Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
24Activity
0 of .
Results for:
No results containing your search query
P. 1
Kerberos seminar report

Kerberos seminar report

Ratings: (0)|Views: 2,124 |Likes:
Published by Naveen Krishnan
Kerberos is an open standard for network authentication
Kerberos is an open standard for network authentication

More info:

Published by: Naveen Krishnan on Dec 13, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less

12/16/2012

pdf

text

original

 
Kerberos
 Department of Computer ScienceMahatma Gandhi College of Engineering Vandithadam, Thiruvananthapuram, India
 Abstract -
 
In an open network computing environment, aworkstation cannot be trusted to identify its users correctly tonetwork services. Kerberos provides an alternative approachwhereby a trusted third-party authentication service is used toverify usersidentities. This paper gives an overview of theKerberos authentication model as implemented for MIT’sProject Athena. It describes the protocols used by clients,servers, and Kerberos to achieve authentication. It also describesthe management and replication of database required. Kerberosis a computer network authentication protocol, which allowsnodes communicating over a non-secure network to provide theiridentity to one another in a secure manner. Its designers aimedprimarily at a client-server model, and it provides mutualauthentication – both the user and the server verify each other’sidentity. Kerberos protocol messages are protected againsteavesdropping and replay attacks. It is designed to providestrong authentication for client-server applications by usingsecret-key cryptography. In summary, Kerberos is a solution tothe network security problems. It provides the tools of authentication and strong cryptography over the network to helpuser secure his information systems across the entire enterprise.
I.
I
 NTRODUCTION
 
Computer security has been a problem since the very beginning. Proper authentication and protection usingcryptographic methods is a must in today’s electroniccommunication. Kerberos provides an infrastructure toachieve this using symmetric cryptography.
 A.History
Kerberos was developed at the Massachusetts Institute of Technology (MIT) during a project intended to integratecomputers into the university’s undergraduate curriculum. The project, called Athena, started in 1983 with UNIX timesharingcomputers, having several terminals connected to each one, but without a network connection. If a student or staff member wanted to use any of the computers, he or she sat down at oneof these terminals. As soon as the terminals and old computerswere substituted by newer workstations with networconnection, the project’s goal was to allow any user to sitdown at the workstation of his or her choice accessing his dataover the network (which is a very common scenario for everynetwork today). The problem of network eavesdropping became apparent. Since the network has been accessible fromall over the campus, nothing prevented students from runningnetwork monitoring tools and learning other users and root passwords. Another big problem was some PC/ATs whichwere lacking even fundamental internal security. To protectthe users’ data in the network environment as it had been protected in the timesharing environment Kerberos wasinvented. Kerberos is an authentication system that usessymmetric key cryptography to protect sensitive informationon an open network. It is a ticket based system that issues aticket encrypted with the user’s password when he or she logsin. The user decrypts the ticket and uses it to obtain tickets for other network services he or she wants to use. Because allinformation in tickets is encrypted, it is not susceptible toeavesdropping or misappropriation.MIT developed Kerberos to protect network services provided by Project Athena. The protocol was named after theGreek mythological character Kerberos (or Cerberus), knownin Greek mythology as being the monstrous three-headedguard dog of Hades.
 B.Motivation
In a network of users requiring services from manyseparate computers, there are three approaches one can take toaccess control: One can do nothing, relying on the machine towhich the user is logged in to prevent unauthorized access;one can require the host to prove its identity, but trust thehost’s word as to who the user is; or one can require the user to prove her/his identity for each required service.In a closed environment where all the machines are under strict control, one can use the first approach. When theorganization controls all the hosts communicating over thenetwork, this is a reasonable approach.In a more open environment, one might selectively trustonly those hosts under organizational control. In this case,each host must be required to prove its identity. In those protocols, authentication is done by checking the Internetaddress from which a connection has been established.In the Athena environment, we must be able to honor requests from hosts that are not under organizational control.
 
Users have complete control of their workstations: they canreboot them, bring them up standalone, or even boot off their own tapes. As such, the third approach must be taken; the user must prove her/his identity for each desired service. Theserver must also prove its identity. It is not sufficient to physically secure the host running a network server; someoneelsewhere on the network may be masquerading as the givenserver.The environment places several requirements on anidentification mechanism. First, it must be secure.Circumventing it must be difficult enough that a potentialattacker does not find the authentication mechanism to be theweak link. Someone watching the network should not be ableto obtain the information necessary to impersonate another user. Second, it must be reliable. Access to many services willdepend on the authentication service. If it is not reliable, thesystem of services as a whole will not be. Third, it should betransparent. Ideally, the user should not be aware of authentication taking place. Finally, it should be scalable.Many systems can communicate with Athena hosts. Not all of these will support the mechanism, but software should not break if they did.Kerberos
 
is the result of our work to satisfy the aboverequirements. When a user walks up to a workstation she/he“logs in”. As far as the user can tell, this initial identificationis sufficient to prove her/his identity to all the requirednetwork servers for the duration of the login session. Thesecurity of Kerberos
 
relies on the security of severalauthentication servers, but not on the system from which userslog in, or on the security of the end servers that will be used.The authentication server provides a properly authenticateduser with a way to prove her/his identity to servers scatteredacross the network.
II.
ERBEROS
 
Kerberos is a computer network authentication protocol,which allows nodes communicating over a non-securenetwork to prove their identity to one another in a securemanner. The Kerberos protocol is designed to provide reliableauthentication over open and insecure networks wherecommunications between the hosts belonging to it may beintercepted. However, one should be aware that Kerberos doesnot provide any guarantees if the computers being used arevulnerable: the authentication servers, application servers andclients must be kept constantly updated so that the authenticityof the requesting users and service providers can beguaranteed. Thus we can say that: "Kerberos is anauthentication protocol for trusted hosts on untrustednetworks".Kerberos
 
is a trusted third-party authentication service based on the model presented by Needham and Schroeder. Itis trusted in the sense that each of its clients believesKerberos’ judgement as to the identity of each of its other clients to be accurate. Timestamps (large numbersrepresenting the current date and time) have been added to theoriginal model to aid in the detection of replay. Replay occurswhen a message is stolen off the network and resent later.
 A.Protocol  
Kerberos uses as its basis the symmetric Needham-Schroeder protocol.
1)Needham-Schroeder Authentication
An approach to secure authentication is the Needham-Schroeder protocol. It defines a three-party authenticationservice and five step message chain. In the very first step theclient requests a session key for communication with a certainservice. The requested session key and a message encryptedfor the service is send back to the client encrypted with theclient’s key to protect it in an open network. The clientforwards the part for the service (which is encrypted with theservice key) to the desired service. After that the servicegenerates a random message which is sent back to the clientencrypted with the session key. This random message istransformed in a predefined way and sent back to the server encrypted with the session key as well to prove that A was thesender of message number three. After performing these fivesteps the service can be sure that the client has authenticateditself correctly, because only the client knows the key todecrypt message two.This protocol is no longer considered secure as B does notknow if the key is fresh. If an attacker obtains an old key he or she can perform a replay attack and convince B that the keythey hold is the current key of A.
2) Needham-Schroeder in Kerberos 
Kerberos uses a variant of Needham-Schroeder, which usestimestamps on every message to avoid the problem mentionedabove. Due to the fact that it is a problem to keep all clocksreturning exact the same time in a network environment, everymessage is valid in a time window from five minutes in the past to five minutes in the future. In a short time slot of tenminutes length replay attacks are impeded by a replay cacheheld by every service. Messages are cached as long as they arevalid and authentication attempts using messages which arealready held in cache can be refused.
III.
T
ERMINOLOGY
 
This section provides the definition of the objects andterms, knowledge of which is essential for the subsequentdescription of the Kerberos protocol.
 A.Realm
 
The term realm indicates an authentication administrativedomain. Its intention is to establish the boundaries withinwhich an authentication server has the authority toauthenticate a user, host or service. This does not mean thatthe authentication between a user and a service that they must belong to the same realm: if the two objects are part of different realms and there is a trust relationship between them,then the authentication can take place. This characteristic isknown as Cross-AuthenticationBasically, a user/service belongs to a realm if and only if he/it shares a secret (password/key) with the authenticationserver of that realm.The name of a realm is case sensitive, i.e. there is adifference between upper and lower case letters, but normallyrealms always appear in upper case letters. It is also good practice, in an organization, to make the realm name the sameas the DNS domain (in upper case letters though). Followingthese tips when selecting the realm name significantlysimplifies the configuration of Kerberos clients, above allwhen it is desired to establish trust relationships withsubdomains. By way of example, if an organization belongs tothe DNS domain example.com, it is appropriate that therelated Kerberos realm is EXAMPLE.COM.
 B.Principal 
A principal is the name used to refer to the entries in theauthentication server database. A principal is associated witheach user, host or service of a given realm. A principal inKerberos 5 is of the following type:component1/component2/.../componentN@REALMHowever, in practice a maximum of two components are used.For an entry referring to a user the principal is the followingtype: Name[/Instance]@REALMThe instance is optional and is normally used to better qualifythe type of user. For example administrator users normallyhave the admin instance. The following are examples of  principals referred to users:mark@EXAMPLE.COMadmin/admin@EXAMPLE.COM pluto/admin@EXAMPLE.COMIf, instead, the entries refer to services, the principals assumethe following form:Service/Hostname@REALM
C.Ticket 
A ticket is something a client presents to an applicationserver to demonstrate the authenticity of its identity. Ticketsare issued by the authentication server and are encrypted usingthe secret key of the service they are intended for. Since thiskey is a secret shared only between the authentication server and the server providing the service, not even the client whichrequested the ticket can know it or change its contents. Themain information contained in a ticket includes:
The requesting user's principal (generally theusername);
The principal of the service it is intended for;
The IP address of the client machine from which theticket can be used. In Kerberos 5 this field is optionaland may also be multiple in order to be able to runclients under NAT or multihomed.
The date and time (in timestamp format) when thetickets validity commences;
The ticket's maximum lifetime
The session key (this has a fundamental role which isdescribed below);Each ticket has expiration (generally 10 hours). This isessential since the authentication server no longer has anycontrol over an already issued ticket. Even though the realmadministrator can prevent the issuing of new tickets for acertain user at any time, it cannot prevent users from using thetickets they already possess. This is the reason for limiting thelifetime of the tickets in order to limit any abuse over time.
 D.Encryption 
Kerberos often needs to encrypt and decrypt the messages(tickets and authenticators) passing between the various participants in the authentication. It is important to note thatKerberos uses only symmetrical key encryption (in other words the same key is used to encrypt and decrypt).
1)Encryption type
 
Kerberos 4 implements a single type of encryption whichis DES at 56 bits. The weakness of this encryption plus other  protocol vulnerabilities has made Kerberos 4 obsolete.Version 5 of Kerberos, however, does not predetermine thenumber or type of encryption methodologies supported. It isthe task of each specific implementation to support and bestnegotiate the various types of encryption. However, thisflexibility and expandability of the protocol has accentuatedinteroperability problems between the variousimplementations of Kerberos 5. In order for clients andapplication and authentication servers using differentimplementations to interoperate, they must have at least oneencryption type in common. The difficulty related to theinteroperability between UNIX implementations of Kerberos5 and the one present in the Active Directory of Windows is aclassic example of this. Indeed, Windows Active Directory

Activity (24)

You've already reviewed this. Edit your review.
1 hundred reads
1 thousand reads
yogesh_research liked this
S Sowmya Cool liked this
chetan_nnn liked this
dhruvi13 liked this
nkt_rocks liked this

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->