Needham-Shroeder & Kerberos Flashcards
How does Needham-Schroeder work?
Alice and Bob are entities on a trusted network, Cathy is a trusted server.
Cathy can provide a session key encrypted using a shared secret between the request and her.
Nonce is also sent to prove it’s not a replay attack.
Cathy’s response introduces Alice to Bob, but the message for Bob is encrypted using Cathy & Bob’s shared key.
What are Nonce’s used for?
Used to defend against replay attacks pretending to be Cathy.
What are the limitations of using nonces?
Bob has to assume that the key he receives from Cathy is fresh but the messages could have been delayed?
What is a limitation of Needham-Schroeder
Alice can stockpile keys for communications, Cathy has not way to know this or revoke the keys.
If K_ac is compromised the attack can obtain more keys or authority
Cathy must keep a record of all issued keys
How can a MITM be performed?
An attacker can compromise the first message and have Cathy return themselve as the intended recipient instead of Bob
What are the three options to base access control off of in a distributed system?
User identity
User network address
Access Operation
How does FTP and Telnet differ from rlogin?
They ask for ID and Password, rlogin transmits the username
How can access rights be given to the user in a distributed system?
Can be granted to the user by a local security authority
What are issues with distributed system security?
Aliveness Freshness Replay Cipher Suites Standards Integrity MITM Header and body encryption Strength
What is Kerberos?
Distributed access control system which was the default option in windows 2000. Made use of Needham-Schroeder
What are the type of trusted third party in Kerberos?
Authentication Server - used for login
Ticket granting server - Issues time-restricted tickets for access to resources
What happens when a user authentications?
The authentication server sends a session key to both the ticket-granting server and the user so that the user can make requests to the ticket-granting server.
How does the ticket recipient verify it’s received the ticket in a timely manner?
Sends a timestamp to the sender to confirm the liveness of the ticket by incrementing the timestamp by one.
What replaces a nonce in Kerberos?
Timestamp, as it also shows aliveness and freshness.
Introduces time synchronisation problems
What is DSSA?
Distributed system security architecture (DSSA) for localised networks of workstations
Comprised of authentication and access control.
How is access granted in DSSA?
Security of objects is handled by owners but access to resources is controlled by the central, trusted CA the Certificate Distribution Centre (CDC)
What is DSSA/SPX
Authentication protocol of DSSA which has been adapted as the distributed authentication security service (DASS)
What does DASS do?
Each node enforces it’s own security policy.
Authentication of users involves credentials containing
name, private keys, certs, auth tokens, binding of names to public keys
What is GSS-API?
Interface to a set of security services
Service layer is most appropriate place for security employment in distributed systems.
Why is CORBA used?
Heterogeneous technology stack means interoperability is difficult.
Object Request Broker handles interactions between users and objects, and can make requests for authorization to access.
