Kerberos in Embedded System

By: Mitul Patel

 Introduction

As embedded systems have become more advanced

the tools for working with them have also improved.
To debug an embedded device is to hook it up to a local
network.
Many devices use a network in production, for
reporting data or further diagnostics.
This convenience can introduce a number of risks,
due to unauthorized access to networked equipment.

1/23/2017 Security in Embedded System B.Tech IV 2

 Whats the problem ?

Modern networks go everywhere.

you can easily connect to it from anywhere that
the network reaches...
and without proper access control, anyone else
can too.
Accidental access to an improperly secured device
that controls significant real equipment can
cause real world damage.

1/23/2017 Security in Embedded System B.Tech IV 3

 Possible Solutions
Nothing at all
assumes that no one ever makes an
expensive mistake on the network.
Passwords
usually pass over the network in cleartext
Secure SNMP
not a general purpose tool
Kerberos

1/23/2017 Security in Embedded System B.Tech IV 4

 The Kerberos Authentication System
It was developed at MIT in the early days of
Project Athena.
Kerberos was named for the mythological
three-headed dog which guarded the gates of
Hades.
The three heads represented Authentication,
Authorization, and Accounting.
It eventually provide only Authentication.

1/23/2017 Security in Embedded System B.Tech IV 5

 Kerberos -Introduction
Kerberos was designed to be practical on a classic
IBM PC (8088 processor at 4.77 Mhz) as well as
larger machines.
While the code has changed since then,
the protocol has remained small and
straightforward
making it still appropriate for small machines
Kerberos is freely available for any use
Made easier to adopt as a standard

1/23/2017 Security in Embedded System B.Tech IV 6

 Kerberos -Introduction
Kerberos is a general purpose authentication system.
In the Kerberos model,
you prove your identity (authenticate) to a service
it decides if you should have access based on your
identity
The example system is
an Intel i960 microprocessor
running the VXWorks real-time operating system
with an ethernet interface and a serial port

1/23/2017 Security in Embedded System B.Tech IV 7

 Kerberos -Definitions
Client
anything (program) that uses kerberos to gain access to a remote service.
Server
a program that provides some service to a client. Examples include
remote login and file system access.
Principal
an entity that is known to Kerberos. This includes servers and actual
users.
Kerberos Ticket
a piece of data presented by a client to a server in order to prove identity
and request access, like a movie ticket.
A ticket is marked with a time and is only good for a particular service.
Key Distribution Center or KDC
distributes Kerberos Tickets in response to requests from clients.
DES
The Data Encryption Standard is the private-key encryption mechanism
used by Kerberos.

1/23/2017 Security in Embedded System B.Tech IV 8

 Kerberos-Definitions
Session Keys:
Secret key generated by KDC to communicate
between two members.

1/23/2017 Security in Embedded System B.Tech IV 9

 How Kerberos Works
The security of Kerberos is based on a simple
principle of secret key cryptography:
if a message is encrypted in my key, only I can
decrypt it
therefore, by decrypting it I can prove that I
have the key

1/23/2017 Security in Embedded System B.Tech IV 10

 How Kerberos Works
The KDC keeps a database of DES encryption keys
for all principals.
For server principals,
the key is only stored on the KDC and on the
machine where server runs.
For user principals,
the key is only stored on the KDC --when the user
logs in, the key is generated from the typed
password.

1/23/2017 Security in Embedded System B.Tech IV 11

 Kerberos Servers

1/23/2017 Security in Embedded System B.Tech IV 12

 Kerberos Servers
Authentication Server (AS)
The authentication server (AS) is the KDC in the
Kerberos protocol.
Ticket-Granting Server (TGS)
The ticket-granting server (TGS) issues a ticket
for the real server (Bob).
Real Server
The real server (Bob) provides services for the
user (Alice).

1/23/2017 Security in Embedded System B.Tech IV 13

 Kerberos Example

1/23/2017 Security in Embedded System B.Tech IV 14

 Using Different Servers
Note that if Alice needs to receive services from
different servers, she need repeat only the last
four steps.

1/23/2017 Security in Embedded System B.Tech IV 15

 How Kerberos Works
User needs to access a service
client requests a ticket for that service from the KDC.
The KDC creates a packet with
the content of the request
the current time
the length of time for which the ticket will remain
valid
randomly generated key, for later use
It then encrypts this packet in the key of the server.

1/23/2017 Security in Embedded System B.Tech IV 16

 How Kerberos Works
The KDC then adds
the random key
the identifying information to the outside of
the encrypted packet
encrypts it again with the key of the principal
who asked for it (the user.)
The packet is then sent back to the client

1/23/2017 Security in Embedded System B.Tech IV 17

 How Kerberos Works
The client then decrypts the ticket.
This unwraps the outer layer,
providing the verifying information as well as
the random key.
The client is also left with the encrypted inner
component.
Now the client can send that component on to
the server.
1/23/2017 Security in Embedded System B.Tech IV 18
 How Kerberos Works
The server, on receiving the ticket,
decrypts it using the key for its own principal.
Given a successful decryption,
it can examine the time stamp to see if the
ticket is still valid
make a decision about the identity given

1/23/2017 Security in Embedded System B.Tech IV 19

 How much overhead?
Additional Code
The Kerberos libraries are broken down into
small units,
so that a given application will only link in the code
that it needs.
The DES library implementation used here is
quite compact.
The Intel i960 only used 8K bytes of code space
for Kerberos and another 6K for DES.

1/23/2017 Security in Embedded System B.Tech IV 20

 How much overhead?
Additional Data
The Kerberos libraries themselves need very little data
the DES implementation does need 6528 bytes of
permutation tables.
Secure Storage on Servers
A server needs to be able to store the private key for
it's principal
in the minimal case, this needs 9 bytes of secure
storage (the 8 byte DES key and one byte for the key
version number.)

1/23/2017 Security in Embedded System B.Tech IV 21

 How much overhead?
Network Traffic
An authenticator is roughly 100 bytes, and is usually only
sent when a connection is established and authentication is
needed.
Further messages can be protected by the randomly
generated session key.
Computation Time
Most of the computational time involved is the DES
encryption and decryption of the message.
The Intel i960 was able to encrypt 120,000 bytes per
second, or 8 microseconds per byte
less than 1 millisecond total overhead per authentication

1/23/2017 Security in Embedded System B.Tech IV 22

 Reference
Security Issues in Embedded Networking
By Mark Eichin, Cygnus Support
http://web.mit.edu/eichin/www/embedded-
kerberos.html
Design and Implementation of Kerberos
Version 5 for Embedded Devices
By Kazunori Miyazawa

1/23/2017 Security in Embedded System B.Tech IV 23

 Questions?
Instead of using Authentication Server, why
not do the authentication at the
corresponding server?
How is the user's password used for
authentication?
What is the advent of encrypting time-stamp
with session key?

1/23/2017 Security in Embedded System B.Tech IV 24

 Tutorial-1 Submit By: 28-01-2017
1. What are the challenges involved in design of secure embedded
system?
2. List out the typical security requirement for embedded systems?
3. Answer the following:
What are the differences between symmetric and asymmetric
encryption, particularly regarding encryption, signature and hash?
List out the typical applications of asymmetric ciphers in security
protocols?
Identify the places in SSL/TLS where symmetric and asymmetric
encryption used.
4. Find out the usage of SSL Handshake protocol, SSL Change Cipher
protocol, SSL Alert Protocol and SSL Record Protocol in SSL data
transfer.
5. Classify the attack threats faced by embedded systems.
Differentiate between invasive and non-invasive attacks.

1/23/2017 Security in Embedded System B.Tech IV 25