Comp & Network Security
Comp & Network Security CS 4237
Popular in Course
Popular in ComputerScienence
This 0 page Class Notes was uploaded by Alayna Veum on Monday November 2, 2015. The Class Notes belongs to CS 4237 at Georgia Institute of Technology - Main Campus taught by Wenke Lee in Fall. Since its upload, it has received 14 views. For similar materials see /class/234071/cs-4237-georgia-institute-of-technology-main-campus in ComputerScienence at Georgia Institute of Technology - Main Campus.
Reviews for Comp & Network Security
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 11/02/15
Authentication 11 CS 4237 IJQEEEWIHHII Kerberos V4 EQQQQEQE QCDQ QQDDCQUQDQU g EQEQE What Is Kerberos l Recommended reading 9 httpwebmitedukerberoswwwdialoguehtml l Provide cryptographic authentication in network environment 0 Enable secure access control of networked resources 0 Relieve usersadministrators the burden of managing potentially many accounts and passwords EEEQQQEDDQDQJDDLQUDJDDQQDQEQQ Kerberos Realm7 Realml QEED CWZJDQH Kerberos Deployment l KDCs are physically secured l Kerberos libraries are distributed on all nodes with users applications and other Kerberos controlled resources if I All Kerberos exchanges are protected against confidentiality and integrity attacks l Kerberosrized applications 0 telnet 0 rtools rlogin rcp rsh E3 0 Network file systems NF SAFS m E Where To Start A g l Every principal has a master secret key 0 Human user s master key is derived from g39 password 0 Other resources must have their keys configured in Eff l Every principal is registered with the L Kerberos server ie KDC I All principals master keys are stored in the KDC database encrypted using the KDC E SE master key QQQQQQEJDDDC 7quot VCWF LTCWCYJDQEQ Tickets l Every principal has a main shared secret with the KDC principal s master key I Any secure communicationaccess among principals must be mediated by KDC through tickets I How would Alice talk to Bob 7 iil i l TUDDUQDEQQQ EDS 321 Alice Bob and KDC KDC 2 ow KBKAB Alice 3 Ticket to Bob KB KAB Alice QEEE UL L iquot A L D Session Key and Ticketgranting Ticket TGT l Messages between a host and the KDC can be protected using the principal s master key I For every request to KDC from the principal E 0 Insists on principal retyping in the password 0 Remember the principal s password 0 Remember the principal s master key derived from the password I All options are equally inadequate n a E Session Key and TGT E I To avoid potentially too much exposure to 3 passwordm aster key 0 At initial login a per principal session key SB for Bob is requested from KDC L EDI mggggg 0 SB has a limited valid time period 0 A TGT for Bob is also issued by the KDC which includes the session key SB and Bob s identification information all encrypted using the KDC s master key Dmgu 4 Session Key and TGT a E l Bob s Kerberos client eg the login host decrypts and remembers 0 S3 for subsequent message with KDC F 0 TGT for remindingconvincing KDC to use SB with it as well 0 No need for remembering storing password I New request to KDC must include TGT in a the request message I New tickets from KDC must be decrypted In SE n m m Eli E 3 L0 gin U D U E 239 AsiREQ 3 create SB 3 and TGTB F KKDCB0b SB L if KDC 5 local host 4 AsiREP decrypts and K BSB TGTB D saves S B and QEQQQQ TGTB Need A Tlcket U Q 2 TGSiREQ access to hpl i5 1 GTE IPT 39PhP 1 SB tlmeStampH 3 create K B P 7 decrypt TGTB Equot Bob s verify authenticator Local generate Ticket to i Host printer for Bob 53 5 local host 4 TGSiREP TP KPBobKBP D decrypts and SB Boba KBP TP obtaining service KDC usingKBPEL T Q Q m w W W 9 I 39 a Accessmg the Prlnter Q B E g 1 APiREQ E Uh 1 K31 F 2 decrypt T P for Lquot KBP verify x 39 authenticator 3 APiREP L KBPtimestamp1 Printer serve E QEJQEQM EE gn Authentication and Global Clock 0 Single master KDC as the point of direct update to principals database entries Ell Synchronization l Authenticator KXtimestamp l Global clock sync is implied I Is the authenticator for TGSREQ Ff necessary I What about the APREQ l Main purposes of authenticator is to avoid 0 replay of old requests to the same server 0 replay of request on one server to another server farm shared principal s master key I Replicated KDCs Cl Cl l Multiple replica of KDC availability and 7 performance l Keeping KDC databases consistent LL SDI QEQQQQ 0 Updated database is downloaded from the master to all replica KDCs 0 Periodic download or on demand gm l Kerberos stores principals master keys encrypted with KDC master key 5 Will It Be Effective ll l KDC dynamic state consists of outstanding TGTs and tickets l Kerberos puts the burden of maintaining them on the clients hostsserversgrantees E 0 Convince me that I did this for you l KDC is only involved in the initial mediation and it stays out of the picture once a ticket is issued I Only static state information is principals database read only for all replica KDCs U i Database Content Protection J g l Encryption is required for sensitive data l Integrity of the database must be ensured 3 0 Installation of masqueraded master keys 0 Substitution replay of old databases LL SDI QEQQQQ l Kerberos transmits a secure hash of the database with encryption in a separate message during downloads ED Ell 9 Multiple Trust Domams a Cl 23 l Single master KDC can only stretch so far l KDC asks people to put too much trust in it 0 Should competing commercial entities use the 9 same KDC 0 gov org edu etc each having a different 15 model of what is more trustworthy B l Single master KDC greatest temptation Eli biggest security riskvulnerability CD I So comes different domains or realms E El 51 3 Kerberos Realms E l Each realm has a different master KDC f with different master KDC key l Each realm can have many replica KDCs E but all sharing the same KDC master key l Two KDCs in different realms have different principals master key databases l 9 In E
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'