmc || IDc || Ticket v || EK c,tgs [ Kc,v Times|| Nonce2 || IDv Realm v] Ticket tgs= EKtgs [ Flags || Kc,tgs || Realm c || IDc || ADc || Times] Ticket v : EK v [Kc,,v Realmc || IDc ADc Times ] Authenticator c : EK c,tgs [IDc Realmc TS1]7/10/2013KERBEROS28 29. Kerberos Version 5 Message Exchange:3 To obtain service(5) C S : Options || Ticket v|| Authenticator c (6) S C : EK c,v [TS2|| Subkey || Seq# ] Ticket v : EK v [Flags || Kc,v || Realmc ||IDc || ADc || Times ] Authenticator c : EK c,v [IDc || Realmc || TS2 || Subkey|| Seq# ]7/10/2013KERBEROS29 30. Kerberos : Strengths User's passwords are never sent across thenetwork, encrypted or in plain text Secret keys are only passed across the network in encryptedform Client and server systems mutually authenticate It limits the duration of their users' authentication. Authentications are reusable and durable7/10/2013KERBEROS30 31. Conclusion Kerberos is an authentication service using conventionencryption Kerberos the solution to network security is a protocol designed to provide centralized authentication whose function is to authenticate user to server and server to user.7/10/2013KERBEROS31 32. THANK YOU7/10/2013KERBEROS32