Users have complete control of their workstations: they canreboot them, bring them up standalone, or even boot off their own tapes. As such, the third approach must be taken; the user must prove her/his identity for each desired service. Theserver must also prove its identity. It is not sufficient to physically secure the host running a network server; someoneelsewhere on the network may be masquerading as the givenserver.The environment places several requirements on anidentification mechanism. First, it must be secure.Circumventing it must be difficult enough that a potentialattacker does not find the authentication mechanism to be theweak link. Someone watching the network should not be ableto obtain the information necessary to impersonate another user. Second, it must be reliable. Access to many services willdepend on the authentication service. If it is not reliable, thesystem of services as a whole will not be. Third, it should betransparent. Ideally, the user should not be aware of authentication taking place. Finally, it should be scalable.Many systems can communicate with Athena hosts. Not all of these will support the mechanism, but software should not break if they did.Kerberos
is the result of our work to satisfy the aboverequirements. When a user walks up to a workstation she/he“logs in”. As far as the user can tell, this initial identificationis sufficient to prove her/his identity to all the requirednetwork servers for the duration of the login session. Thesecurity of Kerberos
relies on the security of severalauthentication servers, but not on the system from which userslog in, or on the security of the end servers that will be used.The authentication server provides a properly authenticateduser with a way to prove her/his identity to servers scatteredacross the network.
Kerberos is a computer network authentication protocol,which allows nodes communicating over a non-securenetwork to prove their identity to one another in a securemanner. The Kerberos protocol is designed to provide reliableauthentication over open and insecure networks wherecommunications between the hosts belonging to it may beintercepted. However, one should be aware that Kerberos doesnot provide any guarantees if the computers being used arevulnerable: the authentication servers, application servers andclients must be kept constantly updated so that the authenticityof the requesting users and service providers can beguaranteed. Thus we can say that: "Kerberos is anauthentication protocol for trusted hosts on untrustednetworks".Kerberos
is a trusted third-party authentication service based on the model presented by Needham and Schroeder. Itis trusted in the sense that each of its clients believesKerberos’ judgement as to the identity of each of its other clients to be accurate. Timestamps (large numbersrepresenting the current date and time) have been added to theoriginal model to aid in the detection of replay. Replay occurswhen a message is stolen off the network and resent later.
Kerberos uses as its basis the symmetric Needham-Schroeder protocol.
An approach to secure authentication is the Needham-Schroeder protocol. It defines a three-party authenticationservice and five step message chain. In the very first step theclient requests a session key for communication with a certainservice. The requested session key and a message encryptedfor the service is send back to the client encrypted with theclient’s key to protect it in an open network. The clientforwards the part for the service (which is encrypted with theservice key) to the desired service. After that the servicegenerates a random message which is sent back to the clientencrypted with the session key. This random message istransformed in a predefined way and sent back to the server encrypted with the session key as well to prove that A was thesender of message number three. After performing these fivesteps the service can be sure that the client has authenticateditself correctly, because only the client knows the key todecrypt message two.This protocol is no longer considered secure as B does notknow if the key is fresh. If an attacker obtains an old key he or she can perform a replay attack and convince B that the keythey hold is the current key of A.
2) Needham-Schroeder in Kerberos
Kerberos uses a variant of Needham-Schroeder, which usestimestamps on every message to avoid the problem mentionedabove. Due to the fact that it is a problem to keep all clocksreturning exact the same time in a network environment, everymessage is valid in a time window from five minutes in the past to five minutes in the future. In a short time slot of tenminutes length replay attacks are impeded by a replay cacheheld by every service. Messages are cached as long as they arevalid and authentication attempts using messages which arealready held in cache can be refused.
This section provides the definition of the objects andterms, knowledge of which is essential for the subsequentdescription of the Kerberos protocol.