ET4280

KỸ THUẬT MẠNG NÂNG CAO

Key Distribution and User Authentication

HANOI UNIVERSITY OF SCIENCE AND TECHNOLOGY
TRAN QUANG VINH
Ph.D., Assoc. Prof., Senior Lecturer
School of Electrical and Electronic Engineering
Smart Applications & Network System Laboratory
Add : Room 618, Ta Quang Buu Library
No.1 Dai Co Viet Road, Hanoi, Vietnam
Mobile : (+84) 912 636 939
Email : [email protected]
[email protected]
Website : https://sanslab.vn
 OUTLINE
 Symmetric key distribution using symmetric encryption
• Kerberos
• Version 4
• Version 5
 Key distribution using asymmetric encryption
• Public-key certificates
• Public-key distribution of secret keys
 X.509 certificates
• Certificates
• X.509 Version 3
 Public-key infrastructure
• PKIX management functions
• PKIX management protocols
 Federated identity management
• Identity management
• Identity federation
@ 2022 TRAN-QUANG VINH ◦ HUST 2
Symmetric Key Distribution using symmetric encryption
 For symmetric encryption to work, the two parties to an exchange
must share the same key, and that key must be protected from
access by others
 Frequent key changes are usually desirable to limit the amount of
data compromised if an attacker learns the key
 Key distribution technique
 The means of delivering a key to two parties that wish to exchange
data, without allowing others to see the key

@ 2022 TRAN-QUANG VINH ◦ HUST 3

 Key Distribution
 For two parties A and B, there are the following options:

• A key can be selected by A and physically delivered to B

1

• A third party can select the key and physically deliver it to A and B
2

• If A and B have previously and recently used a key, one party could transmit
the new key to the other, using the old key to encrypt the new key
3

• If A and B each have an encrypted connection to a third party C, C could

deliver a key on the encrypted links to A and B
4

@ 2022 TRAN-QUANG VINH ◦ HUST 4

Key Distribution CENTER

@ 2022 TRAN-QUANG VINH ◦ HUST 5

Key Distribution Task

@ 2022 TRAN-QUANG VINH ◦ HUST 6

 Kerberos
 Key distribution and user authentication service developed at MIT
 Provides a centralized authentication server whose function is to
authenticate users to servers and servers to users
 Relies exclusively on symmetric encryption, making no use of
public-key encryption

Two versions are in use

• Version 4 implementations still exist, although this version is
being phased out
• Version 5 corrects some of the security deficiencies of version 4
and has been issued as a proposed Internet Standard (RFC 4120)

@ 2022 TRAN-QUANG VINH ◦ HUST 7

 Kerberos version 4
 A basic third-party authentication scheme
 Authentication Server (AS)
• Users initially negotiate with AS to identify self
• AS provides a non-corruptible authentication credential (ticket granting
ticket TGT)
 Ticket Granting Server (TGS)
• Users subsequently request access to other services from TGS on basis
of users TGT
 Complex protocol using DES

@ 2022 TRAN-QUANG VINH ◦ HUST 8

 Kerberos version 4
 Kerberros Message Exchange

@ 2022 TRAN-QUANG VINH ◦ HUST 9

@ 2022 TRAN-QUANG VINH ◦ HUST 10
(1)

(2)

(3)

(4)

(5)

(6)

@ 2022 TRAN-QUANG VINH ◦ HUST 11

@ 2022 TRAN-QUANG VINH ◦ HUST 12
@ 2022 TRAN-QUANG VINH ◦ HUST 13
@ 2022 TRAN-QUANG VINH ◦ HUST 14
 Kerberos Realms
 Kerberos Realms
• A set of managed nodes that share
the same Kerberos database A Kerberos environment consists of:
• The Kerberos database resides on
the Kerberos master computer
system, which should be kept in a
physically secure room A Kerberos server
• A read-only copy of the Kerberos
database might also reside on other
Kerberos computer systems
• All changes to the database must A number of clients
be made on the master computer
system
• Changing or accessing the contents
of a Kerberos database requires the A number of application servers
Kerberos master password

@ 2022 TRAN-QUANG VINH ◦ HUST 15

 Kerberos principal
 A service or user that is known to the Kerberos system
 Each Kerberos principal is identified by its principal name

A service An
A realm Principal
or user instance
name name
name name

Principal names consist of three parts

@ 2022 TRAN-QUANG VINH ◦ HUST 16

 Differences between versions 4 and 5
 Environmental shortcomings  Technical deficiencies
• Encryption system dependence • Double encryption
• Internet protocol dependence • PCBC encryption
• Message byte ordering • Session keys
• Ticket lifetime • Password attacks
• Authentication forwarding
• Interrealm authentication

@ 2022 TRAN-QUANG VINH ◦ HUST 17

@ 2022 TRAN-QUANG VINH ◦ HUST 18
 Key Distribution Using Asymmetric Encryption
 One of the major roles of public-key encryption is to address the
problem of key distribution
 There are two distinct aspects to the use of public-key encryption in
this regard:
• The distribution of public keys
• The use of public-key encryption to distribute secret keys
 Public-key certificate
• Consists of a public key plus a user ID of the key owner, with the whole
block signed by a trusted third party
• Typically, the third party is a certificate authority (CA) that is trusted by
the user community, such as a government agency or a financial
institution
• A user can present his or her public key to the authority in a secure
manner and obtain a certificate
• The user can then publish the certificate
• Anyone needing this user’s public key can obtain the certificate and
verify that it is valid by way of the attached trusted signature
@ 2022 TRAN-QUANG VINH ◦ HUST 19
 Simple Secret Key Distribution
 Merkle proposed this very simple scheme
 allows secure communications
 no keys before/after exist

@ 2022 TRAN-QUANG VINH ◦ HUST 20

 Man-in-the-Middle Attack
 The Merkle’s very simple scheme is vulnerable to an active man-in-
the-middle attack

@ 2022 TRAN-QUANG VINH ◦ HUST 21

 Secret Key Distribution with Confidentiality and Authentication
 Distribution of Public Keys can be considered as using one of:
• public announcement
• publicly available directory
• public-key authority
• public-key certificates

@ 2022 TRAN-QUANG VINH ◦ HUST 22

 Secret Key Distribution with Confidentiality and Authentication
 Public Announcement
• users distribute public keys to recipients or broadcast to community at
large
̶ eg. append PGP keys to email messages or post to news groups or email list
• major weakness is forgery
̶ anyone can create a key claiming to be someone else and broadcast it
̶ until forgery is discovered can masquerade as claimed user

@ 2022 TRAN-QUANG VINH ◦ HUST 23

 Secret Key Distribution with Confidentiality and Authentication
 Publicly Available Directory
• can obtain greater security by registering keys with a public directory
• directory must be trusted with properties:
̶ contains {name,public-key} entries
̶ participants register securely with directory
̶ participants can replace key at any time
̶ directory is periodically published
̶ directory can be accessed electronically
• still vulnerable to tampering or forgery

@ 2022 TRAN-QUANG VINH ◦ HUST 24

 Secret Key Distribution with Confidentiality and Authentication
 Public-Key Authority
• improve security by tightening control over distribution of keys from
directory
• has properties of directory
• and requires users to know public key for the directory
• then users interact with directory to obtain any desired public key
securely
̶ does require real-time access to directory when keys are needed
̶ may be vulnerable to tampering

@ 2022 TRAN-QUANG VINH ◦ HUST 25

 Secret Key Distribution with Confidentiality and Authentication
 Public-Key Authority

@ 2022 TRAN-QUANG VINH ◦ HUST 26

Public-Key Authority

@ 2022 TRAN-QUANG VINH ◦ HUST 27

 X.509 Certificates
 ITU-T recommendation X.509 is part of the X.500 series of
recommendations that define a directory service
 Defines a framework for the provision of authentication services by
the X.500 directory to its users
 The directory may serve as a repository of public-key certificates
 Defines alternative authentication protocols based on the use of
public-key certificates
 Was initially issued in 1988
 Based on the use of public-key cryptography and digital signatures
 The standard does not dictate the use of a specific algorithm but
recommends RSA

@ 2022 TRAN-QUANG VINH ◦ HUST 28

 Public-Key Certificates
 certificates allow key exchange without real-time access to public-
key authority
 a certificate binds identity to public key
• usually with other info such as period of validity, rights of use etc
 with all contents signed by a trusted Public-Key or Certificate
Authority (CA)
 can be verified by anyone who knows the public-key authorities
public-key
 X.509 standard
• used in most network security applications, including IP security, secure
sockets layer (SSL), secure electronic transactions (SET), and S/MIME

@ 2022 TRAN-QUANG VINH ◦ HUST 29

 X.509 Authentication Service
 part of CCITT X.500 directory service standards
• distributed servers maintaining user info database
 defines framework for authentication services
• directory may store public-key certificates
• with public key of user signed by certification authority
 also defines authentication protocols
 uses public-key crypto & digital signatures
• algorithms not standardised, but RSA recommended
 X.509 certificates are widely used
• have 3 versions

@ 2022 TRAN-QUANG VINH ◦ HUST 30

 X.509 Certificate Use
 Based on public-key cryptography and digital signatures

@ 2022 TRAN-QUANG VINH ◦ HUST 31

X.509 Certificates

@ 2022 TRAN-QUANG VINH ◦ HUST 32

 Obtaining a user’s certificate
 User certificates generated by a CA have the following
characteristics:
 Any user with access to the public key of the CA can verify the user
public key that was certified
 No party other than the certification authority can modify the
certificate without this being detected
 Because certificates are unforgeable, they can be placed in a
directory without the need for the directory to make special efforts to
protect them

@ 2022 TRAN-QUANG VINH ◦ HUST 33

 Revocation of certificates
 Each certificate includes a period of validity
 Typically a new certificate is issued just before the expiration of the
old one
 It may be desirable on occasion to revoke a certificate before it
expires for one of the following reasons:
 The user’s private key is assumed to be compromised
 The user is no longer certified by this CA; reasons for this include
subject’s name has changed, the certificate is superseded, or the
certificate was not issued in conformance with the CA’s policies
 The CA’s certificate is assumed to be compromised

@ 2022 TRAN-QUANG VINH ◦ HUST 34

 Summary
 Symmetric key distribution  X.509 certificates
using symmetric encryption • Certificates
 Kerberos • X.509 Version 3
• Version 4  Public-key infrastructure
• Version 5 • PKIX management functions
 Key distribution using • PKIX management protocols
asymmetric encryption  Federated identity
• Public-key certificates management
• Public-key distribution of secret • Identity management
keys • Identity federation

@ 2022 TRAN-QUANG VINH ◦ HUST 43