1CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieLecture Outline Internet Authentication Applications– Kerberos (remote log in)– X.509 (Directory Authentication Services – S/MIME) (Friday)– PGP (Friday)– Computer and Network Forensics (next week)2CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieInternet Authentication Applications Some approaches that organizations use to secure networked servers and hosts (remote log in)– Biometric facilities– Systems that generate one-time passwords• Problem with the above – they require specialized equipment– expensive– e.g. DES gold card used by banks Another solutions is to use authentication software tied to a secure authentication server – approach taken by Kerberos MIT Available both in the public domain and commercially supported versions Kerberos is widely used – very popular – defacto standard for remote authentication3CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieOverall Scheme of Kerberos 3rdparty authentication service Clients and servers both trust a Kerberos server to mediate their mutual authenticationuser atclientremoteserver4CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieKerberos Overview Authentication Server (AS) – user initially negotiate with AS to identify self – AS provides a non-corruptible authentication credential (ticket-granting ticket TGT)  Ticket Granting server (TGS)– user subsequently request access to other services from TGS on basis of its TGT5CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieHow to do send verification securely User at the Client should not have to send password to the AS - over the network Kerberos should not have to send a plaintext message to the server to validate the client – over the network Some form of _________________ should be used In fact the DES is used The AS shares a unique and secret key with each server– these keys must be physically – or by some other secure manner – be exchanged beforehand6CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieUser and Client interaction with AS7CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieTicket Granting Ticket (TGT) This ticket contains:– indication that AS has accepted this client and its user– the user’s ID– the server’s ID– a timestamp– a TTL– copy of the same session key sent in the outer message to the client The entire ticket is encrypted using a secret DES key shared by the AS and the server – thus no one can tamper with the ticket8CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieTicket Granting Server (TGS) Recall that the AS served the client the secret session key encrypted by the user’s password (it was also buried in the TGT) - SKsession Recall that the TGT is encrypted with a secret DES key This DES key is shared by the AS and the server9CSCI 415: Computer and Network Security Dr. Nazli HardyKerberosAdapted from Computer Security: Principles and Practice, Stallings and LawrieServer The TGT is thus decrypted using the __________ by the server When the TGT is decrypted, it reveals the _______________ Remember the Client also has access to the