Thursday, April 25, 2013
KERBEROS
INTRODUCTION
Imagine a scenario where are many users logged on to their
workstations and accessing services available on different application servers
on a network. Users are generally
allowed access to the Internet, and this network can be accessed from any point
on the Internet as well.
Such a network is exposed to
the hazards of cyberspace as well as the probability of mischief from within, a
fact often overlooked while designing network security schemes.
Anyone can enter your network
and remaining in listening mode to get sensitive information such as
passwords. When an attempt is made to
change the root of the data by posing to be either the client or the server, it
is termed as Impersonation. Firewalls
might prevent outside dangers, but what if the troublemaker is right in the
next cubicle?
Authentication seems to be
crux of the whole matter. In other
words, client and server should validate each other so that attempt to
impersonate can be eliminated. This is
where Kerberos, a network authentication protocoling, comes in.
Kerberos
is designed to authentication services in heterogeneous, distributed networked
environments. Named after threaded dog
mentioned in Greek mythology as the guard of the temple of Hades
Let's assume a user enters a
password, which is then sent to the server from which some service requested. The
user could be using his e-mail client to contact the mail server, running a
Telnet application from his workstation or trying to avail of some other
service.
The application server
maintains a database of passwords (generally in encrypted form). With
client-serves computing being the norm, presence of multiple servers in even a
small organization is common. The
traditional authentication method would require the password database to be on
every sever. One of the greatest
security risks in this is the travelling of password from client to server over
the networked in unencrypted form.
Maintenance and security headaches too increase if the password database
is spread all over the network.
WHAT IS KERBEROS?
Kerberos is a network authentication protocol. It is designed to provide strong
authentication for client/server application by using secret-key
cryptography. A free implementation of
this protocol is available from the Massachusetts Institute of
Technology. Kerberos is available in
many commercial products as well.
The Internet is an insecure place.
Many of the protocols used in the Internet do not provide any
security. Tools to "sniff"
passwords off of the network are in common use by systems crackers. Thus, applications, which send an unencrypted
password over the network, are extremely vulnerable. Worse yet, other client/server applications
rely on the client program to be "honest" about the identity of the
user who is using it. Other applications
rely on the client to restrict its activities to those, which it is allowed to
do, with no other enforcement by the server.
Some sites attempt to use
firewalls to solve their network security problems. Unfortunately, firewalls assume that
"the bad guys" are on the outside, which is often a very bad
assumption. Insiders carry out most of
the really damaging incidents of computer crime. Firewalls also have a significant
disadvantage in that they restrict how your users can use the Internet. (After all, firewalls are simply a less extreme
example of the dictum that there is nothing more secure that there is nothing
more secures then a computer which is not connected to the network-- and
powered off!). In many places, these
restrictions are simply unrealistic and unacceptable.
Kerberos was created by MIT
as a solution to these network security problems. The Kerberos protocol used strong
cryptography so that a client can prove its identity to a server (and vice
versa) across an insecure network connection.
After a client and server have used Kerberos to prove their identity,
they can also encrypt as they go about their business.
Kerberos is freely available
from MIT under a copyright permission notice very similar to the one used for
the BSD operating and X11 Windowing system.
MIT provides Kerberos in source form, so that anyone who wishes to it
may look over the code is trustworthy. In addition, for those who prefer to
rely on a professional supported product, Kerberos is available as a product
from many different vendors.
THE KERBEROS SCHEME:
Kerberos build around three
things: Authentication Server (AS), Ticket Granting Server (TGS) and
Encryption. Authentication Server is the
central entity in the whole scheme--the central authentication facility for the
whole network. Kerberos uses a series of
encrypted messages for verifying the authenticity of the client and the
server. Of course, no information
pertaining to user validity should be transmitted over the network in
unencrypted form. In addition, there
should be a two-way authentication, with the client also having some way to
find out that it is communicating with the intended server.
The client and serer should
both share some sort of identification with the authentication server. They can communicate only when the AS conveys
to them that the person at other end is indeed the guy you want to talk to.
The client has knowledge of
the encryption key that is shared by the authentication server only. The encryption key here is derived from the
user password. In the same way all application
servers share an encryption key with these servers, Kerberos users the Data
Encryption Standard (DES).
Tickets are nothing but certificates issued by the
authentication server upon receiving the client request and subsequently
verifying that the request from a valid user, the AS encrypts this certificate,
rendering it readable by the valid server only.
The concept of a ticket gave
rise to amore practical concept called Ticket Granting Ticket (TGT) so that the
user can use the services of multiple servers in the network without repeating
the initial steps involved in authentication process.
WORKING OF KERBROSE:
When a user types a user name, it is sent to the
authentication server, which replies with the session key and Ticket Granting
Ticket both encrypted with user's key.
This session key is for communicating with the Ticket Granting Server
(TGS). Now the client program requires
the password from the user and derives the user's key from it. If the TGT and TGS key are decrypted, it
implies that the password is correct.
When the user wants to request
the serves of an application server this request is send to TGS. Key element of the request is TGT along with
network address if the workstation and other data encrypted with the TGS key
and if it is found to be valid, TGS issues a ticket, which contains user name,
address, service name, life span, time stamp, and the all important session
key. For the communication to ensure
between the client and the application server they should share the same key.
The TGS generates two copies
of this session key, one encrypted with TGS key for the client and the other
with application server key. Using the
TGS key, the client decrypts the session key meant for it, and the session key
for the applications server is routed to the destination.
After the server has
successfully decrypted the session key, it knows that this particular client is
trying to contact him. To ensure the
client's identity, it sends a random number in the plain text, which the client
encrypts with the session key they both share and returns it back to server, on
seeing the message, the can make out that this is the real McCoy-because nobody
else can encrypt with same session key.
In an internetworked
enterprise, where individual networks (or group of networks) may be separated
from each other, each AS can cater to a subset of the total number of
application servers present in the enterprise.
The subset of users and application server is called a realm. Any user registered with an Authentication
Server can request for authentication form another authentication server to
access the services of any application server registered with it.
SECURITY THROUGH KERBROSE:
Kerberos quells any attempt to sniff the
authentication information or impersonation the client the client server. Sniffing out passwords is not possible as
they are always in encrypted form. Nor is the other deadly ploy-impersonation
by network intruders-permitted.
Impersonating the
authentication server itself is futile as it shares the encryption keys of the
client and all application server without which even client request routed to
the invalid matching will not decrypted, impersonating the application server
by trying to capture the session ticket is useless because tickets can only be
decrypted with the server key shard by Application server and the
authentication server.
Manipulation data, if any, is
also checked by Kerberos as it includes a feature of ensuring data integrity by
providing checksum, encrypted using a secret key. Hence, any changes to data are easily
detected.
IMPLEMENTING KERBROS:
To make this authentication
scheme work, it has to be integrated with other parts of the system. Apart from setting up of an authentication
server, some utility programs must be installed on the workstations. Some of these are Kinit (to obtain Kerberos
credentils), Kdestroy (destroy credentials), Kist (list credentials and Kpasswd
(for changing Kerberos passwords).
Windows 2000 uses this as the
native authentication method, and all Windows 2000 systems support the protocol
as a client. While logging into Windows
2000 one may not be aware the Kerberos login tool Kinit (or the functionality
provided by it) is integrated in to it.
In Windows 2000, Authentication Server functionality is provided by KDC
(Kev Distribution Center
LIMITATIONS OF KERBROS:
It is accepted fact that any
system related to network security cannot be foolproof, and has some seek point
or to other waiting to be exploited by a determined network intruder. In Kerberos, the loose brick in the quite
secured fortress was becomes apparent when a password is entered for the client
program, which would then encrypt it to be sent to the authentication
server. It is during this very brief
period (a few milliseconds) that the password exists in its original
unencrypted form.
If a user enters password to
a client program and the path between the user and the intruder (using a Trojan
horse, for instance) has modified initial authentication program, an attacker
may obtain enough information to impersonate the user. These limitations can to some extent be
addressed by additional techniques such as one-time passcodes.
CONCLUSION:
At last, Kerberos
is a solution to your network security problems. It provides the tools of authentication and
strong cryptography over the network to help you secure your information
systems across your entire enterprise. We hope you find Kerberos as useful as
it has been to us. At MIT, Kerberos has
been invaluable to our Information/Technology architecture.
