290 likes | 358 Views
A less formal view of the Kerberos protocol. J.-F. P â ris. Dramatis personae. The client logged on a workstation The Kerberos server The Ticket Granting Service A server s the client wants to access. The three acts. Talk to Kerberos and get a reply Talk to TGS and get a reply
E N D
A less formal view of the Kerberos protocol J.-F. Pâris
Dramatis personae • The client logged on a workstation • The Kerberos server • The Ticket Granting Service • A server s the client wants to access
The three acts • Talk to Kerberos and get a reply • Talk to TGS and get a reply • Talk to server s
Act One Ticket granting service TGS Kerberos Server S 1 WS K Client c on workstation WS
Act One • Client sends to Kerberos a message • Hello! • I am client c • I want a ticket for TGS
Act One Ticket granting service TGS Kerberos Server 2 S 1 WS K Client c on workstation WS
Act One • Kerberos replies • Here are the ticket and an encrypted session password Kc,tgs
What if the client lied to Kerberos? • He still gets the ticket but this ticket is worthless • Why?
Why? • Kerberos cannot revoke individual tickets • It can only revoke all tickets
Act Two Ticket granting service TGS 3 Kerberos Server 2 S 1 WS K Client c on workstation WS
Act Two • Client sends to TGS • A request for server s • The ticket he/she got from Kerberos • An authenticator encrypted with Kc,tgs and stating • Who sent the ticket • From which address • At which time
Act Two • TGS • Decrypts ticket using its Ktgs key • Checks that ticket is valid • Extracts session key Kc,tgs from ticket • Checks that ticket is not a duplicate by looking attimestamp inside authenticator
Detecting duplicates • TGS will reject all tickets accompanied with authenticators whose timestamps are • Too old • Same as the timestamp of a recently sent authenticator
Act Two Ticket granting service TGS 3 4 Kerberos Server 2 S 1 WS K Client c on workstation WS
Act Two • TGS replies • Here is the ticket for server s and an encrypted session password Kc,s
How long is the ticket valid? • For a limited time as all ticket should
Act Three Ticket granting service TGS 3 4 Kerberos Server 2 5 S 1 WS K Client c on workstation WS
Act Three • Client sends to server s • The ticket he/she got from the TGS • An authenticator encrypted with Kc,s and stating • Who sent the ticket • From which address • At which time
Act Three • Server s processes ticket and authenticator as TGS did in act two
Act Three Ticket granting service TGS 3 4 Kerberos Server 2 5 6 S 1 WS K Client c on workstation WS
Act Three • If mutual authentication is needed,server s sends to client • Authenticator it received from c with • Timestamp incremented by one
Why? • It proves to the client that s can decrypt the authenticator • Requires being able to decrypt the ticket issued by TGS • Requires knowledge of server key Ks