This document presents an overview of Kerberos authentication protocol. Kerberos was developed at MIT to provide strong authentication on insecure networks. It uses a centralized authentication server and relies on symmetric encryption. The document describes the requirements for Kerberos, differences between versions 4 and 5, key concepts like tickets and authenticators, and the message exchanges involved in the authentication process. The strengths of Kerberos are highlighted as mutual authentication between clients and servers without sending passwords in plain text across the network.

1. Presented By:
Vidula Shukla
M.Tech., Computer Science & Engineering
Dept. of Computer Science & Engineering
Sagar Inst. of Research & Technology
Bhopal

2. Overview
 Introduction
 Motivation
 Requirement
 Kerberos Version 4
 Kerberos Realms
 Kerberos V4 V/s V5
 Kerberos Version 5
 Strength
 Conclusion
7/10/2013
KERBEROS
2

3. Introduction
 Authentication: can be defined as determining an
identity to the required level of assurance.
 Authentication Application : Deals with the
authentication function that have been developed to
support application-level authentication
7/10/2013
KERBEROS
3

4. Introduction to Kerberos
 An authentication service developed for Project Athena at
MIT
 Provides
 strong security on physically insecure network
 a centralized authentication server which authenticates


Users to servers
Servers to users
 Relies on conventional encryption rather than public-key
encryption
7/10/2013
KERBEROS
4

5. Why Kerberos is needed ?
Problem: Not trusted workstation to identify
their users correctly in an open distributed environment
3 Threats:



7/10/2013
Pretending to be another user from the workstation
Sending request from the impersonated workstation
Replay attack to gain service or disrupt operations
KERBEROS
5

6. Why Kerberos is needed ? Cont.
Solution:
 Building elaborate authentication protocols at
each server
 A centralized authentication server (Kerberos)
7/10/2013
KERBEROS
6

7. Requirements for KERBEROS
 Secure:
 An opponent does not find it to be the weak link
 Reliable:
 The system should be able to back up another
 Transparent:
 An user should not be aware of authentication
 Scalable:
 The system supports large number of clients and
severs
7/10/2013
KERBEROS
7

8. KERBEROS VERSION 4
 Version 4 is most widely used version
 Version 4 uses of DES
 Version 4 build up to the full protocol by
looking at several hypothetical dialogues
 Version 5 corrects some of the security
deficiencies of Version 4
7/10/2013
KERBEROS
8

9.  Problem:
An opponent can pretend to be another client and
obtain unauthorized privileges on server machine.
 Solution :
Server must be able to confirm the identities of client
who request service.
7/10/2013
KERBEROS
9

10. Kerberos Version 4: Dialog 1- Simple
Ticket=E(kv[IDc,ADc,IDv])
10
7/10/2013
KERBEROS

11.  Problem:
1. the no. of times the password should be entered
should be minimized.
2. Plaintext transmission of password
 Solution :
1. Ticket-granting Server; Issues ticket to user who have
been authenticated to AS
2. The client can use this ticket to request multiple
service granting ticket.
7/10/2013
KERBEROS
11

12. Kerberos Version 4 : Dialog 2-More Secure
ticketTGS=EKtgs[IDc,ADc,IDtgs,TS1,LifeTime1
]
Once per user logon session
Once per type of service
4-TicketV
7/10/2013
KERBEROS
12

13. Kerberos Version 4 : Dialog 2
- More Secure Cont.
Once per service session
5- TicketV+ IDc
TicketV=EKv[IDc,ADc,IDv,Ts2,Lifetime2]
7/10/2013
KERBEROS
13

14.  Problem:
Lifetime associated with ticket granting ticket
2. Requirement for servers to authenticate themselves to
user.
1.
7/10/2013
KERBEROS
14

15. Kerberos: The Version 4 Authentication Dialog
Once per user logon session
ticketTGS=EKtgs
[Kc.tgs, IDc,ADc,IDtgs,TS2, LifeTi
me2 ]
7/10/2013
KERBEROS
KERBEROS
15

16. Kerberos: The Version 4 Authentication Dialog
Cont.
Once per type of service
ticketTGS=EKtgs
[Kc.tgs,IDc,ADc,IDtgs, TS2, LifeTime2 ]
KERBEROS
AuthenticatorC=EKc.tgs[IDc,ADc,TS3]
ticketV=EKV[Kc.v,IDc,ADc,IDv, TS4, LifeTime4 ]
3- TicketTGS + AuthenticatorC +
IDv
4-EKc.tgs[ Kc.v,IDv,Ts4,Ticketv]
7/10/2013
KERBEROS
16

17. Kerberos: The Version 4 Authentication Dialog
Cont.
Once per service session
5- TicketV+ AuthenticatorC
6- EKc.v[TS5+1]
TicketV=EKv [Kv.c, IDc, ADc, IDv, TS4, Lifetime4]
AuthenticatorC=EKc.v [IDc,ADc,TS5]
7/10/2013
KERBEROS
17

18. Tickets:
 Contains information which must be considered
private to the user
 Allows user to use a service or to access TGS
 Reusable for a period of particular time
 Used for distribution of keys securely
7/10/2013
KERBEROS
18

19. Authenticators
 Proves the client’s identity
 Proves that user knows the session key
 Prevents replay attack
 Used only once and has a very short life time
 One authenticator is typically built per session of use
of a service
7/10/2013
KERBEROS
19

20. Kerberos Overview
7/10/2013
KERBEROS
20

21. Kerberos Realms
 A single administrative domain includes:
 a Kerberos server
 a number of clients, all registered with server
 application servers, sharing keys with server
 What will happen when users in one realm need access
to service from other realms?:
 Kerberos provide inter-realm authentication
7/10/2013
KERBEROS
21

22. Inter-realm Authentication:
 Kerberos server in each realm shares a secret key with
other realms.
 It requires
 Kerberos server in one realm should trust the one in
other realm to authenticate its users
 The second also trusts the Kerberos server in the first
realm
7/10/2013
KERBEROS
22

23. Request for Service in another realm:
7/10/2013
KERBEROS
23

24. KERBEROS Version 5 versus Version4
 Environmental shortcomings of Version 4:
 Encryption system dependence: DES
 Message byte ordering
 Internet protocol dependence
 Ticket lifetime
 Authentication forwarding
 Inter-realm authentication
7/10/2013
KERBEROS
24

25. KERBEROS Version 5 versus Version4
 Technical deficiencies of Version 4:
 Double encryption
 Session Keys
 Password attack
 Mode of Encryption
7/10/2013
KERBEROS
25

26. New Elements in Kerberos Version 5
 Realm
 Indicates realm of the user
 Options
 Times
 From: the desired start time for the ticket
 Till: the requested expiration time
 Rtime: requested renew-till time
 Nonce
 A random value to assure the response is fresh
7/10/2013
KERBEROS
26

27. Kerberos Version 5 Message Exchange:1

To obtain ticket-granting ticket:
(1)C  AS : Options || IDc || Realmc || IDtgs ||Times ||
Nonce1
(2) AS  C : Realmc || IDc || Ticket tgs ||
EKc [ Kc,tgs || IDtgs || Times || Nonce1 ||| Realm tgs ]
Ticket tgs= EKtgs [ Flags || Kc,tgs || Realm c ||
IDc || ADc || Times]
7/10/2013
KERBEROS
27

28. Kerberos Version 5 Message Exchange:2
 To obtain service-granting ticket :
(3)C  TGS : Options || IDv || Times || Nonce2 || Ticket tgs ║
Authenticator c
(4)TGS  C : Realmc || IDc || Ticket v || EK c,tgs [ Kc,v ║Times||
Nonce2 || IDv ║ Realm v]
Ticket tgs= EKtgs [ Flags || Kc,tgs || Realm c || IDc || ADc ||
Times]
Ticket v : EK v [Kc,,v ║ Realmc || IDc ║ ADc ║ Times ]
Authenticator c : EK c,tgs [IDc ║ Realmc ║ TS1]
7/10/2013
KERBEROS
28

29. Kerberos Version 5 Message Exchange:3
 To obtain service
(5) C  S : Options || Ticket v|| Authenticator c
(6) S  C : EK c,v [TS2|| Subkey || Seq# ]
 Ticket v : EK v [Flags || Kc,v || Realmc ||
IDc || ADc || Times ]
 Authenticator c : EK c,v [IDc || Realmc ||
TS2 || Subkey|| Seq# ]
7/10/2013
KERBEROS
29

30. Kerberos : Strengths
 User's passwords are never sent across the
network, encrypted or in plain text
 Secret keys are only passed across the network in encrypted
form
 Client and server systems mutually authenticate
 It limits the duration of their users' authentication.
 Authentications are reusable and durable
7/10/2013
KERBEROS
30

31. Conclusion
 Kerberos is an authentication service using convention
encryption
 Kerberos the solution to network security is a protocol
designed to provide centralized authentication whose
function is to authenticate user to server and server to
user.
7/10/2013
KERBEROS
31

32. THANK YOU
7/10/2013
KERBEROS
32