Académique Documents
Professionnel Documents
Culture Documents
Authentication
Submitted By:
Vibha Nehra
10203020
M.Tech I yr
Department of Computer Science
Engg.
National institute of technology,
1 Jalandhar. 02/03/20
Introduction;
A trusted third party
mediated the authentication
process; called the Key
Distribution Center (KDC).
Each user & service shares
a secret key with KDC.
KDC generates a session
key, and securely
distributes it to
communicating parties.
Communicating parties
prove to each other that
they know the session key
2 02/03/20
Establishing Session Key:
3 02/03/20
Establishing Session Key
(variant):
Problems:
No Authentication between Alice and Bob
No Freshness Guarantee for KAB (what if Alice reuses
the ticket….???)
4 02/03/20
Schroeder
Protocol:
5 02/03/20
Needham-Schroeder
Protocol
N1 is
-for KDC authentication
-to ensure freshness of KAB
-attack (without nonce) : Trudy stole KAB from BOB &
records old KDC’s reply to Alice; Trudy waits for a new
request to KDC from Alice to talk to Bob and plays back
old KDC’s reply impersonating KDC
Reply from KDC
-strings “Bob” and “Alice” disallows Trudy tampering with
messages and hijacking the conversation
N2, N3: For Key confirmation and mutual authentication.
(minor) issue:
- ticket is unnecessarily doubly encrypted in message from KDC
6 02/03/20
Needham-Schroeder:
Reflection Attacks
If message integrity is vulnerable, reflection attack is
possible
7 02/03/20
Expanded Needham
Schroeder:
In Standard N-S, Bob doesn’t have freshness guarantee
for KAB (i.e. can’t detect replays)
To fix- get a nonce form Bob
8 02/03/20
Nonce Types:
Nonce: a quantity which any given user of a protocol uses
only once ( a quantity which is guaranteed fresh)
Nonce Types:
- sequenced numbers
-need to keep state, what if trudy can induce crashes
(DOS attacks?)
-timestamps
-need synchronized clocks
-random numbers
-freshness guarantee is only probabilistic but if
number is large it is good enough
- unpredictable
9 02/03/20
Thanks for
your kind
Cooperation
&
Patience.
10 02/03/20
References:
Network security by Kauffman
Lecture 10 from www.deneb.cs.kent.edu
11 02/03/20