GROUP 4: KERBEROS AUTHENTICATION

Nguyen Minh Trang - ITDSIU19020Phan Vo Phuong Tung -

ITDSIU19025Le Thi Thu Tra - ITDSIU19058

GROUP 4: KERBEROS

AUTHENTICATION

AuthenticationWHAT IS IT?

HOW IT WORKS?TYPES OF AUTHENTICATION

WHAT IS IT?

Authentication is the process of determining whether someone or something is, in fact, who or what it says it isFor example, user identity, users are typically identified with a user ID, and authentication occurs when the user provides credentials such as a password that matches their user ID.

i'm Bob! not even close!AUTHENTICATION

i'm Bob!

how 'bout now?

not even close!

ok! welcome!

AUTHENTICATION

AUTHENTICATION

TYPES OF AUTHENTICATION

There is a growing demand for different types of user authentication technologies.

The motivation to authenticate users ranges from access control reasons to business development purposes like adding e-commerce elements.

There is a wide variety of authentication technologies and an even greater range of activities that require authentication methods.

• password-based authentication

- The most common authentication out there

- To protect yourself you need to create strong passwords that meet the requirements of the system

- Weaknesses still remain!!! For example: hackers can crack the password or the users might forget their passwords

2. multi-factor authentication

- Requires two or more independent waysto identify a user- Increases the stability by adding multiple layers of security- It has it own pitfalls. What if the users lose both their passwords and their phone too?

3. Certification-based authentication

Technologies identify users, machines or devices by using digital certificates

4. biometric authentication

fingerprints

face recognition

eye scanner

Kerberos Authentication• K E R B E R O S T E R M I N O L O G Y A N D C O N C E P T S• K E R B E R O S A U T H E N T I C A T I O N P R O T O C O L• K E R B E R O S S E C U R I T Y

KERBEROS TERMINOLOGY AND CONCEPTS

• What is Kerberos ?

• In Greek Mythology, Kerberos (or "Cerberos) was the three-headed guard dog of Hades.

• In reality, Kerberos authentication was developed at MIT to protect the network services provided by Project Athena.

• Kerberos is an authentication protocol for trusted hosts on untrusted networks.

• Kerberos 5 is the latest version.


REALM PRINCIPAL

REPLAY CACHE

ENCRYPTION

TICKETS

AUTHENTICATOR

SESSION KEY KDC

CREDENTIAL CACHE

9 components and terms of Kerberos should be known

KERBEROS TERMINOLOGY AND CONCEPTSREALM

PRINCIPAL

ENCRYPTION

TICKETS

• The term realm indicates an authentication administrative domain.

• A user/service belongs to a realm if and only if he/she shares a secret key (password) with the authentication server of that realm.

• A principal is a name used to refer to the entries in the authentication server database.

• Form refers to the user:Name/[/Instance]@REALM

• Form refers to the service:Service/Hostname@REALM

• A ticket is something a client presents to an application server to demonstrate the authenticity of its identity.

• Tickets are issued by the authentication serverand are encrypted using the secret key of the service server they are intended for.

• 3 types: initial tickets, renewable tickets, and forwardable tickets

• A ticket includes: • User's principal (username)• The principal of the service• The IP address of the client machine• The date and time• The tickets' maximum lifetime• The session key

KERBEROS TERMINOLOGY AND CONCEPTSENCRYPTION

• Encryption Type: Clients, applications, and authentication servers must have at least one encryption type in common.

• Encryption Key: The string2key function transforms an unencrypted password into an encryption key suitable for the type of encryption to be used.

• Salt: This is a string to be concatenated to the unencrypted password before applying the string2key.

• Key Version Number: This is the current value of the counter when updating the secret key for an application server.

KDC

SESSION KEY

KDC consists of 3 components• The database is the container for entries

associated with users and services.• Authentication Server (AS) replies to the

initial authentication request from the client. • Ticket Granting Server (TGS) (service server)

distributes service tickets to clients with a valid TGT (a ticket), guaranteeing the authentication.

KEY DISTRIBUTION CENTER

• The session key is generated by the KDC when a ticket is issued.

• The session key plays a fundamental role in demonstrating the authenticity of the user.


• Authenticator includes the user's principal and time stamp and is encrypted with the session key.

• If the user is actually whom he/she says, the server is able to unencrypt the authenticator extracting the timestamp.

• If the time of verifying a user from the server is by less than 2 minutes, then the authentication is successful.

AUTHENTICATOR

REPLAY CACHE

CREDENTIAL CACHE

• In application servers (but also in TGS), Replay Cache is the capacity to remember authenticators which have arrived within the last 2 minutes and to reject them if they are replicas.

• Credential Cache is the place where the data (ticket and related session key) is stored.• Examples: MIT and Heimdall store data in the filesystem.

AFS and Active Directory store data in an area of the memory.

ALice&BobK E R B E R O S

A U T H E N T I C A T I O N P R O T O C O L

Alice

KDC

Bob

{"Hello Bob, I'm Alice"}

KAB

KAB{"Hi Alice, I'm

Bob"}

Authentication Server

(AS)

KAKAKA

2) {"HEY Kerberos, I want to chat with Bob"}

KA

A4) {SA, TGT }

KKDCKKDCKKDC

3) Decrypt with KA and get the request

Alice

KDCKDC

Ticket Granting Server (TGS)

1) Alice Login to Kerberos System with her password

5) Alice decrypt AS Message by KA

Only KDC can decrypt it

• SA: Key use to encrypt message between Alice and TGS

• TGT = {Alice, SA}

Alice Password

Alice TGS Bob

• {Alice, Bob, timestamp } ,TGT

2.{Bob, K , ticket-to-Bob}

3. ticket-to-Bob, {Alice, timestamp }

Prove he is Bob and can decrypt the message

4. {timestamp + 1}

{Alice,K }

prevent message replayed

SA

SA

KB

KAB

KAB

ABAB

AB

AA

A

A

Client&ServerK E R B E R O S

A U T H E N T I C A T I O N P R O T O C O L

ServerClient

I want to access the resources

NO

Identify himself

Have an authorization to access database

KDC

AS TGSKDC

{I want to access the resources}

Client

Server

AS TGSKDC

Client

Server

TGT

AS TGSKDC

Client

Server

Token

AS TGSKDC

Client

Server

Allow Client use Server Resources

KERBEROS SECURITY

KERBEROS ATTACKS

SOLUTIONS

KERBEROS SECURITY

KERBEROS PROTOCOL ISSUES

OTHER ATTACKS

KERBEROS ATTACKS

ROOT COMPROMISE OF A KERBEROS KDC MACHINE.PDF

COMPROMISE OF A KERBEROS ADMISTRATOR'S CREDENTIAL.DOC

ROOT COMPROMISE OF A SERVER MACHINE.PDF

ROOT COMPROMISE OF A CLIENT MACHINE.DOC

COMPROMISE OF USER CREDENTIALS.PDF

INCLUDING DENIAL OF SERVER, THE "INSIDER", SOCIAL ENGINEERING AND PASSWORD EXPOSURE, SECURITY HOLES IN THE KERBEROS SOFTWARE ITSELF .

SECURITY DICTIONARY AND BRUTE-FORCE ATTACKS

-> Obtains user's password -> Impersonate that user -> Ask KDC for the victim's username

-> Listen to network messages -> Make a copy of that message -> Replay them at a later time

-> Read all the network messages -> Send out his own designed messages -> Impersonate the server-> User will think she/he connect with the auth sever but actually it's the fake one

KERBEROS PROTOCOL ISSUES

REPLAY ATTACKS

MAN-IN-THE-MIDDLE ATTACKS an

attacker

SOLUTIONS

REQUIRING PRE-AUTHENTICATION

ENFORCING SECURE PASSWORDS

ENFORCING PASSWORDS LIFETIME AND HISTORY

MIT HEIMDAL WINDOW SERVER

1 principal

1 principal +all principals for emergency purposes

all principals by default

number of character classes and length of psw

only forces a psw minimum of 6 characters

test a psw's complexity

a user policy can be established

expire a principal's psw at a given time

set both maximum and minimum psw lifetime

TO WRAP UP...Key things to remember

Kerberos is an authentication protocol for trusted hosts on untrusted networks. It contains 9 components/terms to work on: Realm, Principle, Tickets, Encryption, KDC, Session key, Authenticator, Replay cache and Credential Cache. Client&Server example illustrates this mechanism

Kerberos is still the best security protocol available today. It is flexible and versatile enough to employ robust, dynamic encryption methods to fend off threats

THANKS &

DONT ASK QUESTIONS

GROUP 4: KERBEROS AUTHENTICATION

Documents

Transcript of GROUP 4: KERBEROS AUTHENTICATION