Professional Documents
Culture Documents
Kerberos
Kerberos
Kerberos
Kerberos
● Provide authentication for a user that works
on a workstation.
● Uses secret key technology
● Because public key technology still had patent
projection.
● Implements authentication by Needham &
Schroeder.
● On the market in versions 4 and 5.
Kerberos
● Kerberos consists of
● Key Distribution Center (KDC)
● Runs on a physically secure node
● Library of Subroutines
● Modifies known UNIX libraries such as telnet,
rlogin, …
Key Distribution Center
● KDC:
● Database of keys for all users
KAB{N2-1, N3}
KAB{N3-1}
Alice Bob
Ticket, KAB{N2}
KAB{N2-1},
KAB{N3}
KAB{N2-1}
Replays Ticket,
KAB{N4}
KAB{N2}
Trudy (later) Trudy now resumes her first
connection: KAB{N4-1} and is
Ticket,
authenticated KAB{N4}
KAB{N4-1}
KAB{N5}
Trudy (second connection)
Needham Schroeder
● Expanded Needham Schroeder
● Prevents replay attacks after Alice’s master key
was stolen and Alice changed her master key.
Needham Schroeder
● Vulnerability Scenario
● Alice has a previous key JAlice that Trudy
captured.
● Alice has changed her key to KAlice.
● Trudy has captured a previous login request
from Alice to KDC:
● KDC sent
JAlice{N1,Bob,JAB,KBob{JAB,Alice}}
Needham Schroeder
● Vulnerability Scenario
● Trudy has JAlice{N1,Bob,JAB,KBob{JAB,Alice}}
● Trudy calculates JAB and KBob{JAB,Alice} with
JAlice.
● Trudy now impersonates Alice to Bob. She sends her
round 3 message to Bob:
N2, KBob{JAB,Alice}
● She can complete the Needham Schroeder protocol
with Bob.
● Since the KDC no longer participates, informing the
KDC of the change does not prevent Trudy from
succeeding impersonating Alice to Bob.
Needham Schroeder Vulnerability
Scenario
● Trudy has
● JAlice{N1,Bob,JAB,KBob{JAB,Alice}}, JAB.
KBob{JAB,Alice}.
● Trudy to Bob: JAB{N2}, KBob{JAB,Alice}
● Bob to Trudy: JAB{N2–1, N3}
● Trudy to Bob: JAB{N3–1}
Alice Workstation AS
Alice AS_REQ{Alice}
KAlice AS_REP{KAlice{SAlice,TG
T}}
TGT = KKDC{Alice,
Workstation calculates SA}
session key SAlice and
TGT, throws KAlice
away.
Kerberos
● Why wait for the password?
● Workstation should know Alice’s password for
minimum time.
● Kerberos v. 5 changes this.
● The workstation would contain data on which a
password cracker could be run.
Kerberos
● Kerberos V. 5 Logging in:
Alice Workstation AS
Alice AS_REQ{Alice}
AS_REP{KAlice{SAlice,TG
Password? T}}