kerberos-aces
TRANSCRIPT
K E R B E R O S
GROUP: ACES
I N T R O D U C T I O N
S A R A M A L I K
1 2 - 5 1
DEFINITION-KERBEROS
“Kerberos The name is taken from Greek mythology; Kerberos was a three-headed dog who
guarded the gates of Hades. is a network authentication protocol. It is designed
to provide strong Authentication for client/server applications by using
secret-key cryptography. “
1- It is secure.
2- It never sends a password unless it is encrypted.
WHAT IS KERBEROS?
• Network authentication
protocol
• Developed at MIT in the
mid 1980s
• Available as open source
or in supported
commercial software
ARCHITECTURE:
It consists of the following 3 components:
1-Client
2-Authentication server or key distribution server(KDC)
3- Server
And has 3 main exchanges:
1-Authentication Service(AS) Exchange
2-Ticket Granting Service(TGS) Exchange
3- Client Server (CS) Exchange.
WHY KERBEROS?
• Sending usernames and passwords in the clear jeopardizes the security of the network.
• Each time a password is sent in the clear, there is a chance for interception.
• Uses Needham-Schroeder Algorithm.
NEEDHAM-SHROEDER PROTOCOL:
Needham-Schroeder Protocol:
• The NSP symmetric key establishes a session key to protect further communication.
• The NSP key protocol provides mutual authentication.
FIREWALL VS. KERBEROS?
• Firewalls make a risky assumption:
that attackers are coming from the
outside. In reality, attacks
frequently come from within.
• Kerberos assumes that network
connections (rather than servers
and work stations) are the weak
link in network security.
DESIGN REQUIREMENTS
• Interactions between hosts and clients should be encrypted.
• Must be convenient for users (or they won’t use it).
• Protect against intercepted credentials.
CRYPTOGRAPHY APPROACH
• Private Key: Each party uses the same secret key to encode and
decode messages.
• Uses a trusted third party which can vouch(verify) for the
identity of both parties in a transaction. Security of third party
is imperative.
HOW DOES KERBEROS WORK?
• Instead of client sending password to
application server:
– Request Ticket from authentication server
– Ticket and encrypted request sent to
application server
• How to request tickets without
repeatedly sending credentials?
– Ticket granting ticket (TGT)
ABBREVIATION USED:
• AS: Authentication Server
• KDC: Key distribution Center
• TGS: Ticket Granting Server
• SS: Service server
• TGT: Ticket granting ticket
HOW DOES KERBEROS WORK?: TICKET GRANTING TICKETS
WEAKNESSES AND SOLUTIONS
If TGT stolen, can be used to access network services.
Only a problem until ticket expires in a few hours.
Subject to dictionary attack. Timestamps require hacker to guess in 5 minutes.
Very bad if Authentication Server compromised.
Physical protection for the server.
COMPETITOR-SSL:
Secure Sockets Layer:
SSL (Secure Sockets Layer) is a standard security technology for establishing an
encrypted link between a server and a client—typically a web server (website) and a
browser; or a mail server and a mail client (e.g., Outlook).
THE COMPETITION: SSL
SSL Kerberos
Uses public key encryption Uses private key encryption
Is certificate based (asynchronous) Relies on a trusted third party
(synchronous)
Ideal for the WWW Ideal for networked environments
Key revocation requires Revocation
Server to keep track of bad
certificates
Key revocation can be accomplished by
disabling a user at the Authentication
Server
Certificates sit on a users hard drive
(even if they are encrypted) where
they are subject to being cracked.
Passwords reside in users' minds where
they are usually not subject to secret
attack.
Uses patented material, so the
service is not free. Netscape has a
profit motive in wide acceptance of
the standard.
Kerberos has always been open source
and freely available.
P R O T O C O L S
Z O Y A A L A M G I R
1 2 - 2 5
•Needham-Schroeder protocol
KERBEROS 4
•Host difference
DIFFERENCE
KERBEROS 5
•Based on kerberos 4
•Differences
KERBEROS 5
• Ticket:the ticket can only be decrypted by the
service, as it is encrypted with the
service’s encryption key
• Reply:
encryption type of the reply from the
KDC to the client refers to the part of
the reply encrypted with the user’s
encryption key.
MAIN FEATURES
• Session key
. This key is a sharing between the
client and the server so here needed
to have that type encryption key that
is supported by both client support
and service
CONT…
•Forward able tickets
•Proxiable tickets
•Renewable tickets
•Postdated tickets
TICKET OPTIONS
• Decryption of the service ticket with the service’s key
• Extraction of the session key contained inside
• Creation of a new Kerberos 4 ticket for the same service
and client
• Pasting in the session key from the original Kerberos 5
ticket.
KERBEROS 5-TO-4 TICKET TRANSLATION
•Client is unable to get an initial “Ticket Granting Ticket”.
•Client possesses a valid TGT but faces some error prior to the achievement of a service ticket.
•Client possesses a valid TGT and has acquired service ticket, but faces error upon connection to the Kerberoizedservice.
TROUBLESHOOTING
•Errors Obtaining an Initial Ticket
•Unsynchronized Clocks
ERRORS AND SOLUTIONS
S E C U R I T Y
S O N I A R A S H E E D
1 2 - 3 7
KERBEROS
• The most popular cross-platform, network-wide authentication system
• Kerberos is extremely secure in a theoretical sense.
• Kerberos provides authentication, authorization and auditing services.
• Implemented only authentication services
KERBEROS AUTHENTICATION (REVIEW)
KERBEROS SECURITY
• It by no means has a perfect security record.
• Implementation of Kerberos on your network does not guarantee perfect security.
• It does not prevent compromises caused:
buggy server software
administrators granting permissions to unauthorized users
poorly chosen passwords
etc.
KERBEROS ATTACKS
Some electronic attacks that can compromise the security of your Kerberos system:
1. Root compromise of a Kerberos KDC machine:
A root-level compromise of a KDC machine gives the attacker full control over the entire
Kerberos authentication system.
2. Compromise of a Kerberos administrator’s credentials:
If an attacker obtains the password of a Kerberos administrative principal, then the
attacker can get complete access to the entire Kerberos database.
KERBEROS ATTACK (CONT…)
3. Root compromise of a server machine:
The attacker can impersonate this service and also decrypt the encrypted traffic sent
between clients and the compromised service.
4. Compromise of user credentials:
Two Scenario:
a. user’s credential (ticket) cache exposed
b. user’s password is compromised
OTHER ATTACKS
1. Denial of service:
• Attack against your organization’s KDCs by flooding them with authentication
requests.
• Kerberos cannot protect against denial of service attacks .
• Recommendations:
Network Should be firewalled
Additional KDCs for network can overcome the effects of a DoS attack.
OTHER ATTACKS(CONT…)
2.The “insider”:
• Does not protect against an internal authorized user who decides to misuse their
privileges.
• For example:
A rogue Kerberos administrator
3. Social engineering and password exposure
4. Security holes in the Kerberos software itself
PROTOCOL SECURITY ISSUES
REPLAY ATTACK:
PROTOCOL SECURITY ISSUES(CONT…)
• Dictionary and Brute-Force Attacks:
Password guessing" attacks are not solved by Kerberos.
• Man-in-the-Middle Attacks:
Built-in protection against man-in-the-middle attacks.
Kerberos performs mutual authentication
• Mutual Authentication:
SECURITY SOLUTIONS
• Requiring Pre-Authentication:
• Enforcing Secure Passwords
• Enforcing Password Lifetimes and History:
APPLICATION
• CIFS remote file access: Common Internet File System (CIFS) is the new name of
Microsoft's SMB protocol that is mainly used for file and print sharing.
• Secure dynamic DNS update
• Distributed File System Management
• Host to Host IPsec
• Secure internet Web services
• Authenticate certificate request to certification authority (CA)
K E R B E R O S
F U T U R E
A Q S A G I L L A N I
1 2 - 4 6
KERBEROS FUTURES
• Kerberos developing to integrate new technologies and to prevent new
threats.
• Kerberos working group developed extensions to Kerberos 5 protocol
for using Kerberos in future.
• New developments related to Kerberos, used in future summarised
below:
PROJECT MOONSHOT
• This project is a JANET(UK)-led initiative.
• It is to develop a single technology for benefits of non-Web services.
• including high Performance Computing and other services i-e mail, file store, remote access and instant messaging.
• The goal is to access broad range of services and applications.
• This is to improve delivery of services by providing users with a common single sign-on for both.
•
• Service providers offer services to users using a single common
authentication mechanism.
• This enhance the user’s experience.
• Reduce costs for organisations delivering services.
• The protocol used for authentication and encryption key management,
in moonshot is Kerberos.
SMART CARDS:
• What is?
• Smart card is a small, tamperproof computer.
• Smart card contains a CPU and some non-volatile storage to keep secrets, such
as private keys.
• Smartcards makes impact on current computer systems because of
security.
• Smart card market grow from 544 million Unit in 1995 to 3.4 billion
units by 2001.
HOW CAN SMARTCARDS HELP KERBEROS?
• Problems of Kerberos are not solvable without special-purpose
hardware, no matter what the design of the protocol.
• The problems include:
• _ Need for secure encrypssstion device
• _ Need for secure key storage
• _ Dictionary attack on passwords
SMART CARD INTEGRATION:
• Store user key in a smartcard, load key into a workstation, and use it for
decrypting TGT instead of key from a password.
• 2. Decrypt TGT in a smartcard.
• Method 1 is not secure as method 2 becz user key loaded in a
workstation. If workstation is not trusted, key is vulnerable.
• For example, a Trojan horse attack easily obtain the key.
FUTURE DIRECTION
• We plan to implement the Kerberos authentication protocol in more
smartcards, e.g. IBM
• Expect some differences in their performance because:
• Some of the smartcards have DES CBC mode.
• Some of the smartcards have key scheduling APIs.
• Communication speed difference among smart cards.
CONCLUSION
• We identified limitation of Kerberos that a smartcard can counter them.
• suggested a protocol takes advantage of secure features of smartcard to
enhance security of Kerberos.
• Protocol implemented with smartcard and KerberosV5-1.0.5.
• Performance evaluation shows the protocol runs fast.
BETTER ENCRYPTION
• The algorithms of cryptography driven by growth in computer power.
• Increasing computer power provides force for emerging cryptographic
algorithms:
• Solved older algorithms and short key lengths as they fall to brute-force
attacks.
• Makes possible complex calculations of algorithms and longer key.
• Kerberos depends heavily on cryptography.
• It is important new encryption methods implemented in the Kerberos protocol.
BETTER ENCRYPTION…
• Kerberos 5 protocol designed to support multiple encryption types.
• Internet drafts specify Stronger Encryption options for future
implementations of Kerberos protocols.
• AES is encryption algorithm used for future implementations for
Kerberos protocol.
• AES increasing the cryptographic security for future Kerberos
implementations.
WHO USES IT?
• Impossible to list all companies using Kerberos.
• Examples below relavent to the CyberSafe products.
• Kerberos is being used by 100 million people, worldwide.
• The following vendors implement Kerberos:
MICROSOFT
• Products which use Kerberos, are Microsoft Windows and Microsoft
Active Directory.
• In Microsoft network users authenticate using the Kerberos when logon
to Windows workstation.
• They only have to authenticate once when logon to workstation.
• The Microsoft XBOX also uses Kerberos protocol to authenticate users
to the Microsoft XBOX Live services on the Internet.
SAP
• Some of licensed software from SAP includes an implementation of
Kerberos.
• The protocol to control how it is used by their customers for licensing
reasons
• TrustBroker products can be used to implement security solutions, with
SAP business applications.
• Many customers chosing CyberSafe TrustBroker products for their SAP
business applications.
Q U E S T I O N S ?
T H A N K Y O U