Implementing-cryptography-using-python
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Chapter 2 ■ Cryptographic Protocols and Perfect Secrecy 39
Kerberos
Kerberos, an open-source security protocol developed by MIT in the late 1980s, is
an authentication and access control service for workstation clustering. Its design
goals include security, reliability, transparency, and scalability. The underlying
cryptographic primitive of Kerberos is symmetric encryption; Kerberos V4 uses
DES, while V5 allows for other algorithms.
Assume that Alice wants to access one or more different services that are
provided by different servers: Server 1, Server 2, etc. Each server is connected
over an insecure network. The Kerberos protocol will handle the authentication,
access control, and key exchange:
■■
Authentication: Alice will authenticate to an authentication server, which
will provide a temporary permit to demand access for services. The permit
is called a Ticket-Granting ticket (Ticket TGS ); the ticket can be thought of
like a temporary passport.
■■
Access Control: Alice is able to present her ticket (Ticket TGS ) to a Ticket
Granting Server (TGS) to obtain access for a service provided by a specific
server; in this example, we will call it Server 1. The TGS decides if the
access will be permitted and answers Alice with a ticket for Server 1,
Ticket S1 .
■■
Key Exchange: The authentication server provides a session key for communication
between Alice and the TGS; the TGS will provide a session
key for communication between Alice and Server 1. The session key also
serves Alice for authentication purposes.
Alice begins the process by logging in to her workstation and requests access
to a service. The first message is sent to the authentication server AS, containing
her name, the name of the appropriate Ticket Granting Server TGS, and a
timestamp t A :
A ➔ AS: (A, TGS, t A )
The authentication server verifies that Alice may authenticate to access services,
generates the key K A out of Alice’s password (which is known to the
AS), extracts the workstation address Addr A from the request, creates a Ticket
Granting Ticket Ticket TGS and a session key K A, TGS , and sends the following
message to Alice:
AS ➔ A: {K A, TGS , TGS, t AS , LifetimeTicket TGS , Ticket TGS } KA with Ticket TGS = {K A,
TGS, A, Addr A , TGS, t AS , LifetimeTicket TGS }K AS, TGS
Once the workstation receives the message, it will ask Alice to type in her
password. The workstation will compute the key K A and use this key to decrypt
the message. If Alice does not provide her correct password, the extracted values
will be garbage and the rest of the protocol will fail.