Needham-Shroeder & Kerberos

Question 1

How does Needham-Schroeder work?

Answer 1

Alice and Bob are entities on a trusted network, Cathy is a trusted server.

Cathy can provide a session key encrypted using a shared secret between the request and her.

Nonce is also sent to prove it’s not a replay attack.

Cathy’s response introduces Alice to Bob, but the message for Bob is encrypted using Cathy & Bob’s shared key.

Question 2

What are Nonce’s used for?

Answer 2

Used to defend against replay attacks pretending to be Cathy.

Question 3

What are the limitations of using nonces?

Answer 3

Bob has to assume that the key he receives from Cathy is fresh but the messages could have been delayed?

Question 4

What is a limitation of Needham-Schroeder

Answer 4

Alice can stockpile keys for communications, Cathy has not way to know this or revoke the keys.

If K_ac is compromised the attack can obtain more keys or authority

Cathy must keep a record of all issued keys

Question 5

How can a MITM be performed?

Answer 5

An attacker can compromise the first message and have Cathy return themselve as the intended recipient instead of Bob

Question 6

What are the three options to base access control off of in a distributed system?

Answer 6

User identity
User network address
Access Operation

Question 7

How does FTP and Telnet differ from rlogin?

Answer 7

They ask for ID and Password, rlogin transmits the username

Question 8

How can access rights be given to the user in a distributed system?

Answer 8

Can be granted to the user by a local security authority

Question 9

What are issues with distributed system security?

Answer 9

Aliveness
Freshness
Replay
Cipher Suites
Standards
Integrity
MITM
Header and body encryption
Strength

Question 10

What is Kerberos?

Answer 10

Distributed access control system which was the default option in windows 2000. Made use of Needham-Schroeder

Question 11

What are the type of trusted third party in Kerberos?

Answer 11

Authentication Server - used for login

Ticket granting server - Issues time-restricted tickets for access to resources

Question 12

What happens when a user authentications?

Answer 12

The authentication server sends a session key to both the ticket-granting server and the user so that the user can make requests to the ticket-granting server.

Question 13

How does the ticket recipient verify it’s received the ticket in a timely manner?

Answer 13

Sends a timestamp to the sender to confirm the liveness of the ticket by incrementing the timestamp by one.

Question 14

What replaces a nonce in Kerberos?

Answer 14

Timestamp, as it also shows aliveness and freshness.

Introduces time synchronisation problems

Question 15

What is DSSA?

Answer 15

Distributed system security architecture (DSSA) for localised networks of workstations

Comprised of authentication and access control.

Question 16

How is access granted in DSSA?

Answer 16

Security of objects is handled by owners but access to resources is controlled by the central, trusted CA the Certificate Distribution Centre (CDC)

Question 17

What is DSSA/SPX

Answer 17

Authentication protocol of DSSA which has been adapted as the distributed authentication security service (DASS)

Question 18

What does DASS do?

Answer 18

Each node enforces it’s own security policy.

Authentication of users involves credentials containing
name, private keys, certs, auth tokens, binding of names to public keys

Question 19

What is GSS-API?

Answer 19

Interface to a set of security services

Service layer is most appropriate place for security employment in distributed systems.

Question 20

Why is CORBA used?

Answer 20

Heterogeneous technology stack means interoperability is difficult.

Object Request Broker handles interactions between users and objects, and can make requests for authorization to access.