kerberos_network authentication protocol

8/9/2019 Kerberos_Network Authentication Protocol

1/27

KERBEROSKERBEROS

Network authenticationNetwork authentication

protocolprotocol


2/27

KerberosKerberos

Authentication:Deals with confirmingAuthentication:Deals with confirmingidentity of a communication partner.identity of a communication partner.

Kerberos uses secretKerberos uses secret--key cryptograpy.key cryptograpy.

SecretSecret--key means key or password.key means key or password.

Secret both proves their identity andSecret both proves their identity andforms a seed of encryption.forms a seed of encryption.


3/27

Part of project Athena (MIT).Part of project Athena (MIT). Trusted 3rd party authenticationTrusted 3rd party authentication

scheme.scheme.

Assumes that hosts are notAssumes that hosts are nottrustworthy.trustworthy.

Requires that each client (each requestRequires that each client (each request

for service) prove its identity.for service) prove its identity. Does not require user to enterDoes not require user to enter

password every time a service ispassword every time a service isrequested!requested!

KERBEROSKERBEROS


4/27

KERBEROSKERBEROS

Kerberos is a cross-platform securenetwork authentication protocol

The protocol is currently at version 5

Kerberos provides authentication forclient/server applications (such as FTPand telnet) by using secret-key

cryptography Kerberos can be described as a identity-

verifying proxy or as a trusted third-partyauthentication system


5/27

Kerberos DesignKerberos Design

User must identify itself once at theUser must identify itself once at thebeginning of a workstation sessionbeginning of a workstation session(login session).(login session).

Passwords are never sent across thePasswords are never sent across thenetwork in clear text (or stored innetwork in clear text (or stored in

memory)memory)


6/27

Kerberos Design (cont.)Kerberos Design (cont.)

Every user has a password.Every user has a password.

Every service has a password.Every service has a password.

The only entity that knows all theThe only entity that knows all thepasswords is thepasswords is theAuthentication ServerAuthentication Server..


7/27

ServerServerServerServerServerServerServerServer

KerberosKerberosDatabaseDatabase

Ticket GrantingTicket Granting

ServerServer

AuthenticationAuthentication

ServerServer

WorkstationWorkstation

Kerberos Key Distribution ServiceKerberos Key Distribution Service


8/27

Secret Key CryptographySecret Key Cryptography

The encryption used by currentThe encryption used by currentKerberos implementations is DES,Kerberos implementations is DES,although Kerberos V5 has hooks soalthough Kerberos V5 has hooks so

that other algorithms can be used.that other algorithms can be used.

encryptionencryptionplaintextplaintext ciphertextciphertext

keykeyciphertextciphertext plaintextplaintext

decryptiondecryption


9/27

TicketsTickets

Each request for a service requires aEach request for a service requires aticket.ticket.

A ticket provides a single client withA ticket provides a single client withaccess to a single server.access to a single server.


10/27

Tickets (cont.)Tickets (cont.)

Tickets are dispensed by the TicketTickets are dispensed by the TicketGranting Server (Granting Server (TGSTGS), which has), which hasknowledge of all the encryption keys.knowledge of all the encryption keys.

Tickets are meaningless to clients, theyTickets are meaningless to clients, theysimply use them to gain access tosimply use them to gain access to

servers.servers.


11/27

Tickets (cont.)Tickets (cont.)

TheThe TGSTGSseals (encrypts) each ticketseals (encrypts) each ticketwith the secret encryption key of thewith the secret encryption key of theserver.server.

Sealed tickets can be sent safely over aSealed tickets can be sent safely over anetworknetwork -- only the server can makeonly the server can makesense out of it.sense out of it.

Each ticket has a limited lifetime (a fewEach ticket has a limited lifetime (a fewhours).hours).


12/27

Ticket ContentsTicket Contents

Client name (user login name)Client name (user login name) Server nameServer name Client Host network addressClient Host network address Session Key for Client/ServerSession Key for Client/Server Ticket lifetimeTicket lifetime

Creation timestampCreation timestamp


13/27

Session KeySession Key

Random number that is specific to aRandom number that is specific to asession.session.

Session Key is used toSession Key is used to sealsealclientclientrequests to server.requests to server.

Session Key can be used to sealSession Key can be used to sealresponses (application specific usage).responses (application specific usage).


14/27

AuthenticatorsAuthenticators

Authenticators prove a clients identity.Authenticators prove a clients identity. Includes:Includes:

Client user name.Client user name.

Client network address.Client network address.

Timestamp.Timestamp.

Authenticators are sealed with aAuthenticators are sealed with asession key.session key.


15/27

BootstrapBootstrap

Each time a client wants to contact aEach time a client wants to contact aserver, it must first ask the 3rd partyserver, it must first ask the 3rd party((TGSTGS) for a ticket and session key.) for a ticket and session key.

In order to request a ticket from theIn order to request a ticket from theTGSTGS, the client must already have a TG, the client must already have a TGticket and a session key forticket and a session key forcommunicating with thecommunicating with the TGSTGS!!


16/27

Authentication ServerAuthentication Server

The client sends aThe client sends a plaintextplaintextrequest torequest tothethe ASASasking for a ticket it can use toasking for a ticket it can use totalk to thetalk to the TGSTGS..

REQUEST:REQUEST: login namelogin name

TGSTGSnamename

Since this request contains only wellSince this request contains only well--known names, it does not need to beknown names, it does not need to besealed.sealed.


17/27


18/27


TheThe ASASfinds the keys corresponding tofinds the keys corresponding tothe login name and thethe login name and the TGSTGSname.name.

TheThe ASAScreates a ticket:creates a ticket: login namelogin name

TGSTGSnamename

client network addressclient network address

TGSTGSsession keysession key

TheThe ASASseals the ticket with theseals the ticket with the TGSTGSsecret key.secret key.


19/27


ResponseResponse

TheThe ASASalso creates a random sessionalso creates a random session

key for the client and thekey for the client and the TGSTGSto use.to use. The session key and the sealed ticketThe session key and the sealed ticket

are sealed with the user (login name)are sealed with the user (login name)secret key.secret key.


20/27

TGS session key

Ticket:login name

TGS name

net address

TGS session key

Sealed with user keySealed with user key

Sealed with TGS keySealed with TGS key


21/27

Accessing theAccessing the TGSTGS

The client decrypts the message usingThe client decrypts the message usingthe users password as the secret key.the users password as the secret key.

The client now has a session key andThe client now has a session key and

ticket that can be used to contact theticket that can be used to contact theTGSTGS..

The client cannot see inside the ticket,The client cannot see inside the ticket,

since the client does not know thesince the client does not know theTGSTGS

secret key.secret key.


22/27

Accessing a ServerAccessing a Server

When a client wants to start using aWhen a client wants to start using aserver (service), the client must firstserver (service), the client must firstobtain a ticket.obtain a ticket.

The client composes a request to sendThe client composes a request to sendto theto the TGSTGS::

TGS Ticket

Authenticator

Server Name

sealed withsealed with

TGS keyTGS key

sealed with

session key


23/27

TGSTGSresponseresponse

TheThe TGSTGSdecrypts the ticket using itsdecrypts the ticket using itssecret key. Inside is the TGS sessionsecret key. Inside is the TGS sessionkey.key.

TheThe TGSTGSdecrypts the Authenticatordecrypts the Authenticatorusing the session key.using the session key.

TheThe TGSTGScheck to make sure logincheck to make sure loginnames, client addresses andnames, client addresses and TGSTGSserver name are all OK.server name are all OK.

TGSTGSmakes sure the Authenticator ismakes sure the Authenticator isrecent.recent.


24/27

TGSTGSResponseResponse

Once everything checks outOnce everything checks out -- the TGS:the TGS:

builds a ticket for the client andbuilds a ticket for the client andrequested server. The ticket is sealedrequested server. The ticket is sealed

with the server key.with the server key. creates a session keycreates a session key seals the entire message with the TGSseals the entire message with the TGS

session key and sends it to the client.session key and sends it to the client.


25/27

Client accesses ServerClient accesses Server

The client now decrypts theThe client now decrypts the TGSTGSresponse using the TGS session key.response using the TGS session key.

The client now has a session key forThe client now has a session key for

use with the new server, and a ticket touse with the new server, and a ticket touse with that server.use with that server.

The client can contact the new serverThe client can contact the new serverusing the same format used to accessusing the same format used to accessthethe TGSTGS..


26/27

Kerberos SummaryKerberos Summary

Every service request needs a ticket.Every service request needs a ticket. Tickets come from the TGS (except theTickets come from the TGS (except the

ticket for the TGS!).ticket for the TGS!).

Workstations cannot understandWorkstations cannot understandtickets, they are encrypted using thetickets, they are encrypted using theserver key.server key.

Every ticket has an associated sessionEvery ticket has an associated sessionkey.key. Tickets are reusableTickets are reusable..


27/27

Kerberos Summary (cont.)Kerberos Summary (cont.)

Tickets have a finite lifetime.Tickets have a finite lifetime. Authenticators are only used once (newAuthenticators are only used once (new

connection to a server).connection to a server).

Authenticators expire fast !Authenticators expire fast ! Server maintains list of authenticatorsServer maintains list of authenticators

(prevent stolen authenticators).(prevent stolen authenticators).

There is a lot more to Kerberos!!!There is a lot more to Kerberos!!!

kerberos_network authentication protocol

Documents