Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this


  2. 2. OUTLINE • • • • • • • • • • What is Kerberos? Why Kerberos? Firewall Vs Kerberos Kerberos design How does Kerberos work? Application of Kerberos Comparison between version 4 and 5 Attacks on Kerberos Limitation of Kerberos References
  3. 3. WHAT IS KERBEROS? • Literal meaning: In Greek mythology,kerberos is a multi-headed dog (usually three) which gaurds the entrance of Hades. • Technically Kerberos is an authentication protocol implemented on Project Athena at MIT • Athena provides an open network computing environment • Each user has complete control of its workstation • But the workstations can not be trusted completely to identify its users to the network services • Kerberos acts as a third party authenticator - Helps the user to prove its identity to the various services and vice versa • Uses symmetrical cryptographic algorithms (private key cryptosystems) –Same key is used for encryption as well as decryption –Uses DES (Data Encryption Standard)
  4. 4. WHAT IS KERBEROS?…cont. What's with the 3 heads? ● Authentication – confirms that a user who is requesting services is a valid user of the network ● Authorization – granting of specific types of service to a user, based on their authentication ● Accounting – The tracking of the consumption of network resources by users
  5. 5. WHY KERBEROS? • Authentication is a key feature in a multi-user environment. • Sending usernames and passwords over the network is not secure. • Each time a password is sent in the network, there is a chance for interception. Problem: Cannot trust workstation to identify their users correctly in an open distributed environment Solution: – Building elaborate authentication protocols at each server – A centralized authentication server (Kerberos)
  6. 6. FIREWALL VS KERBEROS • Firewall make a risky assumption that attackers are coming from the outside. In reality attacks frequently come from within. • Kerberos assumes that network connections (rather than servers and workstations) are the weak link in network security.
  7. 7. HOW DOES KERBEROS WORK? ….cont. • To request a service from a server, the client goes through three phases of authentication • Phase 1 –The client requests a ticket from the Kerberos –Kerberos grants a ticket and a session key –The ticket is used for requesting other tickets for various services –Ticket conveys the identity of the client to the server –The session key is used for conversation between the client and the server
  8. 8. HOW DOES KERBEROS WORK? ….cont. Phase 2 –The client uses the ticket of the first phase to request a ticket from the ticket granting server (TGS) for a specific service Phase 3 –The client presents the key to the server for the service
  9. 9. A more detailed look… AUTHENTICATION SERVER • The client sends a plaintext request to the AS asking for a ticket it can use to talk to the TGS. • Request: -Login name -TGS name • Since this request contains only well-known names, it does not need to be sealed.
  10. 10. AUTHENTICATION SERVER • The AS finds the keys corresponding to the login name and the TGS name. • The AS creates a ticket: – Login name – TGS name – Client network address – TGS session key • The AS seals the ticket with the TGS secret key.
  11. 11. AUTHENTICATION SERVER RESPONSE • The AS also creates a random session key for the client and the TGS to use. • The session key and the sealed ticket are sealed with the user (login name) secret key. Sealed with TGS key Ticket: TGS session key Sealed with user key login name TGS name net address TGS session key
  12. 12. ACCESSING THE TGS • The client decrypts the message using the user’s password as the secret key. • The client now has a session key and ticket that can be used to contact the TGS. • The client cannot see inside the ticket, since the client does not know the TGS secret key.
  13. 13. ACCESSING A SERVER • When a client wants to start using a server (service), the client must first obtain a ticket. • The client composes a request to send to the TGS Sealed with TGS key TGS Ticket Authenticator Server Name Sealed with session key
  14. 14. TGS RESPONSE • The TGS decrypts the ticket using it’s secret key. Inside is the TGS session key. • The TGS decrypts the authenticator using the session key. • The TGS check to make sure login names, client addresses and TGS server name are all ok. • TGS makes sure the authenticator is recent.
  15. 15. TGS RESPONSE Once everything checks out - the TGS: • Builds a ticket for the client and requested server. The ticket is sealed with the server key. • Creates a session key • Seals the entire message with the TGS session key and sends it to the client
  16. 16. CLIENT ACCESSES SERVER • The client now decrypts the TGS response using the TGS session key. • The client now has a session key for use with the new server, and a ticket to use with that server. • The client can contact the new server using the same format used to access the TGS.
  17. 17. WHY TWO SERVERS? Note that –First phase is used for user-authentication (using the id and password) –Second and third phase may continue several times with the same TGT granted by the first phase In absence of this additional phase –For each service, the user needs to authenticate itself using its password –Once the intruder gets the first session key, it can continue doing malicious works throughout the session –That’s why life and timestamp are mentioned
  18. 18. APPLICATIONS OF KERBEROS • Windows servers use Kerberos as the primary authentication protocol. • Telnet/FTP uses Kerberos. • Authentication for web services. • Authenticating email client and servers.
  19. 19. comparison between version 4 and 5 Version 4 • Environmental drawbacks – Encryption system dependence – Internet protocol dependence – Message format – Ticket lifetimes – Authentication forwarding – Inter-realm authentication
  20. 20. VERSION 4 • Technical deficiencies – Double Encryption (Bellovin and Merritt [Bel90]) – PCBC encryption – Authenticators and replay detection – Password attacks – Session keys – Cryptographic checksum – Kerberised
  21. 21. ATTACKS ON KERBEROS • • • • KDC security Availability Replay attacks Password-guessing attacks
  22. 22. Limitations of Kerberos
  23. 23. REFERENCES Books o Computer Networks by Andrew S Tanenbaum, Fifth Edition. o Data Communications and Networking by Behrouz A Forouzan, Fourth Edition. Websites
  24. 24. KERBEROS DESIGN • • • • • • • • Every User has a password. Every service has a password. Password are never sent across the network in clear text(or stored in memory) User must identify himself once at the beginning of a workstation session(login session) The only entity that knows all the passwords is the AUTHENTICATION SERVER (AS) Every user shares its private secret key with the AUTHENTICATION SERVER -User X doesn’t know the private key of user Y. Key Distribution: When X wants to communicate with Y, they need to use a secret key between them -AS is responsible for distributing this session key (conversation key) between X and Y Everybody has to trust AS
  25. 25. HOW DOES KERBEROS WORK? ….cont. • Instead of client (Alice) sending password to application server(Bob): -It Request TICKET From AUTHENTICATION SERVER -the TICKET and encrypted request is sent to application server(Bob). • How To Request Tickets Without Repeatedly Sending Credentials? – TICKET-GRANTING TICKET (TGT)