08b - Authentication Flashcards
List three general approaches to dealing with replay attacks
What problems was Kerberos designed to address?
What entities constitute a full-service Kerberos?
List three approaches to secure user authentication in a distributed environment
Give an example of a suppress-replay attack when a part’s clock is ahead of that of the KDC
Give an example of a suppress-replay attack when a party’s clock is ahead of that of another party
In Kerberos, when Bob receives a Ticket from Alice:
a) how does he know it is genuine?
b) how does he know that it came from Alice?
Consider a one-way authentication technique based on asymmetric encryption:
A->B: IDa
B->A: E(PUa, R1)
A->B: R1
a) Explain the protocol.
b) What type of attack is this protocol susceptible to?
Present an overview of techniques for remote user authentication using symmetric encryption.
Give a presentation on Kerberos.
Explain the differences between versions 4 and 5 of Kerberos.
Describe the use of Kerberos in multiple realms
Present an overview of techniques for remote user authentication using asymmetric encryption
Understand the need for a federated identity management system
