Академический Документы
Профессиональный Документы
Культура Документы
Kerberos
Motivation
Secure against eavesdropping Reliable distributed architecture Transparent almost invisible to user Scalable to many users and servers
Two versions
Version 4 basic ideas Version 5 fixes and more variety of algorithms
Kerberos Version 4
Protocol is complex so
Simplified approach
Client asks authentication server for ticket AS grants ticket Client sends ticket to server
Weaknesses
Big load on AS (Provide secondary ticket-granting servers) Repeated password entry (Password to AS seldom, tickets from TGS when needed, based on AS authentication)
Kerberos Organization
Called a realm, it includes:
Kerberos server, which includes:
UID and hashed password for each user Shared secret key with each user
Inter-realm issues
Kerberos servers in each realm are registered with each other (share a secret key) TGS in server realm issues tickets to client on other realm
Version 5
Avoids DES suspicion by specifying algorithm and key length Avoids IP dependence by specifying net address type and length Allows specifying message byte ordering Tickets contain start and end time Authentication forwarding server can forward authentication to another server Inter-realm authentication
Version 5 Continued
Avoids double encryptions Avoids PCBC (vulnerable to a cipher block exchange attack) Session and subsession keys Preauthentication makes password attacks more difficult (but not impossible)
X.509 Service
Uses public-key certificates from a CA (certification authority) Kerberos uses privately distributed keys Obtaining certificate requires access to public key of a CA X.509 service is free-form hierarchical does this by using forward and reverse certificates Also provides for certificate revocation
Each CA contains a list of revoked but still in-date keys
Two-way
Authenticates each to the other
Three-way
Detects replay attacks using nonces (rather than clock synchronization)