otp kerberos
play

OTP Kerberos Kerberos Working Group IETF, Montreal July 2006 - PowerPoint PPT Presentation

Apr 09, 2023 •40 likes •180 views

OTP Kerberos Kerberos Working Group IETF, Montreal July 2006 WORKING DRAFT: 30 June 2006 Background Proposal is to define extensions to Kerberos V5 (rfc4120) to support pre-authentication using an OTP Three main aims: Allow an OTP

  1. OTP Kerberos Kerberos Working Group IETF, Montreal July 2006 WORKING DRAFT: 30 June 2006

  2. Background  Proposal is to define extensions to Kerberos V5 (rfc4120) to support pre-authentication using an OTP  Three main aims:  Allow an OTP to be used without a password in pre- authentication  Support both connected and disconnected tokens  Support multiple OTP algorithms  Part of One-Time Password Specification (OTPS) series of documents on aspects of OTP usage and integration  Inspired by expired I-D draft-ietf-cat-kerberos- passwords-04 and draft-ietf-krb-wg-kerberos-sam-03

  3. Comparison with Expired Draft  Designed to support both connected and disconnected tokens  Previous proposal aimed at disconnected tokens.  Supported token type but not key identifier.  Designed to support multiple OTP algorithms  Counter  Challenge-response  Time  Time + counter etc.  Uses hardening value to harden OTP  Previous proposal recommends use of password with OTP to harden key.  New proposal is to combines OTP with hardening value using PBKDF2  Current proposal only supports case where KDC can generate OTP  Cannot support basic S/Key  Use Ephemeral D-H to transport OTP value?  Supports PIN change using password change extension (rfc3244)

  4. Approach  Information on how to generate OTP sent in challenge from KDC  Client uses OTP to generate encryption key  Key used to encrypt timestamp as in standard password pre-auth  OTP hardened using hardening value generated by KDC

  5. Pre-authentication Exchange Client KDC KRB_AS_REQ KRB_ERROR PA-OTP-CHALLENGE & PA-ETYPE-INFO2 KRB_AS_REQ PA-OTP-RESPONSE & PA-ENC-TIMESTAMP KRB_AS_REP PA-OTP-CONFIRM & PA-OTP-PIN-CHANGE

  6. Pre-authentication Exchange  Client sends initial KRB_AS_REQ possibly containing password-based pre-auth.  KDC responds with KRB_ERROR containing:  PA-OTP-CHALLENGE indicating how OTP is to be generated  PA-ETYPE-INFO2 indicating how key is to be generated  Client generates OTP and uses it to generate encryption key  Client sends second KRB_AS_REQ to KDC containing  PA-OTP-RESPONSE with information on how OTP was generated  PA-ENC-TIMESTAMP containing encrypted timestamp  KDC validates pre-authentication data and returns KRB_AS_REP  PA-OTP-CONFIRM containing OTP hardening value  PA-ENC-PIN containing new PIN for the user

  7. PA-OTP-CHALLENGE PA-OTP-CHALLENGE ::= SEQUENCE { flags ChallengeFlags otp-challenge[0] OCTET STRING OPTIONAL, otp- length [1] INTEGER OPTIONAL, otp- service [2] UTF8String OPTIONAL, otp- keyID [3] OCTET STRING OPTIONAL, otp- algID [4] INTEGER OPTIONAL }

  8. PA-OTP-RESPONSE PA-OTP-RESPONSE ::= SEQUENCE { iterationCount[0] INTEGER OPTIONAL, identifier [1] OCTET STRING OPTIONAL, otp-challenge [2] OCTET STRING OPTIONAL, otp-time [2] KerberosTime OPTIONAL, otp-counter [3] OCTET STRING OPTIONAL, otp-format [4] OTPFormat OPTIONAL, otp-keyID [5] OCTET STRING OPTIONAL } OTPFormat ::= INTEGER { decimal(0), hexadecimal(1), alphanumeric(2), binary(3) }

  9. Key Generation  KDC MUST support at least one of the encryption types  aes128-cts-hmac-sha1-96  aes256-cts-hmac-sha1-96  KDC’s KRB_ERROR contains PA-ETYPE-INFO2 containing  etype,  salt  iteration count in the s2kparams  Encryption key generated using as defined in RFC3962 using PBKDF2 but with addition of hardening value tkey = random-to-key(PBKDF2(OTP, salt|hardening, iteration_count, key_length)) key = DK(tkey, "kerberos")

  10. Hardening Value  Hardening value to be used by client sent by KDC in PA-OTP-CONFIRM in KRB_AS_REP  Client stores hardening value associated with KDC  If the client has a hardening value then an iteration count of 1 used  Full iteration count used if no hardening value (e.g. first authentication)  Identifier of value used included in PA-OTP- RESPONSE

  11. PA-OTP-CONFRIM PA-OTP-CONFIRM ::= SEQUENCE { identifier OCTET STRING, encHardeningValue EncryptedData -- EncHardeningValue } EncHardeningValue ::= OCTET STRING SIZE (16..MAX)

  12. PIN Change  KDC can return PA-OTP-PIN-CHANGE in KRB_AS_REP  Contents encrypted using current user key  Can contain new PIN that user must use  Can also instruct user that their PIN must be changed  User PIN changed handled using ChangePasswdData from RFC3244

  13. PA-OTP-PIN-CHANGE PA-ENC-PIN ::= EncryptedData --PA- ENC-PIN-ENC PA-ENC-PIN-ENC ::= SEQUENCE { flags PinFlags pin [0] UTF8String OPTIONAL minLength [1] INTEGER OPTIONAL maxLength [2] INTEGER OPTIONAL } PinFlags ::= KerberosFlags -- systemSetPin (0)

  14. Next Steps  Solicit WG discussion on approach  Resolve S/Key issue  Ephemeral D-H?  Extend to support re-synchronizing of tokens

Recommend

AFS and Kerberos 5 Ken Hornstein Naval Research Laboratory Kerberos Use in AFS, old school

AFS and Kerberos 5 Ken Hornstein Naval Research Laboratory Kerberos Use in AFS, old school

AFS and Kerberos 5 Ken Hornstein Naval Research Laboratory Kerberos Use in AFS, old school Kerberos implementation based on V4 protocol. Client-server transport uses RX. Raw Kerberos binary ticket placed in credential cache

251 views • 11 slides
Connecting Web and Kerberos SSO Connecting Web and Kerberos SSO Rok Pape ARNES

Connecting Web and Kerberos SSO Connecting Web and Kerberos SSO Rok Pape ARNES

Akademska in raziskovalna mrea Slovenije Connecting Web and Kerberos SSO Connecting Web and Kerberos SSO Rok Pape ARNES aaa-podpora@arnes.si Cork Institute of Technology Cork, Ireland, 19.5.2009 Kerberos Kerberos Akademska in

353 views • 16 slides
A Basic Introduction to Kerberos Ken Hornstein NRL Kerberos Introduction A network protocol

A Basic Introduction to Kerberos Ken Hornstein NRL Kerberos Introduction A network protocol

A Basic Introduction to Kerberos Ken Hornstein NRL Kerberos Introduction A network protocol developed at MIT as part of Project Athena. Is a shared-secret, trusted third party authentication system. Uses encryption to provide

280 views • 8 slides
Update on Kerberos Extensibility draft-yu-krb-wg-kerberos-extensions-02.txt Tom Yu IETF 61

Update on Kerberos Extensibility draft-yu-krb-wg-kerberos-extensions-02.txt Tom Yu IETF 61

Update on Kerberos Extensibility draft-yu-krb-wg-kerberos-extensions-02.txt Tom Yu IETF 61 Kerberos Extensibility Document Status Notational Conventions Future Plans 1 Document Status Updates from -00 Update I-D boilerplate

407 views • 7 slides
Kerberos V4 Slide 1 Kerberos network authentication using Needham-Schroeder insecure

Kerberos V4 Slide 1 Kerberos network authentication using Needham-Schroeder insecure

Kerberos4 1 Kerberos V4 Slide 1 Kerberos network authentication using Needham-Schroeder insecure network: listen, modify secret key login session : from login to logout Version 5: more complex, not just TCP/IP, greater

98 views • 7 slides
Kerberos https://web.mit.edu/kerberos/ https://tools.ietf.org/html/rfc4120 slide 1 Many-to-Many

Kerberos https://web.mit.edu/kerberos/ https://tools.ietf.org/html/rfc4120 slide 1 Many-to-Many

Kerberos https://web.mit.edu/kerberos/ https://tools.ietf.org/html/rfc4120 slide 1 Many-to-Many Authentication ? Servers Users How do users prove their identities when requesting services from machines on the network? Nave solution:

359 views • 10 slides
Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding

Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding

Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding COMP4631 L16 1 Agenda Distributed system security Introduction to Kerberos V4 Kerberos Realms Authentication with Kerberos in Windows NT 5

751 views • 30 slides
Kerberos & X.509 11

Kerberos & X.509 11

Kerberos & X.509 11 Network Security, Principles and Practice,2nd Ed. :

767 views • 51 slides
Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - L17

Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - L17

Kerberos for Distributed Systems Security Cunsheng Ding HKUST, Hong Kong, CHINA C. Ding - L17 1 Agenda Distributed system security Introduction to Kerberos Kerberos Version 4 Authentication Protocol Authentication with Kerberos

494 views • 28 slides
Network Security: Kerberos Guevara Noubir noubir@ccs.neu.edu Network Security Reading

Network Security: Kerberos Guevara Noubir noubir@ccs.neu.edu Network Security Reading

Network Security: Kerberos Guevara Noubir noubir@ccs.neu.edu Network Security Reading assignment: Chapters 13-14 G. Noubir, Network Security Kerberos Outline Kerberos V4 Kerberos V5 G. Noubir, Network Security Kerberos 2 What is

1.16k views • 9 slides
Questioning Kerberos Assumptions Sam Hartman IETF 63 Questioning Kerberos Assumptions

Questioning Kerberos Assumptions Sam Hartman IETF 63 Questioning Kerberos Assumptions

Questioning Kerberos Assumptions Sam Hartman IETF 63 Questioning Kerberos Assumptions Principal Names are not remapped in cross-realm The destination KDC is not involved in cross-realm Privacy of principal names 1 Why Remap

534 views • 19 slides
Todays Objec2ves Kerberos Peer To Peer Overlay Networks Final Projects Nov 27,

Todays Objec2ves Kerberos Peer To Peer Overlay Networks Final Projects Nov 27,

11/27/17 Todays Objec2ves Kerberos Peer To Peer Overlay Networks Final Projects Nov 27, 2017 Sprenkle - CSCI325 1 Kerberos Trusted third party, runs by default on port 88 Security objects: Ticket: token, verifying

407 views • 30 slides
Kerberos Nicolas Gren` eche Centre de Ressources Informatique (CRI) - Universit e dOrl

Kerberos Nicolas Gren` eche Centre de Ressources Informatique (CRI) - Universit e dOrl

Kerberos Nicolas Gren` eche Centre de Ressources Informatique (CRI) - Universit e dOrl eans Projet SDS - LIFO et ENSI de Bourges nicolas.greneche@univ-orleans.fr 11/07/2011 Sommaire Pourquoi Kerberos ? 1 Les acteurs 2 Le

497 views • 22 slides
Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman

Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman

Development of techniques to remove Kerberos credentials from Windows Systems. Nick Offerman Steffan Roobol 04-07-2019 Introduction Figure 1: Kerberos Protocol 2 Problem Figure 1: the LSASS process and Mimikatz. 3 Research Questions

520 views • 27 slides
Specifying Kerberos 5 Cross-Realm Authentication Chris Walstad Joint work with Iliano Cervesato,

Specifying Kerberos 5 Cross-Realm Authentication Chris Walstad Joint work with Iliano Cervesato,

Specifying Kerberos 5 Cross-Realm Authentication Chris Walstad Joint work with Iliano Cervesato, Aaron D. Jaggard, Andre Scedrov Supported by ONR, NSF, NRL Overview Introduction Kerberos 5 Formalization Properties

454 views • 24 slides
Kerberos Working Group UTF-8 Stringprep Profile UTF-8 Stringprep Profile Goals and Principles

Kerberos Working Group UTF-8 Stringprep Profile UTF-8 Stringprep Profile Goals and Principles

Kerberos Working Group UTF-8 Stringprep Profile UTF-8 Stringprep Profile Goals and Principles Applicability - Kerberos strings Character Repertoire - Unicode 3.1 Unassigned Code Points - From Unicode 3.1 Mappings Normalization Prohibited

906 views • 7 slides
Kerberos Credential Thievery (GNU/Linux) Ronan Loftus, Arne Zismer July 3, 2017 Context

Kerberos Credential Thievery (GNU/Linux) Ronan Loftus, Arne Zismer July 3, 2017 Context

Kerberos Credential Thievery (GNU/Linux) Ronan Loftus, Arne Zismer July 3, 2017 Context Kerberos I Authentication protocol Reduce amount of sensitive credentials sent over the network Commonly used in Linux networks (e.g. Hadoop)

604 views • 35 slides
JPL's Kerberos 5 Upgrade Henry B. Hotz Jet Propulsion Laboratory California Institute of

JPL's Kerberos 5 Upgrade Henry B. Hotz Jet Propulsion Laboratory California Institute of

JPL's Kerberos 5 Upgrade Henry B. Hotz Jet Propulsion Laboratory California Institute of Technology Henry B. Hotz Kerberos 5 Upgrade Overview Preparation Requirements and Testing MIT/KTH (Heimdal) Tradeoff Doing the upgrade

708 views • 9 slides
Site Report OpenAFS and Kerberos at the Max Planck Institute for Gravitational Physics October

Site Report OpenAFS and Kerberos at the Max Planck Institute for Gravitational Physics October

Site Report OpenAFS and Kerberos at the Max Planck Institute for Gravitational Physics October 18th, 2012 Andreas Donath Systemsadministrator MPI for Gravitational Physics European AFS and Kerberos Conference 2012 Max - Planck - Institut fr

370 views • 16 slides
Kerberos Created in MIT Athena project 1988. Has been in wide use in the USA. It has been

Kerberos Created in MIT Athena project 1988. Has been in wide use in the USA. It has been

Kerberos Created in MIT Athena project 1988. Has been in wide use in the USA. It has been available for free to US and Canadian users, but under export restrictions because the cryptoalgorithms DES and RSA could not be exported.

637 views • 30 slides
A Talk about MS-SFU Kerberos Extensions: Protocol Transition (S4U2Self) & Constrained

A Talk about MS-SFU Kerberos Extensions: Protocol Transition (S4U2Self) & Constrained

A Talk about MS-SFU Kerberos Extensions: Protocol Transition (S4U2Self) & Constrained Delegation (S4U2Proxy). Isaac Boukris SambaXP 2019 Agenda Why S4U2Self is important for Samba. How does it work in local and cross realm.

84 views • 6 slides
Hybrid scheme Kerberos Protocol Public-key: nice solution for key distribution, but

Hybrid scheme Kerberos Protocol Public-key: nice solution for key distribution, but

Hybrid scheme Kerberos Protocol Public-key: nice solution for key distribution, but Motivation : In a multi-national company, its computational expensive distributed information services are usually maintained by various business units

461 views • 7 slides
Authentication in real world: Kerberos, SSH and SSL Zheng Ma Apr 19, 2005 Where are we? After

Authentication in real world: Kerberos, SSH and SSL Zheng Ma Apr 19, 2005 Where are we? After

Authentication in real world: Kerberos, SSH and SSL Zheng Ma Apr 19, 2005 Where are we? After learning all the foundation of modern cryptography, we are ready to see some real world applications based on them. What happened when you

592 views • 33 slides
Kerberos and Single Sign-On with HTTP Joe Orton Red Hat Overview Introduction The

Kerberos and Single Sign-On with HTTP Joe Orton Red Hat Overview Introduction The

Kerberos and Single Sign-On with HTTP Joe Orton Red Hat Overview Introduction The Problem Current Solutions Future Solutions Conclusion Introduction WebDAV: common complaint of poor support for authentication in

917 views • 34 slides

More recommend