1 authentication applications ola flygt växjö university, sweden ola.flygt@vxu.se +46 470 70 86...
Post on 31-Mar-2015
215 Views
Preview:
TRANSCRIPT
1
Authentication Applications
Ola FlygtVäxjö University, Sweden
http://w3.msi.vxu.se/users/ofl/Ola.Flygt@vxu.se+46 470 70 86 49
2
Outline
Security ConcernsKerberosX.509 Authentication Service
3
Security Concerns
key concerns are confidentiality and timeliness
to provide confidentiality one must encrypt identification and session key info which requires the use of previously shared private or public keys
need timeliness to prevent replay attacks.provided by using sequence numbers or timestamps or challenge/response
4
KERBEROS
In Greek mythology, a many headed dog, the guardian of the entrance of Hades
5
KERBEROS
Users wish to access services on servers.
Three threats exist:User pretend to be another user.User alter the network address of a
workstation.User eavesdrop on exchanges and
use a replay attack.
6
KERBEROS
Provides a centralized authentication server to authenticate users to servers and servers to users.
Relies on conventional encryption, making no use of public-key encryption
Two versions: version 4 and 5Version 4 makes use of DES
7
Kerberos terminologyTerms:
C = clientAS = authentication serverV = serverIDc = identifier of user on CIDv = identifier of VPc = password of user on CADc = network address of CKv = secret encryption key shared by AS an VTS = timestamp|| = concatenation
8
A simple Authentication Dialogue
(1) C AS: IDc || Pc || IDv
(2) AS C: Ticket
(3) C V: IDc || Ticket
Ticket = EKv[IDc || Pc || IDv]
9
Problems with the simple dialogue
Password in clear textSolution: Encrypt the password
Need to authenticate on each requestSolution: Let a ticket have a lifetime
Need to authenticate to each new serverSolution: Split the Kerberos server up in two
parts, one Authentication Server (AS) and one Ticket Granting Server (TGS).
10
A better Authentication Dialogue
Once per user logon session:
(1) C AS: IDc || IDtgs(2) AS C: E [Kc , Tickettgs]
Tickettgs =E(Ktgs, [IDc || ADc || IDtgs || TS1 || Lifetime1])
Once per type of service:
(3) C TGS: IDc || IDv ||Tickettgs
(4) TGS C: Ticketv
Ticketv =E(Kv, [IDc || ADc || IDv || TS2 || Lifetime2])
Once per server session:
(5) C V: IDc || Ticketv
11
Problems with the better dialogue
Problem 1, Lifetime associated with the ticket-granting ticketIf too short repeatedly asked for passwordIf too long greater opportunity to replay
The threat is that an opponent will steal the ticket and use it before it expires.
Problem 2, a rouge server can give incorrect credentials
12
Version 4 Authentication Dialogue
Authentication Service Exchange: To obtain Ticket-Granting Ticket
(1) C AS: IDc || IDtgs ||TS1
(2) AS C: EKc [Kc,tgs|| IDtgs || TS2 || Lifetime2 || Tickettgs]
Tickettgs =E(Ktgs, [Kc,tgs || IDc || ADc || IDtgs || TS2 || Lifetime2])
Ticket-Granting Service Echange: To obtain Service-Granting Ticket
(3) C TGS: IDv ||Tickettgs ||Authenticatorc
• TGS C: E(Kc,tgs,[Kc,v || IDv || TS4 || Ticketv])
Tickettgs =E(Ktgs, [Kc,tgs || IDc || ADc || IDtgs || TS2 || Lifetime2])
Ticketv =E(Kv, [Kc,v || IDc || ADc || IDv || TS4 || Lifetime4])
Authenticatorc =E(Kc,tgs , [IDc || ADc || TS3])
13
Version 4 Authentication Dialogue
cont.
Client/Server Authentication Exchange to obtain Service
(5) C V: Ticketv || Authenticatorc
(6) V C: EKc,v[TS5 +1]
Ticketv =E(Kv, [Kc,v || IDc || ADc || IDv || TS4 || Lifetime4])
Authenticatorc =E(Kc,v , [IDc || ADc || TS5])
14
Overview of Kerberos
15
Request for Service in Another Realm
16
Difference Between Version 4 and 5
Encryption system independence (v4 DES)
Internet protocol independence (v4 IP)Message byte ordering (v5 ASN.1)Ticket lifetime (v4 max 21 hours)Authentication forwardingInter realm authentication
Kerberos Encryption Techniques
17
18
PCBC Mode
19
Kerberos - in practice
Currently have two Kerberos versions: 4 : restricted to a single realm 5 : allows inter-realm authenticationKerberos v5 is an Internet standard specified in RFC1510, and used by many utilities
To use Kerberos: need to have a KDC on your network need to have Kerberized applications running on
all participating systems
20
X.509 Authentication Service
Distributed set of servers that maintains a database about users.
Each certificate contains the public key of a user and is signed with the private key of a CA.
Is used in e.g. S/MIME, IP Security, SSL/TLS and SET.
RSA is recommended to use.
21
X.509 Formats
22
Typical Typical Digital Digital Signature ApproachSignature Approach
23
Obtaining a User’s Certificate
Characteristics of certificates generated by CA:Any user with access to the public
key of the CA can recover the user public key that was certified.
No part other than the CA can modify the certificate without this being detected.
24
X.509 CA Hierarchy
25
Revocation of Certificates
Reasons for revocation:The users secret key is assumed to
be compromised.The user is no longer certified by this
CA.The CA’s certificate is assumed to be
compromised.
26
Authentication Procedures
top related