Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

CPS 290.2 Computer Security SSH Kerberos CPS 290

advertisement 
CPS 290.2 Computer Security
SSH
Kerberos
CPS 290
Page 1
SSH v2
• Server has a permanent “host” public-private key pair (RSA
or DSA) . Public key typically NOT signed by a certificate
authority. Client warns if public host key changes.
• Diffie-Hellman used to exchange session key.
– Server selects g and p (group size) and sends to client.
– Client and server create DH private keys a and b. Client
sends public DH key ga.
– Server sends public DH key gb and signs hash of DH
shared secret gab and 12 other values with its private
“host” key.
– Client verifies signed shared secret using public key.
• Symmetric encryption using 3DES, Blowfish, AES, or
Arcfour begins.
• User can authenticate by sending password or using publicprivate key pair. Private key has optional passphrase.
• If using keys, server sends “challenge” signed with users
public key for user to decode with private key.
CPS 290
Page 2
SSH Applications
Secure Shell (SSH):
Replacement for insecure telnet, rlogin, rsh, rexec,
which sent plaintext passwords over the network!
CPS 290
Page 3
SSH Applications
Port forwarding (email example):
Log in to linux.cs.duke.edu. Forward anything received locally
(phoenix) on port 25 to linux.cs.duke.edu on port25.
Useful if “phoenix” is not a trusted email relayer but “linux” is.
“phoenix” email program configured to use phoenix as relayer
CPS 290
Page 4
Kerberos
A key-serving system based on Private-Keys (DES).
Assumptions
• Built on top of TCP/IP networks
• Many “clients” (typically users, but perhaps
software)
• Many “servers” (e.g. file servers, compute servers,
print servers, …)
• User machines and servers are potentially insecure
without compromising the whole system
• A kerberos server must be secure.
CPS 290
Page 5
Kerberos (kinit)
Kerberos
Authentication
Server
2
1
Client
1.
2.
3.
4.
5.
3
Ticket Granting Server
(TGS)
4
5
Service Server
Request ticket-granting-ticket (TGT)
<TGT>
Request server-ticket (ST)
<ST>
Request service
CPS 290
Page 6
Kerberos V Message Formats
C = client S = server K = key or session key
T = timestamp V = time range
TGS = Ticket Granting Service A = Net Address
Ticket Granting Ticket: TC,TGS = TGS,{C,A,V,KC,TGS}KTGS
Server Ticket:
TC,S = S, {C,A,V,KC,S}KS
Authenticator:
AC,S = {C,T}KC,S
1.
2.
3.
4.
5.
Client to Kerberos: C,TGS
Kerberos to Client: {KC,TGS}KC, TC,TGS
Client to TGS:
TC,TGS , S, AC,TGS
TGS to Client:
{KC,S}KC,TGS, TC,S
Client to Server: AC,S, TC,S
CPS 290
Possibly
repeat
Page 7
Kerberos Notes
All machines have to have synchronized clocks
– Must not be able to reuse authenticators
Servers should store all previous and valid tickets
– Help prevent replays
Client keys are typically a one-way hash of the
password. Clients do not keep these keys.
Kerberos 5 uses CBC mode for encryption Kerberos 4
was insecure because it used a nonstandard mode.
CPS 290
Page 8
Related documents
Chapter 13. Security Protocols Project 13A: Public Key Infrastructure
Chapter 13. Security Protocols Project 13A: Public Key Infrastructure
land - Concord Italia
land - Concord Italia
CMOS Transmission Gates:
CMOS Transmission Gates:
  September 29, 2011 Dear Valued Customer:
  September 29, 2011 Dear Valued Customer:
Abusing-Microsoft-Kerberos-Sorry-You-Guys-Don't-Get-It
Abusing-Microsoft-Kerberos-Sorry-You-Guys-Don't-Get-It
Download
advertisement