Scribd Logo
Upload

Welcome to Scribd!

  • INS - Assignment 2 (TCS2223033)

    Uploaded by

    Kavinesh 123
    23 views6 pages

    Original Title

    INS_Assignment 2 (TCS2223033)

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    23 views6 pages

    INS - Assignment 2 (TCS2223033)

    Uploaded by

    Kavinesh 123

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Kavinesh Karuppaiah

    Roll-No: TCS2223033

    INS Assignment 2:

    Q.1) Discuss Kerberos authentication application.


    Ans)
    Kerberos provides a centralized authentication server whose function
    is to authenticate users to servers and servers to users. In Kerberos
    Authentication server and database is used for client authentication.
    Kerberos runs as a third-party trusted server known as the Key
    Distribution Center (KDC). Each user and service on the network is a
    principal. 
    The main components of Kerberos are: 
     Authentication Server (AS): 
    The Authentication Server performs the initial authentication
    and ticket for Ticket Granting Service.
     Database: 
    The Authentication Server verifies the access rights of users in
    the database. 
     Ticket Granting Server (TGS): 
    The Ticket Granting Server issues the ticket for the Server
    Kerberos Overview:
    1. Step-1: 
    User login and request services on the host. Thus, user requests
    for ticket-granting service. 
    2. Step-2: 
    Authentication Server verifies user’s access right using database
    and then gives ticket-granting-ticket and session key. Results are
    encrypted using the Password of the user. 
    3. Step-3: 
    The decryption of the message is done using the password then
    send the ticket to Ticket Granting Server. The Ticket contains
    authenticators like user names and network addresses. 
    4. Step-4: 
    Ticket Granting Server decrypts the ticket sent by User and
    authenticator verifies the request then creates the ticket for
    requesting services from the Server. 
    5. Step-5: 
    The user sends the Ticket and Authenticator to the Server. 
    6. Step-6: 
    The server verifies the Ticket and authenticators then generate
    access to the service. After this User can access the services.
    Kerberos Limitations:
     Each network service must be modified individually for use with
    Kerberos
     It doesn’t work well in a timeshare environment
     Secured Kerberos Server
     Requires an always-on Kerberos server
     Stores all passwords are encrypted with a single key
     Assumes workstations are secure
     May result in cascading loss of trust.
     Scalability
    Q.2) Explain working of Public-Key Cryptosystems?
    Ans) Public-key cryptography, or asymmetric cryptography, is an
    encryption scheme that uses two mathematically related, but not
    identical, keys - a public key and a private key. Unlike symmetric key
    algorithms that rely on one key to both encrypt and decrypt, each key
    performs a unique function. The public key is used to encrypt and the
    private key is used to decrypt.

    If B wants to send a confidential message to C, then B encrypts the


    message using C’s Public key. When C receives the message from B,
    then C can decrypt it using its own Private key. No other recipient
    other than C can decrypt the message because only C knows C’s
    private key.

    Q.3) What is dispute resolution in Message authentication? Explain


    any two properties of message authentication code (MAC).
    Ans)
    Message authentication is concerned with: protecting the integrity of
    a message, validating identity of originator and non-repudiation of
    origin (dispute resolution).
    A message authentication code (MAC) is a cryptographic checksum on
    data that uses a session key to detect both accidental and intentional
    modifications of the data.
    MAC algorithm is a symmetric key cryptographic technique to provide
    message authentication. For establishing MAC process, the sender
    and receiver share a symmetric key K.
    Essentially, a MAC is an encrypted checksum generated on the
    underlying message that is sent along with a message to ensure
    message authentication.

    Q.4) Explain working of Public-Key Cryptosystems?


    Ans) Public-key cryptography, or asymmetric cryptography, is an
    encryption scheme that uses two mathematically related, but not
    identical, keys - a public key and a private key. Unlike symmetric key
    algorithms that rely on one key to both encrypt and decrypt, each key
    performs a unique function. The public key is used to encrypt and the
    private key is used to decrypt.

    If B wants to send a confidential message to C, then B encrypts the


    message using C’s Public key. When C receives the message from B,
    then C can decrypt it using its own Private key. No other recipient
    other than C can decrypt the message because only C knows C’s
    private key. 

    Q.5) Discuss Kerberos authentication application.


    Ans)
    Kerberos provides a centralized authentication server whose function
    is to authenticate users to servers and servers to users. In Kerberos
    Authentication server and database is used for client authentication.
    Kerberos runs as a third-party trusted server known as the Key
    Distribution Center (KDC). Each user and service on the network is a
    principal. 
    The main components of Kerberos are: 
     Authentication Server (AS): 
    The Authentication Server performs the initial authentication
    and ticket for Ticket Granting Service.
     Database: 
    The Authentication Server verifies the access rights of users in
    the database. 
     Ticket Granting Server (TGS): 
    The Ticket Granting Server issues the ticket for the Server
    Kerberos Overview:
    1. Step-1: 
    User login and request services on the host. Thus, user requests
    for ticket-granting service. 
    2. Step-2: 
    Authentication Server verifies user’s access right using database
    and then gives ticket-granting-ticket and session key. Results are
    encrypted using the Password of the user. 
    3. Step-3: 
    The decryption of the message is done using the password then
    send the ticket to Ticket Granting Server. The Ticket contains
    authenticators like user names and network addresses. 
    4. Step-4: 
    Ticket Granting Server decrypts the ticket sent by User and
    authenticator verifies the request then creates the ticket for
    requesting services from the Server. 
    5. Step-5: 
    The user sends the Ticket and Authenticator to the Server. 
    6. Step-6: 
    The server verifies the Ticket and authenticators then generate
    access to the service. After this User can access the services.
    Kerberos Limitations:
     Each network service must be modified individually for use with
    Kerberos
     It doesn’t work well in a timeshare environment
     Secured Kerberos Server
     Requires an always-on Kerberos server
     Stores all passwords are encrypted with a single key
     Assumes workstations are secure
     May result in cascading loss of trust.
     Scalability

    You might also like