Network Security - G. Steffen
User Authenticationfundamental security building block
basis of access control & user accountabilityis the process of verifying an identity claimed
by or for a system entityhas two steps:
identification - specify identifierverification - bind entity (person) and identifier
distinct from message authentication
Network Security - G. Steffen
Means of User Authentication four means of authenticating user's identitybased one something the individual
knows - e.g. password, PINpossesses - e.g. key, token, smartcardis (static biometrics) - e.g. fingerprint, retinadoes (dynamic biometrics) - e.g. voice, sign
can use alone or combinedall can provide user authenticationall have issues
Network Security - G. Steffen
Authentication Protocolsused to convince parties of each others
identity and to exchange session keysmay be one-way or mutualkey issues are
confidentiality – to protect session keystimeliness – to prevent replay attacks
Network Security - G. Steffen
Replay Attackswhere a valid signed message is copied
and later resentsimple replayrepetition that can be loggedrepetition that cannot be detectedbackward replay without modification
countermeasures includeuse of sequence numbers (generally
impractical)timestamps (needs synchronized clocks)challenge/response (using unique nonce)
Network Security - G. Steffen
One-Way Authenticationrequired when sender & receiver are not in
communications at same time (eg. email)have header in clear so can be delivered by
email systemmay want contents of body protected &
sender authenticated
Network Security - G. Steffen
Using Symmetric Encryptionas discussed previously can use a two-level
hierarchy of keysusually with a trusted Key Distribution
Center (KDC)each party shares own master key with KDCKDC generates session keys used for
connections between partiesmaster keys used to distribute these to them
Network Security - G. Steffen
Needham-Schroeder Protocoloriginal third-party key distribution protocolfor session between A B mediated by KDCprotocol overview is:
1. A->KDC: IDA || IDB || N1
2. KDC -> A: E(Ka,[Ks||IDB||N1|| E(Kb,[Ks||IDA])])
3. A -> B: E(Kb, [Ks||IDA])
4. B -> A: E(Ks, [N2])
5. A -> B: E(Ks, [f(N2)])
Network Security - G. Steffen
Needham-Schroeder Protocolused to securely distribute a new session key
for communications between A & Bbut is vulnerable to a replay attack if an old
session key has been compromisedthen message 3 can be resent convincing B
that is communicating with Amodifications to address this require:
timestamps in steps 2 & 3 (Denning 81)using an extra nonce (Neuman 93)
Network Security - G. Steffen
One-Way Authenticationuse refinement of KDC to secure email
since B no online, drop steps 4 & 5protocol becomes:
1. A->KDC: IDA || IDB || N1
2. KDC -> A: E(Ka, [Ks||IDB||N1 || E(Kb,[Ks||IDA])])
3. A -> B: E(Kb, [Ks||IDA]) || E(Ks, M)
provides encryption & some authenticationdoes not protect from replay attack
Network Security - G. Steffen
Kerberostrusted key server system from MIT provides centralised private-key third-party
authentication in a distributed networkallows users access to services distributed
through networkwithout needing to trust all workstationsrather all trust a central authentication server
two versions in use: 4 & 5
Network Security - G. Steffen
Kerberos Requirementsits first report identified requirements as:
securereliabletransparentscalable
implemented using an authentication protocol based on Needham-Schroeder
Network Security - G. Steffen
Kerberos v4 Overviewa basic third-party authentication schemehave an Authentication Server (AS)
users initially negotiate with AS to identify self AS provides a non-corruptible authentication
credential (ticket granting ticket TGT) have a Ticket Granting server (TGS)
users subsequently request access to other services from TGS on basis of users TGT
using a complex protocol using DES
Network Security - G. Steffen
Kerberos v4 Dialogue
Network Security - G. Steffen
Kerberos 4 Overview
Network Security - G. Steffen
Kerberos Realmsa Kerberos environment consists of:
a Kerberos servera number of clients, all registered with serverapplication servers, sharing keys with server
this is termed a realmtypically a single administrative domain
if have multiple realms, their Kerberos servers must share keys and trust
Network Security - G. Steffen
Kerberos Realms
Network Security - G. Steffen
Kerberos Version 5developed in mid 1990’sspecified as Internet standard RFC 1510provides improvements over v4
addresses environmental shortcomings encryption alg, network protocol, byte order, ticket
lifetime, authentication forwarding, interrealm authand technical deficiencies
double encryption, non-std mode of use, session keys, password attacks
Network Security - G. Steffen
Kerberos v5 Dialogue
Network Security - G. Steffen
Remote User Authenticationin Ch 14 saw use of public-key encryption for
session key distributionassumes both parties have other’s public keysmay not be practical
have Denning protocol using timestampsuses central authentication server (AS) to
provide public-key certificatesrequires synchronized clocks
have Woo and Lam protocol using noncescare needed to ensure no protocol flaws
Network Security - G. Steffen
One-Way Authenticationhave public-key approaches for email
encryption of message for confidentiality, authentication, or both
must now public keysusing costly public-key alg on long message
for confidentiality encrypt message with one-time secret key, public-key encrypted
for authentication use a digital signaturemay need to protect by encrypting signature
use digital certificate to supply public key
Network Security - G. Steffen
Federated Identity Managementuse of common identity management scheme
across multiple enterprises & numerous applications
supporting many thousands, even millions of users principal elements are:
authentication, authorization, accounting, provisioning, workflow automation, delegated administration, password synchronization, self-service password reset, federation
Kerberos contains many of these elements
Network Security - G. Steffen
Identity Management
Network Security - G. Steffen
Identity Federation
Network Security - G. Steffen
Standards UsedSecurity Assertion Markup Language (SAML)
XML-based language for exchange of security information between online business partners
part of OASIS (Organization for the Advancement of Structured Information Standards) standards for federated identity managemente.g. WS-Federation for browser-based federation
need a few mature industry standards
Network Security - G. Steffen
Federated Identity Examples
Network Security - G. Steffen
Summaryhave considered:
remote user authentication issuesauthentication using symmetric encryptionthe Kerberos trusted key server systemauthentication using asymmetric encryptionfederated identity management
Network Security - G. Steffen