Chapter Eight

Authentication Application

Md. Rafiqul Islam 1

 Authentication Applications
 will consider authentication functions
 developed to support application-level
authentication & digital signatures
 will consider Kerberos – a private-key
authentication service
 then X.509 - a public-key directory
authentication service

Md. Rafiqul Islam 2

 Kerberos
 trusted key server system from MIT
 provides centralised private-key third-party
authentication in a distributed network
 allows users access to services distributed through
network
 without needing to trust all workstations
 rather all trust a central authentication server
 two versions in use: Kerberos 4 & Kerberos 5

Md. Rafiqul Islam 3

 Kerberos
 In a secure networking system when a user on
a client wants to get service from a server s/he
must be authenticated.
 A network with Kerberos authentication service
grants access to the server if the user is
authenticated by Kerberos.
 That is, before getting service from a service
server, the user must go through Kerberos.

Md. Rafiqul Islam 44

 Kerberos Requirements
 its first report identified requirements as:
 secure
 reliable
 transparent
 scalable
 implemented using an authentication protocol
based on Needham-Schroeder

Md. Rafiqul Islam 5

 Kerberos v4 Overview
 a basic third-party authentication scheme
 have an Authentication Server (AS)
 users initially negotiate with AS to identify themself
 AS provides a non-corruptible authentication
credential (ticket granting ticket TGT)
 have a Ticket Granting server (TGS)
 users subsequently request access to other services
from TGS on basis of users TGT

Md. Rafiqul Islam 6

 Kerberos

AS –
Kerberos
Authentication
Server (First
server) AS

TGS – Ticket
Granting Clients
Server
(Second
server).
TGS
All the users
will be
registered
users.

Md. Rafiqul Islam 77

 Kerberos v4 Dialogue
Overview of client authentication:
1. Client obtains ticket granting ticket from AS
• once per session
2. Client obtains service granting ticket from
TGS
• for each distinct required service
3. Server accepts the request of client if
authenticated. Otherwise rejects the request.

Md. Rafiqul Islam 8

 Dialogue of Client and AS
Request (m1)

Client (CL)
Reply ( C1)
AS

m1 = idcl + idtgs
C1 is an encrypted text and it contains Ticket Granting ticket (First Ticket)
C1 = E (Kcl, E-TGTAS- tgs)
The client opens C1 using his key Kcl and find E-TGTAS-tgs.
E-TGTAS-tgs is an encrypted ticket issued by AS for TGS, and the client
can not open it, but it will send it to the TGT (Ticket Granting Server).
Kcl is derived from password of the client, Kcl = H(pwd).
Where H is hash function and pwd is the password. Here, idcl and idtgs are
the ID of the client and TGS respectively.
Md. Rafiqul Islam 99
 Dialogue of Client and TGS
Request (m2)

Client (CL) E- SGTss

TGS
m2 = idcl + idss + E-TGTAS-tgs
TGS receives m2 and finds E-TGTAS-tgs, which is encrypted
with Ktgs. Ktgs is the key of TGS.
E-TGTAS-tgs = E (Ktgs, [idcl + adcl + idtgs + TS1 + LT1])
The TGS opens E-TGTAS-tgs and validates the client. If the client is valid one,
It sends E- SGTtgs-ss (Service Granting Ticket), which is also encrypted.
E-SGT is the second ticket that would be received by the client.

Md. Rafiqul Islam 1010

 Dialogue of Client and TGS
What are inside the first ticket:
TGTAS-tgs = E (Ktgs, [idcl + adcl + idtgs + TS1 + LT1])

TGTAS-tgs is issued by AS for TGS, and is encrypted using Ktgs

is the key of ticket granting server.
The notations are:
id –ID, TGT – Ticket granting ticket, AS- authentication
server
cl – Client, tgs –ticket granting server
ad – address, TS –Time stamp, LT – Life time (period)

Md. Rafiqul Islam 1111

 Dialogue of Client and SS
Request (m3)

Client (CL) Accept

or reject SS
m3 = idcl + E-SGTtgs-ss
E-SGTtgs-ss = E (Kss, [adcl + idcl + TS2 + LT2])
The above encrypted ticket is issued by TGS for
SS.

Md. Rafiqul Islam 1212

 Dialogue between Client and SS
After receiving request message, m3 Service
Server (SS) opens E-SGT with Kss and finds adcl
and idcl. If the client is a valid one, SS accepts
the request otherwise the request will be
rejected.

Md. Rafiqul Islam 1313

 Dialogue at a glance
1) Client to AS:
m1 = idcl + idtgs
C1 = E (Kcl, E-TGTAS-tgs) – Encrypted ticked given By AS
E-TGTAS-tgs = E (Ktgs, [idcl + adcl + idtgs + TS1 + LT1]
2) Client to TGS:
m2 = idcl + idss + E-TGTAS-tgs
E-SGTtgs-ss = E (Kss, [adcl + idcl + TS2 + LT2]) –
Encrypted ticket given by TGS
3) Client to SS: m3 = idcl + E-SGTss
Response: Accept or reject.
Md. Rafiqul Islam 1414
 Dialogue at a glance
Request (m1)

Client (CL) Reply ( C1)

Re
que
AS
st (
m
2 )
Accept Rep
ly (E-
SG
or m3 Tss )
Reject
TGS

SS

Md. Rafiqul Islam 1515

 Detail of the protocol
1. The client sends a request message (m1)
to the authentication server (AS) message
containing user’s identifier (id) along
with the identifier of ticket granting
server (idtgs).

m1 = idcl + idtgs

Md. Rafiqul Islam 1616

 Detail of the protocol
2. The authentication server response with a cipher
text ,C1 which contains a ticket (TGT – ticket granting
ticket). This is first ticket. The cipher text is produced
with the ticket and a key of the client derived from the
password of the user stored in the server.
C1 = E (Kcl, E-TGTAS-tgs),
E-TGTAS-tgs = E (Ktgs, [idcl + adcl + idtgs + TS1 +
LT1])
The ticket is also an encrypted text using a key,
Kkgs is shared by the ticket granting server (TGS)
and the authentication server.
Md. Rafiqul Islam 1717
 Detail of the protocol
3. After getting C1, the client uses password to
generate key and decrypts C1 to recover the
ticket, E-TGTAS-tgs.

4. Next, the client transmits a message (m2) to

the TGS containing the user’s id and the id of
the service server(SS) and the ticket.

m2 = idcl + idss + E-TGTAS-tgs

Md. Rafiqul Islam 1818

 Detail of the protocol
5. The TGS decrypts the incoming ticket (E-TGT)
and verifies the presence of its id, user id and
client address to authenticate the user. If the
user is a legitimate user, then the TGS issues a
ticket (SGT – service granting ticket) to grant
access to the service server. This is second
ticket.

E-SGTtgs-ss = E (Kss, [adcl + idcl + TS2 + LT2])

Md. Rafiqul Islam 1919

 Detail of the protocol
6. The client sends the request message m3, to
the service server. The request message
contains the user’s id, the E-SGT. The server
authenticates the user by verifying the contents
of the ticket. Since E-SGT contains Kss, which is
shared by the TGS and SS, so if Kss and other
information are in original forms then it leads
the user authentication.
m3 = idcl + SGTss
E-SGTtgs-ss = E (Kss, [adcl + idcl + TS2 + LT2])

Md. Rafiqul Islam 2020

 Kerberos 4 Overview

Md. Rafiqul Islam 21

 Kerberos Realms
 a Kerberos environment consists of:
 a Kerberos server
 a number of clients, all registered with server
 application servers, sharing keys with server
 this is termed a realm
 typically a single administrative domain
 if have multiple realms, their Kerberos servers
must share keys and trust

Md. Rafiqul Islam 22

 Kerberos Realms

Md. Rafiqul Islam 23

 Kerberos Version 5
 developed in mid 1990’s
 specified as Internet standard RFC 1510
 provides improvements over v4
 addresses environmental shortcomings
encryption alg, network protocol, byte order, ticket
lifetime, authentication forwarding, interrealm auth
 and technical deficiencies
double encryption, non-std mode of use, session keys,
password attacks

Md. Rafiqul Islam 24

 Thank You.

Md. Rafiqul Islam 25