authentication applications
DESCRIPTION
Authentication Applications. Digital Signatures Security Concerns X.509 Authentication Service Kerberos. Security Concerns. key concerns are confidentiality and timeliness to provide confidentiality must encrypt identification and session key info - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/1.jpg)
1
Authentication Applications
Digital SignaturesSecurity ConcernsX.509 Authentication ServiceKerberos
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 2: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/2.jpg)
2
Security Concerns• key concerns are confidentiality and
timeliness • to provide confidentiality must encrypt
identification and session key info • which requires the use of previously
shared private or public keys • need to prove ownership of public keys• need timeliness to prevent replay
attacks • provided by using sequence numbers or
timestamps or challenge/response Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 3: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/3.jpg)
Digital signatures• A digital signature is an encryption of a
document with the creator’s private key
• It is attached to a document that validates the creator of the document
• Any one can validate it by decrypting the signature with the claimed creator’s public key
3Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 4: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/4.jpg)
Some Misconceptions• Some misconceptions, corrected
– Public key cryptography is NOT more secure than symmetric key
– Public key cryptography does NOT Makes symmetric key obsolete
– Central agent is needed for both public key and conventional cryptography
4Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 5: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/5.jpg)
Alternatively…. Digital signatures on
hashes• A more efficient way for a digital signature is by creating
an authenticator of the document first (a hash)
• Then sign the hash (i.e. encrypt the hash using private key)
• If M is the message (or document) and Alice wants Bob to be certain that M is from her.
• M is not confidential– H = Hash(M) – Authenticator = EKRA
• i.e. encrypting H with Alice’s private key5Based on slides by Dr. Lawrie Brown of the Australian Defence Force
Academy, University College, UNSW
![Page 6: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/6.jpg)
Digital Signatures: The basic idea
? private key
public key
public key
Alice Bob
6Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 7: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/7.jpg)
Key management• Distribution of public keys
– Well, what’s the issue? – Can’t we just trust Mallory if she
claims a key as her public key?
? private key
public key
public key
Alice Bob
Mallory
7Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 8: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/8.jpg)
Public keys to exchange secret keys
• Using public-keys to exchange secret keys– why exchange secret keys?– aren’t public keys sufficient?
8Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 9: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/9.jpg)
Authenticity of public keys
?
Problem: How does Alice know that the public key she received is really Bob’s public key?
private key
Alice Bobpublic key
Bob’s key
9Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 10: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/10.jpg)
Public-key certificates• Anyone can forge public-keys
• Therefore, use public-key certificates
• A public-key certificate is a public-key that was signed by a trusted third party (called a certificate authority or CA)
• See figure on next slide10Based on slides by Dr. Lawrie Brown of the Australian Defence Force
Academy, University College, UNSW
![Page 11: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/11.jpg)
Key Management Public-Key Certificate Use
11Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 12: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/12.jpg)
12
X.509 Authentication Service
• Distributed set of servers that maintains a database about users.
• Each certificate contains the public key of a user and is signed with the private key of a CA.
• Is used in S/MIME, IP Security, SSL/TLS and SET.
• RSA is recommended to use.Based on slides by Dr. Lawrie Brown of the Australian Defence Force
Academy, University College, UNSW
![Page 13: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/13.jpg)
13
X.509 Formats
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 14: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/14.jpg)
14
Typical Digital Signature Approach
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 15: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/15.jpg)
15
Obtaining a User’s Certificate
• Characteristics of certificates generated by CA:– Any user with access to the public key
of the CA can recover the user public key that was certified.
– No party other than the CA can modify the certificate without this being detected.
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 16: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/16.jpg)
16
X.509 CA Hierarchy
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 17: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/17.jpg)
17
Revocation of Certificates
• Reasons for revocation:– The users secret key is assumed to be
compromised.– The user is no longer certified by this
CA.– The CA’s certificate is assumed to be
compromised.
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 18: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/18.jpg)
18
Authentication Procedures
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 19: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/19.jpg)
19
KERBEROS• Users wish to access services on
servers.• Three threats exist:
– User pretend to be another user.– User alter the network address of a
workstation.– User eavesdrop on exchanges and
use a replay attack.Based on slides by Dr. Lawrie Brown of the Australian Defence Force
Academy, University College, UNSW
![Page 20: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/20.jpg)
20
KERBEROS• Provides a centralized
authentication server to authenticate users to servers and servers to users.
• Relies on conventional encryption, making no use of public-key encryption
• Two versions: version 4 and 5• Version 4 makes use of DES
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 21: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/21.jpg)
21
Kerberos Version 4• Terms:
– C = Client– AS = authentication server– V = server– IDc = identifier of user on C– IDv = identifier of V– Pc = password of user on C– ADc = network address of C– Kv = secret encryption key shared by AS an
V– TS = timestamp– || = concatenationBased on slides by Dr. Lawrie Brown of the Australian Defence Force
Academy, University College, UNSW
![Page 22: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/22.jpg)
22
A Simple Authentication
Dialogue(1)C AS: IDc || Pc || IDv(2) AS C: Ticket(3) C V: IDc || Ticket
Ticket = EKv[IDc || ADc || IDv]
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 23: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/23.jpg)
23
Version 4 Authentication
Dialogue• Problems:
– Lifetime associated with the ticket-granting ticket
– If too short repeatedly asked for password– If too long greater opportunity to replay
• The threat is that an opponent will steal the ticket and use it before it expires
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 24: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/24.jpg)
24
Version 4 Authentication Dialogue
Authentication Service Exhange: To obtain Ticket-Granting Ticket
(1) C AS: IDc || IDtgs ||TS1(2) AS C: EKc [Kc,tgs|| IDtgs || TS2 || Lifetime2 || Tickettgs]Ticket-Granting Service Echange: To obtain Service-Granting
Ticket(3) C TGS: IDv ||Tickettgs ||Authenticatorc(4) TGS C: EKc [Kc,¨v|| IDv || TS4 || Ticketv]
Client/Server Authentication Exhange: To Obtain Service(5) C V: Ticketv || Authenticatorc
(6) V C: EKc,v[TS5 +1]Based on slides by Dr. Lawrie Brown of the Australian Defence Force
Academy, University College, UNSW
![Page 25: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/25.jpg)
25
Overview of Kerberos
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 26: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/26.jpg)
26
Request for Service in Another Realm
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 27: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/27.jpg)
27
Difference Between Version 4 and 5
• Encryption system dependence (V.4 DES)
• Internet protocol dependence• Message byte ordering• Ticket lifetime• Authentication forwarding• Interrealm authentication
Based on slides by Dr. Lawrie Brown of the Australian Defence Force Academy, University College, UNSW
![Page 28: Authentication Applications](https://reader036.vdocuments.net/reader036/viewer/2022062315/5681638c550346895dd47c0a/html5/thumbnails/28.jpg)
28
Kerberos - in practice • Currently have two Kerberos versions:
• 4 : restricted to a single realm • 5 : allows inter-realm authentication, in beta test • Kerberos v5 is an Internet standard • specified in RFC1510, and used by many utilities
• To use Kerberos: • need to have a KDC on your network • need to have Kerberised applications running on all
participating systems • major problem - US export restrictions though
these have been relaxed in recent years
Based on slides by Dr. Lawrie Brown of the Australian Defence Force
Academy, University College, UNSW