Lecture Notes for Operating Systems
Kerberos, 11 December 2000
- kerberos - network security
- authentication and some information security
- developed at mit for project athena
- available for lots of machines
- used by osf for dce, microsoft for active directory service
- computational model - client-server; (ip) network based
- security model
- private key
- single sign on
- central trusted authority - entity-key database
- ticket-based certification
- three main kerberos functions (protocols)
- authentication - log on; key distribution center
- service authorization - ticket granting service
- service request - client and server
- user authentication
- client contacts kdc with client id
- kdc returns a ticket for the ticket granting service
- tickets are stored in the client's certification cache
- server request
- client contacts the tgs with the tgs ticket and server information
- tgs forms and returns a ticket for the server
- client stores the server ticket in the certification cache
- server authorization
- client contacts the server with the server ticket issued by the tgs
- server responds with an optional verification
- client-server interaction commences
- where's the security in all this?
- private-key cryptography - two functions
- encrypted text = encryption function(plain text, secret key)
- plain text = decryption function(encrypted text, secret key)
- important properties
- pt = df(ef(pt, sk), sk)
- pt != df(ef(pt, sk1), sk2) if sk1 != sk2
- tickets are encrypted with the server's secret key - the tgs ticket
returned by the kdc and the server ticket returned by the tgs
- messages from the kdc to the client are encrypted with the client's
key
- randomly generated session keys are used to protect client-server
communication
- a ticket: {c, s, c addr, timestamp, lifetime, Kc,s}Ks
- the kerberos protocols revisited
- user authentication
- client to kdc: c, tgs
- kdc to client: {Kc,tgs, {Tc,tgs}Ktgs}Kc
- server request
- client to tgs: s, {Tc,tgs}Ktgs, {Ac}Kc,tgs
- the authenticator: {c, c addr, timestamp}Kc,s
- tgs to client: {{Tc,s}Ks, Kc,s}Kc, tgs
- server authentication
- client to server: {Ac}Kc,s, {Tc,s}Ks
- server to client: {timestamp + 1}Kc,s
This page last modified on 11 December 2000.