Security Principles & Practices, fourth edition. [7] Atul Kahate, Cryptography and
Network. Security, Second edition. [8] www.kerberos.org/software/tools.html.
ISSN:2229-6093 Trapti Ozha , Int.J.Computer Technology & Applications,Vol 4 (2),354-357
Kerberos: An Authentication Protocol Trapti Ozha Department of Computer Science & Engineering Sushila Devi Bansal College of Engineering, Indore
[email protected]
Abstract Kerberos is an authentication protocol or verification protocol, which achieves the all security goals for the system like authentication, integrity, confidentiality etc. Kerberos is a security system that helps people from stealing information that gets sent across the network from one place to another place. Kerberos provides a distributed authentication services that allow a client running on behalf of a user to prove its identity to an application server. This complete process is done without sending data across the network that might allow an attacker or the verifier to subsequently impersonate the user. This paper gives an overview of Kerberos authentication model. Kerberos based on secret key encryption technology, it uses Data Encryption Algorithm for encryption to extend the security for system.
Before Kerberos, if any user wants to access network services he/she required to enter password each time. This is very time consuming process and insecure method when user access services on remote machine. When a user is logged on to a remote machine and then logs in from there to another remote machine, the password travels in clear text through the network. Kerberos fixes these problems because it provides single-sign-on, which lets a user log in to a system and access multiple systems or applications without the need to enter the user name and password multiple times. In addition, Kerberos is designed so that entities have to authenticate themselves by demonstrating control of secret information. In this manner, Kerberos solves traditional problems involved with authentication.
Keywords— Kerberos protocol, Authentication server, Ticket granting server, Key distribution center
In Kerberos protocol we are using total three servers: authentication server, ticket granting server and a realserver.
1. Introduction Kerberos is a commonly used authentication service on the Internet. Developed at the MIT's Project Athena, Kerberos is named for the three-headed dog who, according to Greek mythology, guards the entrance of Hades (rather than the exit, for some reason!). Kerberos employs client/server architecture and provides user-to-server authentication rather than host-to-host authentication. In this model, security and authentication will be based on secret key technology where every host on the network has its own secret key. It would clearly be unmanageable if every host had to know the keys of all other hosts so a secure, trusted host somewhere on the network, known as a Key Distribution Center (KDC), knows the keys for all of the hosts (or at least some of the hosts within a portion of the network, called a realm). In this way, when a new node is brought online, only the KDC and the new node need to be configured with the node's key; keys can be distributed physically or by some other secure means.
IJCTA | Mar-Apr 2013 Available
[email protected]
2. Conventions Throughout this paper we use terms that may be ambiguous, new to the reader, or used differently elsewhere. Below we state our use of those terms.
354
ISSN:2229-6093 Trapti Ozha , Int.J.Computer Technology & Applications,Vol 4 (2),354-357
User, Client, Server—By user, we mean a human being who uses a program or service. A client also uses something. A client may be person or computer program. Service vs. Server—We use service as an abstract specification of some actions to be performed. A process which performs those actions is called a server. At a given time, there may be several servers (usually running on different machines) performing a given service. For example, at Athena there is one BSD UNIX rlogin server running on each of our timesharing machines. Key, Private Key, Password—Kerberos uses private key encryption. Each Kerberos principal is assigned a large number, its private key, known only to that principal and Kerberos. In the case of a user, the private key is the result of a one-way function applied to the user's password. We use key as shorthand for private key. Credentials—Unfortunately, this word has a special meaning for both the Sun Network File System and the Kerberos system. We explicitly state whether we mean NFS credentials or Kerberos credentials, otherwise the term is used in the normal English language sense. Realms- A network that uses Kerberos, composed of one or more servers called KDCs and a potentially large number of clients. In other words Realms is a user-defined administrative boundary. Key Distribution Center (KDC) – KDC is the heart of the Kerberos realm. It provides Kerberos authentication services by issuing encrypted tickets that require secret keys to decode. KDC handles the distribution of keys and tickets Ticket Granting Server (TGS)- TGS issues service tickets to clients upon request.
Replay: An attacker may manage to obtain a user’s request for a service containing the user’s ticket and authenticator. The attacker could then try to resend it (replay) to impersonate the user.
3. Authentication process of Kerberos Kerberos divides the whole world into multiple realms. A Kerberos realm is a set of managed nodes that share the same Kerberos database. A realm represents a networked collection of client workstations, application servers and a single master key distribution centre (KDC). The KDC maintains a database of secret keys for each entity on the network. Knowledge of this key serves to prove an entity's identity. For communication between two entities, the KDC generates a session key which they can use to secure their interactions. Kerberos is a mechanism, which operates on a ticket granting methodology using a ticket-granting server (TGS). The client must first call the local KDC and request for a Ticket Granting Ticket (TGT). The TGT, which consists of the Client ID, the Network Address of the client, the Ticket Validity period and the client/TGS session key, is encrypted using the Secret Key of the TGS. The client uses the TGT to seek a Service Ticket from the Ticket Granting server. The Service Ticket comprises of the Client ID, Client Network Address, Validity period and the Client/Server session key. The client now uses the Service Ticket to access the server. The Server decrypts the Service Ticket using its own secret key and sends the message to confirm its identity to the client. The client then decrypts the message using the client/server session key and checks the Time Stamp update. If the Time Stamp is properly updated, then the client can trust the authenticity of the server. Thus it can start requesting services from the server. This process of Ticket Granting prevents the usage of password mechanism, which can be easily hacked by an intruder.
Ticket Granting Ticket(TGT)- Issued by the Authentication Server (A.S.), the TGT is encrypted in the user’s password which is known only to the user and KDC. Authenticator: Authenticator is used along with the ticket to prove that the client presenting a ticket is really the one it claims to be. An authenticator is built using the client’s name and the IP address and is encrypted with the session key only to the client and the relevant server. Session Key: Session keys are temporary private keys generated by Kerberos. They are known to the client and are used to encrypt the communication between the client and the server.
IJCTA | Mar-Apr 2013 Available
[email protected]
355
ISSN:2229-6093 Trapti Ozha , Int.J.Computer Technology & Applications,Vol 4 (2),354-357
When a client authenticates against a service using the Kerberos protocol, the process is as follows: 1. 2.
3. 4. 5. 6.
The client requests a ticket granting ticket (TGT)from the key distribution center (KDC). The authentication service (domain controller) sends the encrypted TGT and session key to the client. The client requests server access from the ticket granting service(TGS). TGS sends the encrypted session key and service ticket to the client. The client sends the service ticket to the server. Optionally, the server can send an encrypted time stamp for client validation.
complexity of system administration and application development. Implementations of Kerberos are available from various vendors, and it is freely accessible in opensource form. The standard MIT distribution includes a basic set of applications, including telnet, POP email, and the Berkeley UNIX "R-commands" (such as rlogin). Other applications can be "Kerberized" by incorporating calls to Kerberos library functions. Encryption algorithms such as those used in Kerberos have long been considered munitions by the US government. The export status of Kerberos under newly liberalized regulations (October 2000) is unclear. For the time being, MIT is distributing its source only to US and Canadian citizens. Versions without encryption have been exported overseas, however.
4. Goals and Scope of the Kerberos system 5. Applications and Limitations of Kerberos Kerberos is designed to provide authentication of user identity in a networked computing environment consisting of workstations (used directly by one or more users) and servers (providing services such as email and shared file systems). It is, in part, a response to the current standard approach to network security, authentication by assertion, wherein a client gains access to services simply by asserting that it is who it says it is (or is acting on behalf of the user that it claims it is). A basic assumption is that network traffic is highly susceptible to interception and is the weak link in system security, rather than direct access to servers, which can be protected by physical means. The more often a specific cryptographic key is reused, the more susceptible it becomes to decoding. For this reason, each session of interactions between a user and a specific service should be encrypted using a shortlived "session key". To make the system usable in practice, however, it must be convenient, and to the greatest extent possible, transparent to the user. Starting with those assumptions, the system's key goals can be summarized as follows:
Never transmit unencrypted passwords over the network, i.e. "in the clear". Protect against the misuse of intercepted credentials (also called "replay attacks"). Do not require the user to repeatedly enter a password to access routine services.
The Kerberos system attempts to address design tradeoffs between the level of protection provided and the user's convenience, while also considering the
IJCTA | Mar-Apr 2013 Available
[email protected]
Kerberos is suitable for supporting authentication, authorization, and confidentiality within a network or small set of networks. However, it is not as well suited to some other functions, such as digital signatures (which provide both certification of identity and nonrepudiation), for which public-key cryptography is often used. A fundamental issue is whether the Kerberos approach is scalable to the Internet. Features added in the current version of Kerberos are designed to allow inter-network authentication (in Kerberos terminology, referred to as "cross-realm" authentication). Recent proposals have included using public-key cryptography for both initial authentication of clients (TGT) and for cross-realm authentication. Such changes will make it more feasible for Kerberos to scale to larger sets of networks, but the question is far from resolved. One of the primary assumptions of the Kerberos protocol is that the hosts on the network can be trusted. Luckily, the extent of attacks that can occur if a host is compromised is limited. Tickets which remain in the hosts' cache can be used, but only until they expire. If users choose easily guessable passwords, the system is subject to a dictionary attack, where attackers simply try different passwords until the correct one is chosen. This can be overcome by administrative rules requiring passwords that are not easily guessed by a dictionary algorithm. Timestamps also help to protect against this type of attack by limiting the amount of time an attacker has to guess a password.
356
ISSN:2229-6093 Trapti Ozha , Int.J.Computer Technology & Applications,Vol 4 (2),354-357
Since the system relies entirely on passwords for user authentication, if the passwords themselves are stolen, the possibility of system attack is unlimited. These points to the requirement that the Key Distribution Center be protected. If it is compromised, the entire system is unsafe. For long processes, limited duration tickets can present problems. Kerberos Version 5 addresses this problem with renewable tickets.
6. Conclusions Security in the present scenario has become a more rational issue either it may be in the REAL WORLD or in the CYBER WORLD. In real world as opposed to the cyber world an attack is often preceded by information gathering. In the cyber world the ―BAD guys‖ are referred to as intruders, eavesdroppers, hackers, hijacker etc. Adding Kerberos to a network can increase the overall security available to the users and administrators of that network. Remote sessions can be securely authenticated and encrypted Kerberos is an verification protocol that gives the security for system. Kerberos provides distributed authentication service that allows a process running on behalf of a principal to prove its identity to a verifiers without sending data across the network that might allow an attacker or the verifier to subsequently impersonate the principal.
[3]
[4]
[5] [6] [7] [8] [9] [10] [11] [12]
Mok, ―A novel ultrathin elevated channel lowtemperature poly-Si TFT,‖ IEEE Electron Device Lett., vol. 20, pp. 569–571, Nov. 1999. B.Clifford Neuman and Theodore Ts’o. An Authenitication Service for Computer Networks, from IEEE Communications Magazine, Volume 32, pages 33-38, Sep 1994. Jennifer G. Steiner, Clifford Neuman and Jeffrey I. Schiller, Kerbeors: An Authentication Service for Open Network, In Usenix conference proceedings, 1988. Jean- Anne Fitzpatrick, Jennifer English, The Kerberos Authentication System William Staling, Cryptography and Network Security Principles & Practices, fourth edition. Atul Kahate, Cryptography and Network Security, Second edition www.kerberos.org/software/tools.html http://web.mit.edu/kerberos/www www.scribd.com/doc/43652645/srs.ori Kerberos: White paper http://www.docs.hp.com/hpux/internet/index.htm l#Kerberos
7. Kerberos Authors Jennifer G. Steiner, Project Athena, Massachusetts Institute of Technology, Cambridge, MA 02139,
[email protected] Clifford Neuman, Department of Computer Science, FR-35, University of Washington, Seattle, WA 98195,
[email protected]. Clifford Neuman was a member of the Project Athena staff during the design and initial implementation phase of Kerberos. Jeffrey I. Schiller, Project Athena, Massachusetts Institute of Technology, Cambridge, MA 02139,
[email protected]
8. References [1] S.P. Miller, B.C. Neuman, J.I. Schiller, and J.H. Saltzer, Section E.2.1: Kerberos Authentication and Authorization System, M.I.T. Project Athena, Cambridge, Massachusetts (December 21, 1987). [2] S. M. Bellovin and M. Merritt. Limitations of the kerberos authenication system. Computer Communication Review, 20(5):119-132, October 1990S. Zhang, C. Zhu, J. K. O. Sin, and P. K. T.
IJCTA | Mar-Apr 2013 Available
[email protected]
357