Kerberos - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

Kerberos

Description:

User agent contacts Authentication Server to begin the process of. authenticating the user as being who he says he is. User Agent. Kerberos Server ... – PowerPoint PPT presentation

Number of Views:17
Avg rating:3.0/5.0
Slides: 12
Provided by: david647
Category:

less

Transcript and Presenter's Notes

Title: Kerberos


1
Kerberos
  • Authenticating Over an
  • Insecure Network

2
Initial request
Authentication Server
User key
(only real user can decode)
Session key Service name
user to service
user
Service key
Session key User name
service
3
Application Server
Kerberos Server
User and Server DB Private keys
Ticket Granting Server
Authentication Server
User Agent
User asks
User requests ticket to interact with Application
Server
4
Application Server
Kerberos Server
User and Server DB Private keys
Ticket Granting Server
Authentication Server
User Agent
User agent contacts Authentication Server to
begin the process of authenticating the user as
being who he says he is
5
Application Server
Kerberos Server
User and Server DB Private keys
Ticket Granting Server
Authentication Server
Session Key
User Agent
Auth Server looks up user private key, creates
session key to talk to TGS, encrypts with user
private key and returns. If not real user..
useless
6
Application Server
Kerberos Server
User and Server DB Private keys
Ticket Granting Server
Authentication Server
Session Key
User Agent
User password(key)
User agent prompts user, takes key and decrypts
the session key. If not the real user, cant
read. User takes a ticket to access TGS from the
prev Step and encrypts appServer request info
using Session Key.
7
Application Server
Kerberos Server
User and Server DB Private keys
Ticket Granting Server
Authentication Server
Session Key
User Agent
User agent sends request to the TGS with request
encrypted using the Session Key.
8
Application Server
Kerberos Server
User and Server DB Private keys
Ticket Granting Server
Authentication Server
Session Key
User Agent
TGS creates a User/Server session key and
encrypts it using the Session Key and a
Permission Ticket for User/Server Interaction
encrypted using the Appserver key..
9
Application Server
Kerberos Server
User and Server DB Private keys
Ticket Granting Server
Authentication Server
Session Key
User Agent
User agent decrypts the user/server key using the
Session Key and uses The US Session key is sent
with the US Ticket to the App Server
10
Application Server
Kerberos Server
User and Server DB Private keys
Ticket Granting Server
Authentication Server
User Agent
AppServer uses own key to decrypt/authenticate
the request and verify The US Ticket to be valid.
Then begins communicating with the US Session
key .
11
Conclusions
  • No unencrypted messages across net
  • Not able to spoof either client OR server
  • Time stamps on the session keys so that even if
    eventually decoded, could not use
  • Point of failure is the DB where the Kerberos
    server is stored.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Kerberos" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!