Transcript Network Security and Kerberos

Network Security
and Kerberos
Project Team: Tweety
Member: Arlene S. Yetnikoff
Topics of Discussion

General Network Security

Introduction to Kerberos
Network Objectives
 Message
 Delivery
received as sent
on time
 Message
protected as needed
Network Security: Challenges
Access paths
PREVIOUS
Access here!
PRESENT
Access here!
Network
Application
System Software
Access here!
Access here!
Access
Access here!
Network Risks
 Integrity
 completeness
 accuracy
 Confidentiality
 authentication
 authorization
 Availability
 Relevance
 Infrastructure
Authentication
 Something
you know
 Something
you have
 Something
you are
Passwords
 Can
be made secure in a standalone environment
 Subject to sniffing attacks when
used over a network
 Network password solutions often
include encryption techniques
Encryption Techniques
 Symmetric
- Secret Key: the same key
for encryption and decryption. Tends to be
fast and is good for data encryption.
However, the key management issues
associated with secret key can be
significant.
e.g. DES = Data Encryption Standard
Encryption Techniques

Asymmetric - Public/Private Key: a publicly
known key for encryption and a private key
for decryption (or vice versa). Tends to be
slow and is generally only useful for
encrypting small amounts of data (such as
passwords, PINs and symmetric keys.)
e.g. RSA = Rivest, Shamir, Adleman
PGP = Pretty Good Privacy
(Phil Zimmerman)
Public Key Encryption
User A
User B’s
Public
Key
User B’s
Private
Key
User B
Decrypt
Message
Encrypted
Message
Encrypt
message
Only User B can read the message.
Digital signatures
User A
Message
or data


User A’s
Private
Key
User A’s
Public
Key
Digital
Encrypt
Decrypt
Signature
User B
Confirmed
message or
data
Anyone can read the message.
Non-repudiation - can only have come from
User A.
Kerberos - What Is It?



Authentication service developed by MIT
to allow users and services to
authenticate
Designed for client/server environments
Uses secret key cryptography - data
encryption standard (DES)
Why Is It Needed?
 Authentication
across a network to normal
services sends clear-text passwords,
capable of being discovered in a sniffing
attack
 Users are annoyed at having to type
passwords in often
 Services were developed, such as rlogin,
rsh, IDENT which used “authentication by
assertion”
Kerberos Authentication
 Kerberos Authentication
server issues
user a “ticket”
 User requests a remote service
 Remote service looks at ticket to verify
who the user is
Kerberos - How It Works


Both user and service must have “keys”
registered with the Kerberos
Authentication Server
User’s key is derived from a password he
chooses
Kerberos Session
kinit - call to initially set up ticket
prompt for password


telnet - call to kerberized client
Request: User login name
Client
IP address
Authentication
Server
Key Distribution Center
kinit
Ticket Granting
Server
Auth
info
Client
TGT key
Kerberos key
User key
Auth info
Server session key
Service
Client
Auth
info
Service secret key
Kerberos - How It Works
Initialization


User requests a Kerberos “Ticket
Granting Ticket” (TGT) by running kinit
kinit builds a request which has:
 user
login name
 client machine IP address
 name of ticket - here it is krbtgt, the
Kerberos ticket-granting ticket

Kerberos looks in its database to see is
user is allowed to request a TGT on this
host
Kerberos - How It Works
Initialization

Kerberos sends user a message which
contains two copies of the ticket:
 One
copy is encrypted with Kerberos’
secret key
 One copy is in plain text

Entire message is encrypted with user’s
key
kinit client process receives message
and decrypts it based on the password
the user typed in
Kerberos - How It Works
Initialization


If the message decrypts correctly, kinit
puts the TGT into /tmp/tktuid where uid is
user’s user ID
kinit uses session key in the TGT to
encrypt an “authenticator” consisting of
principal name, IP address of client
machine and current time
Kerberos - How It Works
Service Request



User requests service, telnet, for
example
kerberized telnet client sends a request
to Kerberos server containing the TGT
stored in /tmp/tgtuid and the
authenticator
Kerberos uses its secret key to decrypt
the TGT, extracts the session key from
the TGT and decrypts the authenticator
Kerberos - How It Works
Service Request

To validate the user:
 Kerberos
compares the contents of the
authenticator to the contents of the TGT
 Kerberos compares the expiration
timestamp in the authenticator to the
current time

Kerberos builds a session key for the
telnet session, and makes two copies
 one
encrypted with TGT
 one encrypted with telnetd’s key
Kerberos - How It Works
Service Request



Session key sent to user
telnet client uses the TGT key to decrypt
the session key, and adds ticket to
Kerberos ticket file
telnet client builds an authenticator for
the ticket, encrypts it with the session key
and sends ticket which was encrypted
with telnetd key and authenticator to
telnetd service
Kerberos - How It Works
Service Request



telnetd service decrypts ticket with its
secret key to get the session key
telnetd service uses session key to
decrypt authenticator
if information in ticket and authenticator
agree, telnetd sends back a message to
the user and the session begins
Kerberos Limitations

Bad passwords are still subject to
a dictionary attack
 Kerberos
V4 subject to cracker
attack (worse than some standard
Unix security)
 Kerberos V5 subject to sniffer
attack


Passwords still subject to host
security
Trojan horses in Kerberos client
software can divulge passwords
Kerberos Limitations


Security over Kerberos database
containing users’ and services’
encryption keys must be strictly enforced
Security over master Kerberos password
must be kept
Other Security Enhancements

One-time Passwords
 Device
- SecurID
 List of passwords - SKey

Public-key Cryptography
Today


Code available for free from MIT
Some vendor support:
 Cygnus
 OpenVision
 DEC
 IBM


Many Universities and some government
institutions have implemented Kerberos
Not too many businesses have
implemented it
Benefits of Kerberos


No Clear Text Passwords Across
Internet
Users Do Not Need to Enter Password
Multiple Times
Future


Kerberos will use public-key
cryptography for the initial TGT request
Windows 2000 (formerly called NT 5.0)
will have a Kerberos implementation
References

The Moron's Guide to Kerberos, Version 1.2.2
http://gost.isi.edu/brian/security/kerberos.html

Kerberos: An Authentication Service for Computer
Networks
http://nii.isi.edu/publications/kerberos-neuman-tso.html
Kerberos References
http://sol.usc.edu/~laura/kerb_refs.html


RFC 1510
http://www.faqs.org/rfcs/rfc1510.html