ST.

ANN'S COLLEGE OF ENGINEERING & TECHNOLOGY,CHIRALA CSE

 Challenge/response
• Party A, expecting a fresh message from B, first sends B a nonce (challenge) and
requires that the subsequent message (response) received from B contain the correct
nonce value
One-Way Authentication:

One application for which encryption is growing in popularity is electronic mail (e-mail). The
very nature of electronic mail, and its chief benefit, is that it is not necessary for the sender and
receiver to be online at the same time. Instead, the e-mail message is forwarded to the receiver’s
electronic mailbox, where it is buffered until the receiver is available to read it.

The “envelope” or header of the e-mail message must be in the clear, so that the message can
be handled by the store-and-forward e-mail protocol, such as the Simple Mail Transfer Protocol
(SMTP). However, it is often desirable that the mail-handling protocol not require access to the
plaintext form of the message, because that would require trusting the mail-handling mechanism.
Accordingly, the e-mail message should be encrypted such that the mail-handling system is not in
possession of the decryption key. A second requirement is that of authentication. Typically, the
recipient wants some assurance that the message is from the alleged sender.

5.2. Kerberos:
S E
C
Kerberos is an authentication service developed as part of Project Athena at MIT, and is one of the
best known and most widely implemented trusted third party key distribution systems.

T
A workstation cannot be trusted to identify its users correctly to network services
 A user may gain access to a particular workstation and pretend to be another user operating
from that workstation
E
A C
 A user may alter the network address of a workstation so that the requests sent from the
altered workstation appear to come from the impersonated workstation

S
 A user may eavesdrop on exchanges and use a replay attack to gain entrance to a server or to
disrupt operations
Kerberos provides a centralized authentication server whose function is to authenticate users to
servers and servers to users. Unlike most other authentication schemes, Kerberos relies exclusively on
symmetric encryption, making no use of public-key encryption. Two versions of Kerberos are in
common use: version 4 & version 5.
Kerberos Requirements:

 Secure: A network eavesdropper should not be able to obtain the necessary information to
impersonate a user. More generally, Kerberos should be strong enough that a potential
opponent does not find it to be the weak link.
 Reliable: For all services that rely on Kerberos for access control, lack of availability of the
Kerberos service means lack of availability of the supported services. Hence, Kerberos should
be highly reliable and should employ a distributed server architecture with one system able
to back up another.
 Transparent: Ideally, the user should not be aware that authentication is taking place beyond
the requirement to enter a password.
 Scalable: The system should be capable of supporting large numbers of clients and servers.
ST.ANN'S COLLEGE OF ENGINEERING & TECHNOLOGY,CHIRALA CSE

Kerberos Version 4:
Makes use of DES to provide the authentication service
There are different approaches to security are:
1 SIMPLE AUTHENTICATION DIALOGUE
2 MORE SECURE AUTHENTICATION DIALOGUE.

A SIMPLE AUTHENTICATION DIALOGUE:

 For a secure transaction, server should confirm the client and its request.
 In unprotected network it creates burden on server, therefore an Authentication Server(AS) is
used.
 Authentication server (AS)
o Knows the passwords of all users and stores these in a centralized database
o Shares a unique secret key with each server
 Ticket
o Created once the AS accepts the user as authentic; contains the user’s ID and network
address and the server’s ID
o Encrypted using the secret key shared by the AS and the server
Consider the following hypothetical dialogue

S E
C
E T
A C
S
Problem: An opponent could capture the ticket transmitted in message (2), then use the name IDC
and transmit a message of form (3) another workstation. The server would receive a valid ticket that
matches the user ID and grant access to the user on that other workstation. To prevent this attack,
the AS includes in the ticket the network address from which the original request came.
A MORE SECURE AUTHENTICATION DIALOGUE:
 The main problem in A SIMPLE AUTHENTICATION DIALOGUE, the user must enter password
for every individual service.
 Kerberos overcome this by using a new server, known as Ticket granting server (TGS).
 Now in Kerberos we have two servers; AS and TGS.
ST.ANN'S COLLEGE OF ENGINEERING & TECHNOLOGY,CHIRALA CSE

The new service, TGS, issues tickets to users who have been authenticated to AS. Thus, the user first
requests a ticket-granting ticket from the AS. The client module in the user workstation saves this
ticket. Each time the user requires access to a new service, the client applies to the TGS, using the
ticket to authenticate itself. The TGS then grants a ticket for the particular service. The client saves
each service-granting ticket and uses it to authenticate its user to a server each time a particular
service is requested.
Let us look at the details of this scheme:

S
together with the TGS ID, indicating a request to use the TGS service. E
1. The client requests a ticket-granting ticket on behalf of the user by sending its user’s ID to the AS,

C
2. The AS responds with a ticket that is encrypted with a key that is derived from the user’s password,
which is already stored at the AS. When this response arrives at the client, the client prompts the

E T
user for his or her password, generates the key, and attempts to decrypt the incoming message.
If the correct password is supplied, the ticket is successfully recovered.
3. The client requests a service-granting ticket on behalf of the user. For this purpose, the client

ticket-granting ticket.
A C
transmits a message to the TGS containing the user’s ID, the ID of the desired service, and the

S
4. The TGS decrypts the incoming ticket using a key shared only by the AS and the TGS and verifies
the success of the decryption by the presence of its ID. It checks to make sure that the lifetime has
not expired. Then it compares the user ID and network address with the incoming information to
authenticate the user. If the user is permitted access to the server V, the TGS issues a ticket to
grant access to the requested service.
5. The client requests access to a service on behalf of the user. For this purpose, the client transmits
a message to the server containing the user’s ID and the service -granting ticket. The server
authenticates by using the contents of the ticket.
ST.ANN'S COLLEGE OF ENGINEERING & TECHNOLOGY,CHIRALA CSE

S E
C
E T
KERBEROS REALMS:

A C
A full-service Kerberos environment consisting of a Kerberos server, a number of clients, and a number

S
of application servers requires the following:
1. The Kerberos server must have the user ID and hashed passwords of all participating users in
its database. All users are registered with the Kerberos server.
2. The Kerberos server must share a secret key with each server. All servers are registered with
the Kerberos server
A Kerberos realm is a set of managed nodes that share the same Kerberos database. The Kerberos
database resides on the Kerberos master computer system, which should be kept in a physically secure
room. A read-only copy of the Kerberos database might also reside on other Kerberos computer
systems. However, all changes to the database must be made on the master computer system.
Changing or accessing the contents of a Kerberos database requires the Kerberos master password.

Kerberos Version 5:
Kerberos version 5 is specified in RFC 4120 and provides a number of improvements over version 4.
Kerberos version 4 was developed for use within the Project Athena environment and, accordingly,
did not fully address the need to be of general purpose.
Kerberos version 5 Authentication Dialogue:
The Kerberos version 5 message exchange involves three sessions, these are
a) Authentication service exchange
ST.ANN'S COLLEGE OF ENGINEERING & TECHNOLOGY,CHIRALA CSE

b) Ticket-granting exchange
c) Client/server authentication exchange.
Each session has two steps.

S E
C
T
Environmental differences between Kerberos version 4 and version 5:

E
S.No Parameters

A C Version 4 Version 5

In version 5, ciphertext is tagged

1
Encryption
system
dependence S Version 4 requires the use of DES.
with an encryption-type identifier so
that any encryption technique may
be used.
Version 5 network addresses are
Internet
Version 4 requires the use of tagged with type and length,
2 protocol
Internet Protocol (IP) addresses. allowing any network address type
dependence
to be used.
In version 4, the sender of a
message employs a byte ordering In version 5, all message structures
of its own choosing and tags the are defined using Abstract Syntax
Message byte
3 message to indicate least Notation One (ASN.1) and Basic
ordering
significant byte in lowest address Encoding Rules (BER), which provide
or most significant byte in lowest an unambiguous byte ordering.
address.
Lifetime values in version 4 are
In version 5, tickets include an
4 Ticket lifetime encoded in an 8-bit quantity in
explicit start time and end time,
units of five minutes. Thus, the
ST.ANN'S COLLEGE OF ENGINEERING & TECHNOLOGY,CHIRALA CSE

maximum lifetime that can be allowing tickets with arbitrary

expressed is 28*5=1280 minutes. lifetimes.
This may be inadequate for some
applications.
Version 4 does not allow
credentials issued to one client to
be forwarded to some other host
Authentication and used by some other client. Version 5 provides this capability
5
forwarding This capability would enable a authentication forwarding.
client to access a server and have
that server access another server
on behalf of the client.
In version 4, interoperability
Inter-realm among N realms requires on the Version 5 supports a method that
6
authentication order of N 2 Kerberos-to-Kerberos requires fewer relationships.
relationships, as described earlier.

Technical differences between Kerberos version 4 and version 5:

S.No Parameters Version 4

S E Version 5

Double
In version 4, that tickets provided to
C
clients are encrypted twice—once with In version 5, the ticket which ate
1
encryption

E T
the secret key of the target server and issued to the clients are encrypted
then again with a secret key known to with only one key.

PCBC
A C the client.
Encryption in version 4 makes use of a Version 5 provides explicit integrity
nonstandard mode of DES known as mechanisms,
2
encryption

Session
S propagating cipher block chaining
(PCBC).

The session keys are included in each

allowing the standard CBC mode to
be used for encryption
Each time connection is
established a different sub session
3 ticket that can be later used by client
keys key is used by both client and
and server.
server.
Version 5 provides a mechanism
Password It does not provide any mechanism to
4 known as pre authentication but it
attacks prevent attacks on passwords
does not prevent password attacks

5.3 Transport Level Security:

5.3.1 Web security considerations:

The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP
intranets
The following characteristics of Web usage suggest the need for tailored security tools: