The Kerberos Protocol

CE00382-2-HSSN2 INDIVIDUAL PUBLICATION
NAME STUDENT NO INTAKE MODULE CODE & TITLE PUBLICATION SUPERVISOR/ LECTURER DATE SUBMITTED
: : : : : : :
John Wilson. TP022799. UC2F1105CSE. CE00382-2-HSSN2.
The KERBEROS Protocol.

Ms. JudyAnne Fernandez. 16TH / January / 2012.
JOHN WILSON | TP022799 | Staffordshire University
Page 1
Table of Contents
1.0 Gantt Chart 2.0 Introduction 3.0 Protocol Description 4.0 Protocol Model 5.0 Protocol Operation 6.0 Components of the Protocol 7.0 Strengths of the Protocol 8.0 Weakness of the Protocol 9.0 Relationship to Network Security 9.0 Description of Multimedia Tool Used 9.0 Conclusion 9.0 References 9.0 Appendices
3 4 5 5 6 8 10 11 12 14 15 15 16
Page 2
1.0 | Gantt chart
Page 3
2.0 | Introduction
Kerberos is a network authentication protocol that is designed to provide secure access between a client and server in an open or unsecure network. Kerberos developed as a tool to offer a backbone of a unified secure network at the Massachusetts Institute of Technology in the early 80s in a project called Athena. Research and Development was carried out through the collective funding effort of both IBM computers and Digital Electronic Corporation (DEC) and this saw the rapid development of the Protocol through the creation of varied modules and standards of providing secured access. Its through the advancements made in both the research and development of this protocol that saw it being readily accepted in to the market as the standard universal authentication protocol for the worlds computer networks. Different versions of the protocol have been in continual development and release as software suites to developers and several computer companies though the first three versions are reserved as proprietary standards at the Massachusetts Institute of Technology since they implement auxiliary military technology in their operational algorithm structure. Advancements in the development of the protocol have been made possible since MIT (Massachusetts Institute of Technology) offers the native source code to all developers who wish to advance or modify the algorithms of the protocol to suit their needs. This measure saw independent developers such as Steve Miller and Clifford Neumann collectively create a new version of Kerberos in the early 80s too. Developments in the native protocol have seen the creation of a stronger, more secure and reliable authentication protocol over the years and this measure has led to the main forefront computing companies such as Microsoft, Apple and Google deploying it in all their products and furthermore adopting it as a default authentication standard. Usage of the protocol is done through vending in that the companies that use the technology do so through acknowledgement of the copyrights stated by the Massachusetts Institute of Technology. This serves both as a licensing factor and also offers a ubiquitous channel of support since all the major stakeholders using the technology usually fund its research.
Page 4
3.0 | Protocol Description

Kerberos was designed as a network authentication Protocol that aimed to provide a stronger and more reliable means of verification between the Client and Server using secret key cryptography. This effectively means, Kerberos prevents the sniffing of passwords and other data content being sent over open, distributed networks which are not necessarily secured. The protocol was also created to address the issue of Firewalls since most firewalls work on the principle assumption that threat to a network can only come from an external source and not internally. This means that in case unsecured content is being sent within the same network, the Firewall will not serve the purpose of encrypting the data and making sure that data movement only occurs within secured nodes. The protocol also enabled single sign-on on a client to access different services from the server.
3.1| Protocol Model
Page 5
3.2 | Protocol Operation

The Kerberos protocol works by encrypting any information that is being sent by the client to the server and also provides key authentication features that are implemented through both tokens and keys using secret key cryptography. It achieves this through the following steps. Client -> Authentication Server: Sends a clear text. Clear text consists of the Login data thus the username and password. The Authentication server checks if the user exists in the database. If true, the Authentication Server generates a special client server key and attaches it to the request. Authentication Server -> Client: The A.S sends 2 Messages (A) and (B). Message (A) Ticket Granting Server Session Key -> Encrypted with client server key. Message (B) - Ticket Granting Ticket (Client ID + Client Network Address + Ticket Validity Period) -> Encrypted with TGS session key. Client decodes Message (A) to obtain Ticket Granting Server Session Key. Client cant Decode Message (B) since its encrypted with a different key. Client -> Ticket Granting Server: Sends two Messages (C) and (D). Message (C) Ticket Granting Ticket (Message B). Message (D) Authenticator (Client ID + Timestamp) -> Encrypted with Ticket Granting Server session key from A. TGS decrypts Message (C) to get Ticket Granting Ticket + TGS session Key. TGS decrypts Message (D) using obtained TGS session key and gets the client ID and Timestamp. TGS checks that Client ID from C matches Client ID from D. TGS checks that the timestamp doesnt exceed the validity period. Ticket Granting Server -> Client: Sends two Messages (E) and (F). Message (E) - Client to File Server Ticket (Client ID + Network Address + Validity + Client Server Session Key) -> Encrypted with File Server Key. Message (F) Client Server Session Key - >Encrypted with TGS key from Message A. Client decrypts Message (F) and obtains Client Server Session Key.
Page 6
Client -> File Server: Sends two Messages (E) and (G). Message (E) - Client to File Server Ticket. Message (G) - Authenticator (Client ID + Timestamp) -> Encrypted with Client Server Session key from F. F.S decrypts Message (E) gets Client ID and Network Address. F.S decrypts Message (G) using key obtained from Message (E). F.S checks that Client ID from E and G match. F.S checks that the validity period hasnt expired. File Server -> Client: Sends Message (H). Message (H) Timestamp found in (G+1) -> Encrypted with client server session key. Client now knows any message with (Timestamp +1) is from the server. Client can now communicate to the Sever through a secure connection. All in all, the Kerberos Protocol uses both cryptography and symmetric key mechanisms to achieve secure network connectivity. Knowledge of the secret key that is generated as one packet is routed from any object within the key distribution center is regarded as True identity. Aside from the protocol being used to authenticate clients and services within a common network, Kerberos can also be used to establish secure connections in an unsecured network where clients are not necessarily in the same network pool. In such instances, Cross Authentication occurs. Its implemented through both tokens and keys. Its also to be noted that since the Kerberos protocol uses fixed sets of time stamps to authorize clients to the server, the clock on the main Kerberos Server should always be accurate. Implementation of fixed time stamps is necessary in order to deter any client requests that might be using reply attacks. This further enhances secure interconnectivity. In order to foster reliable services on the Kerberos server, a secondary server known as a slave is needed. The slave server acts a backup to the main server and ensures that processing of the tokens and session keys are in line with the main central database. In this case, special Kerberos Software is installed on the main server in order to ensure all operations are concurrent. The Kerberos infrastructure is to be implemented in such a way that if the main server fails, the slave will automatically pick up. The clients should also configure the Kerberos file within their systems in order to facilitate secure access and seamless communication.
Page 7
4.0 | Components of The Protocol

Realm This refers to the scope to which the authentication server has the authority to provide its services between a client and the server. Cross Authentication results when two objects from different realms need to be authenticated in order to facilitate secure communication between them. Principal This refers to the name the authentication server uses to keep track of all the entries made to it. Each principal is denoted by a component depending on the version of Kerberos that is being used. Ticket This refers to a token or certificate that the client uses to denote its authentication when making a connection to the application server. A ticket is only to be shared between one client and the server. The ticket is considered secret. Encryption This refers to the collective process of hiding data that is being sent between a client and an application server in an unsecured network to realize security. Encryption Type This refers to the type of algorithms that are used in any specific Kerberos protocol to facilitate secure connections in unsecured networks. Encryption types range from 56bits DES for Kerberos 4 to triple DES encryption for Kerberos 5. Encryption Key This is a token that serves to encrypt the users password when being stored in the application server during authentication. Key Distribution Center This refers to an object which facilitates the collective process of providing secure access of the client to the server in an unsecured network. It primarily consists of the authentication Server, the Ticket granting system and a database. Authentication Server This refers to a component of the Key distribution center that serves to respond to an incoming request from a client that seeks to access the server. It also serves the primary role of issuing a ticket granting ticket to the client. Ticket Granting Server This refers to a component within the key distribution center that serves to grant service tickets to validated clients. Validation is approved once the client has obtained a ticket granting ticket from the authentication server.
Page 8
4.0 | Components of The Protocol

Database This refers to a container that stores all the entries and services from the client to the server. A master key is used to provide further encryption. Each entry made in the database comprises of a number of units that serve as unique fields that identifies each entry. Examples of the entries included in the database are: A principal to the entry Encryption Key Validity Duration Ticket Attributes Password Expiration Date.
Session Key This refers to a special token pass that is generated within the key distribution center and servers to establish a secure connection between the client and services accessing the server at a particular time. This key is not long term as opposed to the other types of key generated during a session. Reply Cache This refers to a technique unique to Kerberos 5 that serves to deter imposters from using the same generated tickets and session keys for the purpose of accessing the server. It works by buffering a path to which the original tokens and keys will follow when being authenticated. Client This refers to a user or terminal that seeks to establish a connection to the server. Application Server This refers to the destination terminal which offers services to a client in a network. Stash File This refers to the array of disks that are resident within the database in the key distribution center.
Page 9
4.1 | Strengths of The Protocol

Kerberos is mature This is illustrated through its extensive rate of use in the market and also the invaluable amount of time that has been spent in furthering the development of the authentication protocol. Auditability & meeting majority requirement This is illustrated through its ability to easily integrate with other security frameworks such as the public key infrastructure and the ability to be easily audited in a system for service compliance. Prevents Phishing This is achieved through the process of ensuring that both the client and the server have a mutual consent after verification hence limits the possibilities of other network entities posing as the real server and deterring any loss of data. Improved Speed - This is because Kerberos bridges the security gap between the client and the server hence applications dont necessarily have to have background services to restrict network activity. Interoperability This is illustrated by the inherent ability on the Kerberos protocol to work efficiently without conflict with any existing firewall parameters that have been defined in any given network. This is also one of the reasons as to why it was adopted as a defacto standard in Operating Systems such as Windows, Macintosh and UNIX. Due to the high interoperability preference, the protocol is also being packaged with leading entertainment devices and consoles. Secure & Reliable This is a key feature that serves as the primary center of focus since Kerberos uses very strong cryptography techniques that are illustrated through tokens and keys when authenticating clients to the server in a network. Extended Support This is amongst the chief strengths that comprise the Kerberos Protocol. Apart from it being an actual server, its algorithms and native code can still be updated to adapt to new technologies as well as cope with new challenges that are presented within network communication. This can be seen through the development of Kerberos 4 and Kerberos 5 Module versions. Private Login The protocol can be easily adjusted to offer a solution to accessing different network connections within the same network securely. This is clearly achieved through the establishment of parameters such as password Login.
Page 10
4.2 | Weakness of The Protocol Server Limitation This occurs in the case where the Kerberos Server is down or isnt
functioning properly as it should. Authentication within the network ceases thus rendering the connections unsecure.
This could be solved through the implementation of a slave server which

readily syncs with the primary in case of a breakdown.
Cost In the case where an organization might be required to provide secure access
between the clients and the server over a wide area, more than one Kerberos server might be needed and might thus prove costly.
Depending on the size of the network and the infrastructure that is

implemented within any given Network, costs can be reduced through tweaking the services of the Kerberos server since it has the capacity to deliver more than just authentication and authorization.
Clock Synchronization This occurs in since the client and server use timestamps as a
measure of providing secure connections within the network, the clocks of the clients must be at least within 10minutes of the Kerberos Server time.
This problem could easily be solved by ensuring that the clocks of both
the clients and the server workstations dont drift past 10minutes of each other in order to avoid conflict.
Page 11
5.0 | Relationship Between Protocol and Network Security

The Use of Kerberos as an infrastructure in a network mitigates the occasional security breaches which occur when data is not safely relayed within a given network. This has clearly been highlighted herein through the various levels of encryption that the protocol sets and defines before a client can communicate with a server. Apart from the Kerberos Protocol preventing the transmission of plain text passwords over a secure or unsecured network, the protocol also centralizes all the entries being made to the server into a common database thus further simplifying both maintenance and management. The protocol also bridges the gap by providing an avenue that saves both the client and the server the need to store large arrays of usernames and passwords for every event and service that wishes to establish a secure connection. Security is further demonstrated through the use of cryptography and symmetric key mechanisms in order to achieve the common goal of providing secure client server connections within a network. Symmetric keys work on the principle that the message token key to be decoded is only available once the previous token is decrypted. Security is further demonstrated by the fact that the Kerberos Protocol is able to facilitate continual data transfer over an unsecured network by the client without necessarily limiting their abilities since it uses encryption. This further strengthens its advantage over other security parameters such as firewalls. Encryption not only facilitates secure connectivity within the network but also ensures that if the information was to be leaked by any chance it would be meaningless to the new party unless the same decrypting algorithm is implemented. Security is further enhanced using the Kerberos Protocol in that the clients ID is securely presented to the server thus making sure that all communication between the server and client is discrete and no other client can tell what each is sharing with the server. The Kerberos protocol also realizes security since it provides a variety of additional services on top of authentication across distributed systems within a network. This has further led to its worldwide acceptability as the defacto authentication standard across the main Operating Systems. The Kerberos protocol in general is astute in that its not static. This means some parameters within the main body of the protocol can easily be adjusted to cope with a new network infrastructure and still manage to offer the same level of security in its authentication and authorization.
Page 12
6.0 | Description of Multimedia Tool Used

The Simulation of the Kerberos Protocol was done using Adobe Flash, a component that is normally packaged under the Adobe Master Suite and is used for animation work. Adobe flash is a multimedia platform that provides the user with a means of adding motion, color changes and a variety of controls onto objects that have been placed on the rendering space queue. It has the inherent ability to manipulate both vector and raster graphics depending on the preference of the user and also further supports Action scripts. The Flash content rendered can be displayed on a number of platforms and he key to this depends on the existence of an Adobe Flash Player. There are a number of services and features that are consistent with all versions of Flash that are distributed with the Adobe Master Suite. Key of these includes: Text Entry This refers to a control in the main toolbar panel that enables the user to mark elements on a flash storyboard. Color and orientation of the text can be done too. Moving Elements This refers to a control in the toolbar panel that enables one to add motion to an object that is within the storyboard. Motion could be in any direction and is represented on the control panel in form of frames. Multiple frames are bound in between two common key frames at the start and at the end on the timeline. Import and Export of Objects This refers to the ability of both to inherit an object into the main storyboard from a particular location within the disk; while exporting refers to the action involved in making a copy of the rendered animation to a different location. Frame Based Timeline This refers to perhaps the most essential and characteristic feature in Adobe Flash. This not only provides the user with an overview of the work being rendered on the storyline but also serves as a point of reference and editing. Action Script Support This is an example of a feature that Adobe supports in that one could successfully add more functionality to an object on the storyline without necessarily using the timeline. This is possible through the usage of code. Test Rendering This is a feature that provides a live preview of the work being arranged on the timeline before full completion.
Page 13
6.0 | Description of Multimedia Tool Used

Its also to be noted that Adobe Flash also supports 3rd part tools such as Ajax Animator and a number of 3rd party plugins which all server the purpose of increasing the softwares productivity level and overall efficiency. Adobe Flashs user experience is far and wide in that its supported on a number of operating systems and cross platform devices such as mobile phones to web browsers on a PC. The overall performance of Adobe Flash depends on the environment on which it is running. For more optimized and tweaked machines, the performance may exceed that of a normal computer since Adobe is enterprise software.
Sample Output
Page 14
7.0 | Conclusion
Firstly, I would like to acknowledge my Lecturer for guiding me throughout the development of the project. She was very instrumental in ensuring that I followed the correct steps in making the program. Thanks Ms. Judy.
Secondly, I would like to acknowledge the spirit of cooperation that was shown by my classmates during the development of my research paper and prototype. They all proved essential since their ideas and critism helped me come up with a fairly competitive program that meet all the user requirements and offered even more.
8.0 | References
MIT Kerberos Consortium. (2008). Kerberos. Available: http://www.kerberos.org/software/whykerberos.pdf. Last accessed 10th Jan 2012. V. Alex Brennen. (2004-09-07). Kerberos Infrastructure. Available: http://cryptnet.net/fdp/admin/kerby-infra/en/kerby-infra.html. Last accessed 10th Jan 2012.
Steve Buckley. (2006). Kerberos: The Network Authentication Protocol.

Available: http://web.mit.edu/kerberos/krbdev.html. Last accessed 10th Jan 2012.
Danny Djeljosevic. (2004). What Is Kerberos?. Available:

http://www.ehow.com/about_5063827_kerberos.html. Last accessed 10th Jan 2012.
Page 15
9.0 | Appendix: Kerberos Protocol

Appendix A: Steps to Install and Configure Kerberos.
General Machine Overview. Hardware. GNU/Linux Installation. Choosing a realm. Kerberos Software Configuration. Principal Creation.
Page 16

Appendix B: List of Key requirements Kerberos is based on.
Single sign on for users. Operate within distributed systems based on an open Internet model. Integrate with existing technology. Mutual authentication of parties involved in information exchanged. Passwords should never be exposed during authentication. Central administration of authentication secrets. Use of cryptographic measure. Support arbitrary distribution of services and users. Trust no party until authenticated. Operate in a hostile environment.
Page 17

Appendix C: Using the Swf Flash Simulation Export. In order to successfully view the rendered Flash file, it is necessary for the user to first observer the following set of rules. Make sure Adobe Flash Player is installed on the host machine. Open the Folder containing the Flash Files. The File that is to be run contains a .Swf extension. Double click the File. Once the File is open, it will begin the simulation on default. The speed and screen magnification can be adjusted readily from the menu bar on the Flash Player at the users request.
The rendered flash animation cannot be further edited since its locked and is exported after rendering as a common unit file. Editing is only possible on the original file which bears an .fls file extension. It should however be noted that for best viewing, the Adobe Flash Player installed on the host machine is up to date and is not corrupted since this might affect the overall working of the simulation.
Page 18

The Kerberos Protocol

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

The Kerberos Protocol

Hochgeladen von

Copyright:

Verfügbare Formate

CE00382-2-HSSN2 INDIVIDUAL PUBLICATION

John Wilson. TP022799. UC2F1105CSE. CE00382-2-HSSN2.