Professional Documents
Culture Documents
ECS401: Cryptography and Network Security: Module 5: Authentication Protocols
ECS401: Cryptography and Network Security: Module 5: Authentication Protocols
ECS401: Cryptography and Network Security: Module 5: Authentication Protocols
Network Security
2
Kerberos
Version 4
Overview
3
Kerberos Version 4 Overview
Table 1: Summary of Kerberos Version 4 Message Exchanges
4
Kerberos Version 4 Overview
where,
5
Kerberos Version 4 Overview
Table 2: Rationale for the Elements of the Kerberos Version 4 Protocol
6
Kerberos
Version 4
Overview
7
(b) Ticket-Granting Service Exchange
Kerberos Version 4 Overview
8
Kerberos
Version 4
Overview
9
(c) Client/Server Authentication Exchange
Table 3: Summary of Kerberos Version 5 Message Exchanges
Kerberos
Version 5
Overview
10
Comparison between Kerberos Version 4 and 5
Table 1: Summary of Kerberos Version 4 Message Exchanges Table 3: Summary of Kerberos Version 5 Message Exchanges
11
The Version 5 Authentication Dialogue
First, consider the authentication service exchange.
Message (1) is a client request for a ticket-granting ticket. As before, it includes the ID of the user and the TGS.
• Times: Used by
the client to request • Nonce: A random
the following time value to be repeated
• Options: Used to settings in the ticket: in message (2) to
• Realm: Indicates request that certain • —from: the desired start assure that the
time for the requested
realm of user flags be set in the ticket
response is fresh
returned ticket • —till: the requested and has not been
expiration time for the replayed by an
requested ticket opponent
• —rtime: requested
renew-till time
12
The Version 5 Authentication Dialogue
Message (2) returns a ticket-granting ticket, identifying information for the client, and a block encrypted
using the encryption key based on the user’s password.
This block includes the session key to be used between the client and the TGS, times specified in message
(1), the nonce from message (1), and TGS identifying information.
The ticket itself includes the session key, identifying information for the client, the requested time values,
and flags that reflect the status of this ticket and the requested options. These flags introduce significant
new functionality to version 5.
13
The Version 5 Authentication Dialogue
In addition, version Finally, for the
Let us now compare Message (4) has the
5 includes requested client/server
the ticket-granting same structure as
times and options authentication
service exchange for message (2). It
for the ticket and a exchange, several
versions 4 and 5. We returns a ticket plus
nonce—all with new features appear
see that message (3) information needed
functions similar to in version 5. In
for both versions by the client, with
those of message message (5), the
includes an the information
(1). The client may request
authenticator, a encrypted using the
authenticator itself as an option that
ticket, and the name session key now
is essentially the mutual
of the requested shared by the client
same as the one authentication is
service. and the TGS.
used in version 4. required.
Version 4 Version 5 14
The Version 5 Authentication Dialogue
The authenticator includes several new fields:
15
The Version 5 Authentication Dialogue
If mutual
authentication is
required, the server
responds with message The subkey field, if
(6). This message present, overrides the
includes the timestamp subkey field, if present,
from the authenticator. in message (5).
16
Version 4 Version 5
The Version 5 Authentication Dialogue
Ticket Flags
The flags field included in tickets in version 5 supports expanded functionality compared to that
available in version 4. Table 4 summarizes the flags that may be included in a ticket.
The INITIAL flag indicates that this ticket was issued by the AS, not by the TGS. When a client requests
a service-granting ticket from the TGS, it presents a ticket-granting ticket obtained from the AS. In
version 4, this was the only way to obtain a service-granting ticket.
Version 5 provides the additional capability that the client can get a service-granting ticket directly
from the AS. The utility of this is as follows: A server, such as a password-changing server, may wish to
know that the client’s password was recently tested.
The PRE-AUTHENT flag, if set, indicates that when the AS received the initial request [message (1)], it
authenticated the client before issuing a ticket. The exact form of this pre-authentication is left
unspecified.
17
The Version 5 Authentication Dialogue
Ticket Flags
18
Table 4: Kerberos Version 5 Flags
The Version 5 Authentication Dialogue
Ticket Flags
19
The Version 5 Authentication Dialogue
Ticket Flags Another possibility is the use of a smart card that generates continually changing passwords that are
included in the pre-authenticated messages.
The passwords generated by the card can be based on a user’s password but be transformed by the
card so that, in effect, arbitrary passwords are used. This prevents an attack based on easily guessed
passwords. If a smart card or similar device was used, this is indicated by the HW-AUTHENT flag.
When a ticket has a long lifetime, there is the potential for it to be stolen and used by an opponent
for a considerable period. If a short lifetime is used to lessen the threat, then overhead is involved in
acquiring new tickets.
In the case of a ticket granting ticket, the client would either have to store the user’s secret key, which
is clearly risky, or repeatedly ask the user for a password. 20
The Version 5 Authentication Dialogue
Ticket Flags
21
The Version 5 Authentication Dialogue
Ticket Flags
Subsequently, the
client may submit the The client can obtain a When the execution
With this approach,
postdated ticket for number of tickets for reaches a point in time
the client does not
validation. This this session at once, when a new ticket is
have to repeatedly use
scheme can be useful with spread out time required, the client
its ticket-granting
for running a long values. All but the first can get the
ticket to obtain a
batch job on a server ticket are initially appropriate ticket
service-granting ticket.
that requires a ticket invalid. validated.
periodically.
22
The Version 5 Authentication Dialogue
Ticket Flags
23
The Version 5 Authentication Dialogue
Ticket Flags In version 5, it is possible for a server to act as a proxy
on behalf of a client, in effect adopting the
credentials and privileges of the client to request a
service from another server. If a client wishes to use
this mechanism, it requests a ticket-granting ticket
with the PROXIABLE flag set.
24
The Version 5 Authentication Dialogue
Ticket Flags
25