Authentication ApplicationsSlide 2KerberosKerberos RequirementsKerberos 4 OverviewSlide 6Kerberos RealmsKerberos Version 5X.509 Authentication ServiceX.509 CertificatesSlide 11Obtaining a CertificateCA HierarchyCA Hierarchy UseCertificate RevocationAuthentication ProceduresNonceSlide 18One-Way AuthenticationTwo-Way AuthenticationThree-Way AuthenticationX.509 Version 3Certificate ExtensionsAuthentication ApplicationsAuthentication ApplicationsWe cannot enter into alliance with We cannot enter into alliance with neighbouring princes until we are neighbouring princes until we are acquainted with their designs.acquainted with their designs.——The Art of WarThe Art of War, Sun Tzu, Sun TzuAuthentication ApplicationsAuthentication Applicationswill consider authentication functionswill consider authentication functionsdeveloped to support application-developed to support application-level authentication & digital level authentication & digital signaturessignatureswill consider Kerberos – a private-key will consider Kerberos – a private-key authentication serviceauthentication servicethen X.509 directory authentication then X.509 directory authentication serviceserviceKerberosKerberostrusted key server system from MIT trusted key server system from MIT provides centralised private-key third-provides centralised private-key third-party authentication in a distributed party authentication in a distributed networknetwork•allows users access to services distributed allows users access to services distributed through networkthrough network•without needing to trust all workstationswithout needing to trust all workstations•rather all trust a central authentication serverrather all trust a central authentication servertwo versions in use: 4 & 5two versions in use: 4 & 5Kerberos RequirementsKerberos Requirementsfirst published report identified its first published report identified its requirements as:requirements as:•security-an eavesdropper shouldn’t be able to get security-an eavesdropper shouldn’t be able to get enough information to impersonate the userenough information to impersonate the user•reliability- services using Kerberos would be reliability- services using Kerberos would be unusable if Kerberos isn’t availableunusable if Kerberos isn’t available•transparency-users should be unaware of its transparency-users should be unaware of its presencepresence•scalability- should support large number of usersscalability- should support large number of usersimplemented using a 3implemented using a 3rdrd party authentication party authentication scheme using a protocol proposed by scheme using a protocol proposed by Needham-Schroeder (NEED78)Needham-Schroeder (NEED78)Kerberos 4 OverviewKerberos 4 Overviewa basic third-party authentication schemea basic third-party authentication scheme•uses DES buried in an elaborate protocoluses DES buried in an elaborate protocolAuthentication Server (AS)Authentication Server (AS) •user initially negotiates with AS to identify self user initially negotiates with AS to identify self •AS provides a non-corruptible authentication AS provides a non-corruptible authentication credential (ticket-granting ticket TGT) credential (ticket-granting ticket TGT) Ticket Granting server (TGS)Ticket Granting server (TGS)•users subsequently request access to other users subsequently request access to other services from TGS on basis of users TGTservices from TGS on basis of users TGTKerberos 4 OverviewKerberos 4 OverviewKerberos RealmsKerberos Realmsa Kerberos environment consists of:a Kerberos environment consists of:•a Kerberos servera Kerberos server•a number of clients, all registered with servera number of clients, all registered with server•application servers, sharing keys with serverapplication servers, sharing keys with serverthis is termed a realmthis is termed a realm•typically a single administrative domaintypically a single administrative domainif have multiple realms, their Kerberos if have multiple realms, their Kerberos servers must share keys and trustservers must share keys and trustKerberos Version 5Kerberos Version 5developed in mid 1990’sdeveloped in mid 1990’sprovides improvements over v4provides improvements over v4•addresses environmental shortcomingsaddresses environmental shortcomingsencryption algorithm, network protocol, byte order, encryption algorithm, network protocol, byte order, ticket lifetime, authentication forwarding, inter-realm ticket lifetime, authentication forwarding, inter-realm authenticationauthentication•and technical deficienciesand technical deficienciesdouble encryption, non-standard mode of use, double encryption, non-standard mode of use, session keys, password attackssession keys, password attacksspecified as Internet standard RFC 1510specified as Internet standard RFC 1510X.509 Authentication Service X.509 Authentication Service part of CCITT X.500 directory service standardspart of CCITT X.500 directory service standards•distributed servers maintaining some info databasedistributed servers maintaining some info databasedefines framework for authentication services defines framework for authentication services •directory may store public-key certificatesdirectory may store public-key certificates•with public key of userwith public key of user•signed by certification authority signed by certification authority also defines authentication protocols also defines authentication protocols uses public-key crypto & digital signatures uses public-key crypto & digital signatures •algorithms not standardized, but RSA recommended algorithms not standardized, but RSA recommendedX.509 CertificatesX.509 Certificatesissued by a Certification Authority (CA), issued by a Certification Authority (CA), containing: containing: •version (1, 2, or 3) version (1, 2, or 3) •serial number (unique within CA) identifying certificate serial number (unique within CA) identifying certificate •signature algorithm identifier signature algorithm identifier •issuer X.500 name (CA) issuer X.500 name (CA) •period of validity (from - to dates) period of validity (from - to dates) •subject X.500 name (name of owner) subject X.500 name (name of owner) •subject public-key info (algorithm, parameters, key) subject public-key info (algorithm, parameters, key) •issuer unique identifier (v2+) issuer unique