1 / 29

A less formal view of the Kerberos protocol

A less formal view of the Kerberos protocol. J.-F. P â ris. Dramatis personae. The client logged on a workstation The Kerberos server The Ticket Granting Service A server s the client wants to access. The three acts. Talk to Kerberos and get a reply Talk to TGS and get a reply

karen-wyatt
Download Presentation

A less formal view of the Kerberos protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A less formal view of the Kerberos protocol J.-F. Pâris

  2. Dramatis personae • The client logged on a workstation • The Kerberos server • The Ticket Granting Service • A server s the client wants to access

  3. The three acts • Talk to Kerberos and get a reply • Talk to TGS and get a reply • Talk to server s

  4. Act One Ticket granting service TGS Kerberos Server S 1 WS K Client c on workstation WS

  5. Act One • Client sends to Kerberos a message • Hello! • I am client c • I want a ticket for TGS

  6. Act One Ticket granting service TGS Kerberos Server 2 S 1 WS K Client c on workstation WS

  7. Act One • Kerberos replies • Here are the ticket and an encrypted session password Kc,tgs

  8. What if the client lied to Kerberos? • He still gets the ticket but this ticket is worthless • Why?

  9. What guarantees ticket integrity?

  10. How is Kc,tgs encrypted?

  11. How is Kc,tgs passed to the TGS?

  12. How long is the ticket valid?

  13. Why? • Kerberos cannot revoke individual tickets • It can only revoke all tickets

  14. Act Two Ticket granting service TGS 3 Kerberos Server 2 S 1 WS K Client c on workstation WS

  15. Act Two • Client sends to TGS • A request for server s • The ticket he/she got from Kerberos • An authenticator encrypted with Kc,tgs and stating • Who sent the ticket • From which address • At which time

  16. Act Two • TGS • Decrypts ticket using its Ktgs key • Checks that ticket is valid • Extracts session key Kc,tgs from ticket • Checks that ticket is not a duplicate by looking attimestamp inside authenticator

  17. Detecting duplicates • TGS will reject all tickets accompanied with authenticators whose timestamps are • Too old • Same as the timestamp of a recently sent authenticator

  18. Act Two Ticket granting service TGS 3 4 Kerberos Server 2 S 1 WS K Client c on workstation WS

  19. Act Two • TGS replies • Here is the ticket for server s and an encrypted session password Kc,s

  20. What guarantees ticket integrity?

  21. How is Kc,s encrypted?

  22. How is Kc,s passed to server s?

  23. How long is the ticket valid? • For a limited time as all ticket should

  24. Act Three Ticket granting service TGS 3 4 Kerberos Server 2 5 S 1 WS K Client c on workstation WS

  25. Act Three • Client sends to server s • The ticket he/she got from the TGS • An authenticator encrypted with Kc,s and stating • Who sent the ticket • From which address • At which time

  26. Act Three • Server s processes ticket and authenticator as TGS did in act two

  27. Act Three Ticket granting service TGS 3 4 Kerberos Server 2 5 6 S 1 WS K Client c on workstation WS

  28. Act Three • If mutual authentication is needed,server s sends to client • Authenticator it received from c with • Timestamp incremented by one

  29. Why? • It proves to the client that s can decrypt the authenticator • Requires being able to decrypt the ticket issued by TGS • Requires knowledge of server key Ks

More Related