White Paper2 Kerberos

7/31/2019 White Paper2 Kerberos

1/28

Page|1

CST223 Information Security & Assurance

Kerberos Secure Authentication

Name: LEE KUAN YEH

Metric No: 110957

Course Lecturer: Dr. AMAN JANTAN


2/28

Page|2

Table of Contents

Abstract ............................................................................................................... 2

Introduction ........................................................................................................ 3

Brief history of Kerberos ................................................................................... 4

Why use Kerberos? .......................................................................................... 6

Kerberos Authentication Architecture .............................................................. 9

Kerberos Ticketing Process ............................................................................. 11

Authentication Steps .................................................................................... 12

Kerberos Operational Principle..................................................................... 17

Kerberos Supported Encryption ................................................................... 18

Limitation of Kerberos .................................................................................. 20

Real World Case................................................................................................ 22

Testing the Kerberos Authentication with Packet Sniffing ................................ 22

Discussion .................................................................................................... 25

Conclusion ........................................................................................................ 26

References ........................................................................................................ 27

Abstract


3/28

Page|3

In the growth of technology and network. The security has become a big

issues. More importantly, in this paper we will discuss about Kerberos and it

security authentication. Discussion included with Kerberos authentication

protocol with client and server applications. Besides, we will discuss about how

the authentication exchange or ticket-granting exchange occurred between client

and server. Similarly, we will discover how the client communicate with the nodes.

Moreover, through this activities we can comprehend more on network

vulnerabilities, secure client/server authentication and reducing attack risk.

Introduction


4/28

Page|4

Nowadays globalization culture has spread to every part on earth as well

as computer network. Inside the network, computer system or server provide

services to multiple users and require to identify the user. In old fashion systems,

the user's identity is verified by checking a password typed during login.

This activity of verifying the user's identity is called authentication.

Password based authentication is not suitable for use on computer networks.

Passwords sent across the network can be intercepted and subsequently used

by eavesdroppers to imitate the user also known as MITM (Man in the Middle)

attack. On the other hand, Kerberos provides secret key and used strong

cryptography to prevent such threat and also to prove users identity. It can also

encrypt all of client/server communications to assure privacy and data integrity as

they go into business. Indeed, Kerberos has become a security standard that

provides secure authentication services to users, applications, and network

devices, which eliminates the threats caused by passwords being stored or

transmitted across the network.

Brief History of Kerberos


5/28

Page|5

Kerberos was started developed in 1980 in MIT (Massachusetts Institude

of Technology). It was originally developed for the distributed computing

environment that MIT deployed in the 1980s as Project Athena (project campus-

wide distributed computing environment for educational use) .

Total of 8 years of research passed before Kerberos, named after the

three-headed Greek mythology. In the mythology, KERBEROS (or Cerberus)

was the gigantic hound which guarded the gates of Haides and posted to prevent

ghosts of the dead from leaving the underworld. Kerberos was described as a

three-headed dog with a serpent's tail, a mane of snakes, and a lion's claws. [1]

Eventually, the name was appropriate because Kerberos was a three-way

process, depending on a third-party service called the Key Distribution Center

(KDC) to verify one computer's identity to another and to set up encryption keys

for a secure connection between them.

As a matter of fact, Kerberos was a part of Project Athena, which started

in 1983 when MIT decided to integrate network computers as part of its campus

curriculum. The goals of Athena were the integration of a SSO (Single Sign-on),

networked file systems, a unified graphical environment, and a naming

convention service. Within 5 years, all these goals had been achieved. In the

year 1987, Kerberos V4 designed and installed at MIT for the project.

Besides, Kerberos also provided a secure replacement for the then widely

used Berkeley Unix networking commands that allowed individuals to


6/28


7/28

Page|7

Secure authentication

While logging in the network, user's passwords are never sent across the

network, encrypted or in plain text. The secret keys are only passed across the

network in encrypted form. Thus attackers have not enough information to

impersonate an authenticated user or an authenticated target service (MITM

attack) in the network. Hence, it secure authentication and data stream

encryption for Telnet.

Mutually Authentication

Client and server systems mutually authenticate -- at each step of the process,

both the client and the server systems may be certain that they are

communicating with their authentic counterparts. Thus the authentication is very

reliable.

Attack prevention

This refer to the tickets passed between clients and servers in the Kerberos

authentication model include timestamp and lifetime information. This allows

Kerberos clients and Kerberos servers to limit the duration of their users'

authentication. While the specific length of time for which a user's authentication


8/28

Page|8

remains valid after his initial ticket issued is implementation dependent, Kerberos

systems typically use small enough ticket lifetimes to prevent brute-force and

replay attacks. In other words, authentication ticket prevent attacker to have

enough time required to crack the encryption of the ticket.

Authentications are reusable and durable.

A user need only authenticate to the Kerberos system once (using his principal

and password). Everytime of his authentication ticket, he may then authenticate

to Kerberized services across the network without re-entering his personal

information. Beisides, with Kerberos manager, it is easier to manage credentials

and realm configurations.

Service session key

The dual-key encryption scheme employed in the Kerberos model, a service-

session key is generated which constitutes a shared secret between a particular

client system and a particular service. This shared secret may be used as a key

for encrypting the conversation between the client and the target service, further

enhancing the security of Kerberized transactions.

Open Source


9/28

Page|9

Kerberos design is entirely based on open Internet standards. A number of well-

tested and widely-understood reference implementations are available free of

charge to the Internet community. Commercial implementations based on the

accepted standards are also available.

Robust support

Kerberos has a string support which analyzed by many of the top programmers,

cryptologists and security experts in the industry. This public scrutiny has

ensured and continues to ensure that any new weaknesses discovered in the

protocol or its underlying security model will be quickly analyzed and corrected.

Kerberos Authentication Architecture


10/28

Page|10

In fact, Kerberos is a network authentication protocol. It is designed to

provide strong authentication and encryption for client/server applications by

using secret-key cryptography.

As a matter of fact, it performs authentication as a trusted third party

authentication service by using cryptographic shared secret. Kerberos builds on

symmetric-key cryptography and requires a key distribution center. It provide

mutual authentication where client and server can verify each identity.

Figure1 : The overview of Kerberos Authentication system process

More importantly, Kerberos uses as its basis the Needham-Schroeder

protocol. It is a three way process and works while each computer is sharing a

secret with third party service called KDC (Key Distribution Center). Well KDC

has two components ,which is the Kerberos authentication server (AS)and a

ticket-granting server (TGS). They exchange a series of encrypted message,

TGS

AS

SS

Service

Server


11/28

Page|11

called tickets with the client. The KDC will generate new encryption keys for each

stage of the authentication process.

Kerberos can verify one computer to another without compromising either

ones computer secret keys and each computer no need to store the keys. As a

consequence, the ticket issued allow client to access the server until the ticket

expires. The encryption and secret key work as a prevention against packet

sniffing or eavesdropping attack.

Figure 2: A relationship of Kerberos protocol .A client take the ticket from

KDC system then Database Server will verify . If authentication success access

are granted.


12/28

Page|12

Kerberos Ticketing Process

The Key Distribution Center (KDC)

-manage a database of secret keys. Devices like client or a server, shares a

secret key comprehended only to itself and to the KDC. In fact, this key use to

prove the identity of each entity. For communication between two entities, the

KDC generates a session key which they can use to secure their

communications.

KDC contain of two parts , The AS (Authentication Server ) and TGS(Ticket

Granting Server). They verify the client with Ticket or Kerberos Ticket.

Authentication Server(AS)

-Kerberos Authentication Server to check user availability in database. It

generates the secret key by hashing the password of the user found at the

database.

The Ticket Granting Server (TGS)

-Ticket server generate ticket for clients who requested services.


13/28

Page|13

Authentication Steps:

Figure2.1 Illustrate how client request a Ticket from AS first.

Client side:

- The client sends request to AS asking for services.

KDC side:

- The AS checks to see if the client is in its database. If it is, the AS sends

back the following two messages to the client:

Message A: Client Session Key encrypted (SK1)using the secret

key of the client/user.

Message B: TGT (which includes the client ID, client network

address, ticket validity period, and the Client/TGS Session Key)

encrypted using the secret key of the TGS.


14/28

Page|14

- AS generate an encrypted session key and send along TGT(Ticket

Granting Ticket) back to client.

Figure2.2 Illustrate how authenticated with TGT and confirm identity with TGS.

Client side:

- Client receives messages A and B, it decrypts Message A (SK1) to obtain

the Client/TGS Session Key. This session key is used for further

communications with TGS.

- The client cannot decrypt Message B(TGT), as it is encrypted using

TGS's secret key.

- It send back Message C TGT(Previously Message B) and Message D

Authenticator (with identity details ID , Timestamp) to TGS.


15/28

Page|15

KDC side:

- While receiving messages C and D, the TGS read message C.

- It decrypts message C (SK1)using the TGS secret key. This gives it the

Client/TGS Session Key. Using this key, the TGS decrypts Message D

(Authenticator)

- If verification succeed and matched, it sends the following two messages

to the client:

Message E: Client-to-Server ticket (which includes the client ID,

client network address, validity period (time stamp) and Client/Server

Session Key) encrypted using the SS secret key.

Message F: Client/Server Session Key encrypted with the

Client/TGS Session Key(SK2).


16/28

Page|16

Figure 2.3 Illustration of how Client get authentication with Target server

Client Side:

- While receiving messages E and F from TGS, the client has enough

information to authenticate itself to the SS(Service Server). The client

connects to the SS and sends the following two messages:

Message E: from the previous step (the Client-to-Server ticket,

encrypted using the SS secret key).

Message G: a new Authenticator, which includes the client ID,

timestamp and is encrypted using Client/Server Session Key(SK2).

Service Server Side:

- The SS decrypts the ticket using its own secret key to retrieve

the Client/Server Session Key. Using the sessions key, SS decrypts the

SS


17/28


18/28

Page|18

Kerberos Operational Principal

- The KDC have the secret keys of clients and Service server on the network

- KDC read and exchange information with Client and Service servers using

Secret Key. Secret Key help to encrypt the TGT and Session Key.

- Kerberos authenticate a client with TGS by distributing a temporarily session

key. The session key are use for communication in:

Client - KDC

Service Server KDC

Client Service Server

- In fact in the KDC or Service Server use Secret Key use to decrypt session

key, session key use to decrypt Authenticator. All the TGT, session key and

Authenticator are encrypted.

- TGS know when and which Client sends the message by checking the Client

ID and Time Stamp.

- Services Server has its own secret key to read Session key to help to verify

client identity. It checks the Client ID and time stamp.

- Client also checks the time stamp from Service Server before it can trust the

Service Server.


19/28

Page|19

- Time stamp is useful while client make request, Service Server check the

time stamp provided to limit authentication duration. Hence this will avoid

eavesdropping attack.

Kerberos Encryption

Kerberos uses symmetric key encryption to validate individual user to

various network resources.

Kerberos uses secret-key cryptography, which lets entities communicating

over networks prove their identity to each other while preventing eavesdropping

or replay attacks. It also provides data stream integrity (detection of modification)

and secrecy (preventing unauthorized reading) using Data Encryption Standards

such as DES, 3DES, and AES.

DES (Data Encryption Standard)

-A popular symmetric-key encryption method developed in 1975 and

standardized by ANSI in 1981 as ANSI X.3.92.In DES 8 bits are used solely for

checking parity, and are thereafter discarded. DES uses a 56-bit key and uses

the block cipher method, which breaks text into 64-bit blocks and then encrypts

them.


20/28

Page|20

3DES (Triple Data Encryption Algorithm)

-The encryption data three times to prevent brute-force attack .It increased the

key size of previous DES. Three 64-bit keys are used, instead of one, for an

overall key length of 192 bits (the first encryption is encrypted with second key,

and the resulting cipher text is again encrypted with a third key).

AES (Advance Encryption Standard)

-A symmetric 128-bit block data encryption technique developed by Belgian

cryptographers Joan Daemen and Vincent Rijmen. It uses the same key is used

for both encrypting and decrypting the data. It replace the DES encryption. AES

operates on a 44 column-major order matrix of bytes, named the state. It works

as a number of repetitions of transformation rounds that convert the input

plaintext into the final output of cipher text.


21/28

Page|21

Limitation of Kerberos

The Kerberos model does, however, have certain weaknesses:

Weak Encryption in Kerberos IV

- In Kerberos IV all encryption is performed using the DES algorithm. While

DES was considered strong at the time of the release of Kerberos IV. On

the other hand, now with a powerful CPU with a brute Force attack the

code will be decrypted because the DES only use 56bit not strong enough.

Support only single-user Client System.

- Kerberos was designed for use with single-user client systems. If a client

system is a multi-user system, the Kerberos authentication scheme

become a threat to a variety of ticket-stealing and replay attacks. The

overall security of multi-user Kerberos client systems (filesystem security,

memory protection, etc.) is a limiting factor in the security of Kerberos

authentication.

Incompatibility issues

- Some old systems and custom written system are not designed with any

third-party authentication mechanism, and need to be reprogrammed to

support Kerberos authentication.


22/28

Page|22

Vulnerability of KDC Verison IV

- KDC in Keberos IV is vulnerable to brute-force attacks (the initial ticketing

service and the ticket-granting service). Keberos 4 uses pre

Authentication technique that allow attackers to steal user encrypted

credentials. The entire authentication system depends on the trustability of

the KDC(s), if the KDC is down there is no integrity and lead to

Authentication failure.


23/28

Page|23

Real World Case

Some people tested the Secure level of Kerberos 5 with WireShark Packet

Sniffing tools. In Windows Active Directory service which created by Microsoft for

Windows domain networks are protected by Kerberos 5 Secure Authentication.

Besides, Active Directory provides a central location for network administration

and security. It authenticates and authorizes all users and computers in a

Windows domain type network. It is assigning and enforcing security policies for

all computers and installing or updating software.

Hence we are going to test and see how the windows protect user

credential from Packet Sniffing attack. Below is activity shown to test the

Kerberos Secure Authentication .

Testing the Kerberos Authentication with Packet Sniffing

TOOLS :

Computer in a Windows network

Operating System Windows XP Service Pack2

Wireshark Packet Sniffing tools

Two user account credentials


24/28

Page|24

Objectives:

Try to capture user credential from Client and Server communication and

observe the result of Kerberos Authentication

We are going to test the Windows Active Directory Network Server which

defaulted to have Kerberos 5 implementation/

1. At first we use an account to log in computer in domain network. Open

Wireshark for packet capturing. Select your preferered Network Adapter .

2. Next we go to start>All Program > Accessories >System Tools>System

Information.

3. Right click on System Information and click Run As.

4. We are going to run System Information with log in another user account

in a windows domain network.

5. Type another user name and password. Click ok . While the request will

be authenticate by active Directory(Windows Server).

6. In wire Shark tools we can see the tools capture packet in UDP in Network

Transport Layer.


25/28

Page|25

7. Open the 1st Kerberos Paket with right click the packet and click Follow

the UDP Stream. We can see all the code are unreadable because it is

encrypted session key.

8. Exit the Follow UDP Stream Windows. Go to menu bar, click view, select

Expand all. We drag the packet details at bottom.

9. We go through the details we can see the Kerberos is using Port 88.

10. Besides, we should able to see the time stamp if we go thorught the

details more.


26/28

Page|26

Discussion

Through the activity above we can understand that the working principal

and the authentication technology of Kerberos. Indeed, Kerberos 5 mitigates the

risk which eliminates the threats caused by passwords being stored or

transmitted across the network.

On the other hand, Kerberos provide secret key and used strong

cryptography to prevent such threat . Yet Kerberos is open source and can be

obtain without any charges . While this authentication technology has widely

adopted by many Internet Servers to protect the communications. In addition if

you use a Telnet program over a network, you are indeed at risk. The FTP and

Telnet use plaintext passwords which are very easy to intercept with the sniffing

tools. Hence, Kerberos help to mitigate such risk and provide secure

authentication.


27/28

Page|27

Conclusion

In a Proverb, When rogues go in procession, the devil holds the cross. .

In other words, the greater the security yet the vulnerabilities still exists. Similarly,

the Kerberos IV using the DES encryption 30 years ago seems unbreakable.

However today with a powerful CPU and brute force tools we can decrypt it

easily. Consequently, Kerberos 5 release to move away those vulnerabilities

making authentication more secure. Through the observation , we comprehend

that credentials protection is crucially important because there are a lot of threats

in the network. Thus, security technology is an updating process which protect all

the information assets which cannot be ignore from time to time.


28/28

Page|28

References

http://en.wikipedia.org/wiki/Cerberus

http://www.theworldjournal.com/special/nettech/news/kerberos.htm

http://staff.washington.edu/rlmorgan/talk/kerberos.1999.06/history.html

http://www.duke.edu/~rob/kerberos/kerbasnds.html

http://www.computerworld.com/s/article/46517/Kerberos

http://gost.isi.edu/publications/kerberos-neuman-tso.html

www.giac.org/paper/gsec/1852/network... kerberos...key.../103260

http://www.ericom.com/kerberos.asp

http://simple.wikipedia.org/wiki/Kerberos_(protocol)#Simplified_description_of_th

e_protocol

http://en.wikipedia.org/wiki/Kerberos_(protocol)

http://en.wikipedia.org/wiki/Data_Encryption_Standard

http://www.webopedia.com/TERM/A/AES.html

http://www.webopedia.com/TERM/T/Triple_DES.html

http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

http://www.youtube.com/watch?v=C8kY2SHJYcs

Books:

Applied Crytography: Protocol, Algorithms and Source Code in C ,2nd Edition, By

Bruce Scheier (Wiley,1995)

Principle Of Information Security 2nd Edition Michael and Herbet

Documents

White Paper2 Kerberos