Lecture7

Lecture7 - Lecture 7 Authentication / Authorization Systems...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Lecture 7 Authentication / Authorization Systems and Kerberos CNT 5412 Network Security
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 Needham and Schroeder Paper 1978 • Seminal paper on Cryptographic Protocols • Identified several "canonical" protocols including for authentication Accidentally illustrated the first canonical protocol flaw found – The flaw was found two years later – The flaw reflects a very unlikely attack – Nonetheless, it illustrates how hard it is to produce reliable cryptographic protocols.
Background image of page 2
3 Needham and Schroeder Symmetric Key Protocol Alice S = KDC K as { n a , B, K ab , K bs {K ab ,A} } Bob K bs {K ab , A} (A, B, n a ) K ab {n b -1} K ab {n b } Note: a ticket is in red
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 A =>S: (A,B,n a ) S =>A: K as {n a , B, K ab , K bs {K ab ,A} } A =>B: K bs {K ab , A} B =>A: K ab {n b } A =>B: K ab {n b -1} Needham and Schroeder Symmetric Key Protocol
Background image of page 4
5 Initial session A =>S: (A,B,n a ) S =>A: K as { n a , B, K ab , K bs {K ab , A} } A =>B: K bs {K ab , A} -- This message establishes the session key Note that this has no nonce/timestamp/other identification B =>A: K ab {n b } A =>B: K ab {n b -1} The malicious intruder captures the key interchange messages and the ensuing session. Over time, she compromises K ab , then initiates a new session with Bob . Attack on the Needham and Schroeder Protocol (Replay )
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Initial session A =>S: (A,B,n a ) S =>A: K as { n a , B, K ab , K bs {K ab ,A} } A =>B: K bs {K ab , A} B =>A: K ab {n b } A =>B: K ab {n b -1} B =>A: K ab {n b '} [intercepted by T] T =>B: K ab {n b '-1} T =>B: K bs {K ab , A} Replay session: (Trudy knows K ab ) Attack on the Needham and Schroeder Protocol
Background image of page 6
7 Result of the Attack • Bob believes that he is in a secure session
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/20/2012 for the course CNT 5412 taught by Professor Sudhir during the Spring '12 term at FSU.

Page1 / 22

Lecture7 - Lecture 7 Authentication / Authorization Systems...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online