Lecture02_Foundations_Cryptography_Authentication_Kerberos.pdf

Full Transcript

Foundations of Cryptography and
Secure Authentication Protocols

Dr. Mouhannad ALATTAR

CSCI368 Network Security

Autumn 2024
 Outline

Introduction to Cryptography
 Symmetric Key Encryption
 Asymmetric Key Encryption
 Hash functions

Access Control

Authentication

Kerberos Protocol
The Problem: Insecure Communication

Network

Intercept
Modify
Fabricate
Hi :) Interrupt
Alice Bob
 Cryptography

Cryptology

Cryptography Cryptanalysis

Encryption Decryption
 Steganography vs. Cryptography

Steganography is about concealing the message itself, so others don’t
know there’s any communication happening.
 Example: Embedding a message within an image or audio file.
 Try it: Steganography Online

Cryptography focuses on scrambling the message so it’s unreadable if
intercepted.
Cryptography Goals: Securing Communication

Cryptography helps in ensuring secure communication over an
insecure medium
 Confidentiality (Privacy): Only the intended recipient can read the
communication.
 Authenticity: Guarantees that the communication comes from the
claimed sender.
 Integrity: The message remains unaltered during transmission.
 Non-repudiation: Ensures the sender cannot deny sending the
message (using digital signatures).
 History of Cryptography: Scytale

The oldest known military ciphering method (404 B.C)

The Scytale is a cipher that is based on a transposition method.

How it works:
 The sender writes their message on the parchment, and once unwrapped,
the letters appear scrambled. To read the message, the recipient needs a
rod of the same diameter, which serves as the 'key'. They wrap the
parchment around their rod and the message reappears in the correct
order.

The diameter of the Scytale can be regarded as the key of the cipher.

Ref: http://www.cryptool-online.org/images/stories/cto/Skytale.png
 History of Cryptography: Ceasar’s Cipher
It is a cipher that is based on a shifting method.

Each letter of the alphabet is translated into a letter a fixed number of
spaces after it
 ci = E(pi) = (pi + K) mod 26

Example:
 K=3
 A ➔ D, B ➔ E , C ➔ F, … , X ➔ A , Y ➔ B, Z ➔ C
 HELLO ➔ KHOOR

Cryptanalysis based on language characteristics techniques (e.g.,
frequency analysis)
 Cryptography: How it works?

Internet

e7d*# e7d*#
Hi :) Hi :)
4= 4=
Alice Bob

Plain Encryption Cipher Cipher Decryption Plain
Text Text Text Text
 Terminology

o Plaintext (P)
 Original message with an obvious meaning

o Encryption (E) (encipher)
 The process of transforming a message so that its
meaning is not obvious
o Ciphertext (C)
 The encrypted form of the message
o Decryption (D) (decipher)
 Transforming encrypted message back to its original form

o Encryption Key (K);
 a piece of information (usually a string of characters) used
during the process of encryption or decryption.

10
 Key length & Brut Force

Key length refers to the number of bits in the encryption key. For
example, a 2-bit key has four values 00, 01, 10, 11 which defines the
Key space

A key of length “n” has a key space of 2^n distinct values.

The larger the key space, the harder it becomes for an attacker to
brute-force every possible combination.

Key Size (bits) Number ofAlternative Time required at 1 Time required at 106
Keys decryption/µs decryptions/µs
32 232 = 4.3 ξ 109 231 µs = 35.8 minutes 2.15 milliseconds
56 256 = 7.2 ξ 1016 255 µs = 1142 years 10.01 hours
128 2128 = 3.4 ξ 1038 2127 µs = 5.4 ξ 1024 years 5.4 ξ 1018 years

168 2168 = 3.7 ξ 1050 2167 µs = 5.9 ξ 1036 years 5.9 ξ 1030 years
 Random Numbers in Cryptography

A random number is a value generated in an unpredictable manner,
with no discernible pattern.

Random numbers are essential for generating encryption keys,
ensuring they are unpredictable and secure.

Random numbers must be truly unpredictable, which requires high-
quality random number generators (RNGs).
 Hardware-based RNGs: generate random numbers based on physical
processes such as electrical noise or radioactive decay
 Pseudo-Random Number Generators (PRNGs): use mathematical
algorithms to generate a sequence of numbers that appear random, but
are actually deterministic if the initial seed is known

NB: in authentication, random numbers (nonces) are used to prevent
replay attacks.
 Cryptography: Symmetric vs Asymmetric
Symmetric Key
Alogorithms

Encryption/Decryption Key
(Secret Key)

Plain Encryption Decryption Plain
Cipher Text Text
Text

Encryption Key Decryption Key
(Receiver's Public key) (My Private key)

Asymmetric Key
Alogorithms
Symmetric Key Algorithms: Stream vs. Block

o Stream cipher:
 algorithm operates on individual bits (or bytes) one at a time. It
convert each symbol of plaintext into a symbol of ciphertext
 Example: Salsa20, ChaCha20, RC4

o Block cipher:
 break the plaintext into strings (called blocks) of fixed length
and encrypt one block at a time.
 Example, AES, 3DES, DES
 Example of Stream cipher

Encryption Decryption
11001100 plaintext 10100000 ciphertext
⊕ 01101100 key stream ⊕ 01101100 key stream
10100000 ciphertext 11001100 plaintext

15
 Symmetric Cryptography:
Famous Block Cipher algorithms
(Data Encryption Triple DES – Advanced
Standard) TDES or Encryption
DES 3DES Standard
(AES)
Year Approved 1977 1999 2001
Key Length (bits) 64 (56 + 8) 112 or 168 128, 192 or 256
Key Strength Weak Strong Strong
Processing Moderate High Modest
Requirements
RAM Moderate High Modest
Requirements
Note Block Cipher - Block Cipher Block Cipher -
Cracked Widely used today
(exhaustive
search)
 Block Cipher: Modes of Operation
Operation Mode: specifies how blocks are processed and linked
together

ECB: Electronic CodeBook mode:
 Encrypt each 64-bit block independently

 Same input plaintext gives same output ciphertext

CBC: Cipher Block Chaining mode:
 Encryption: Ci = EK(Pi , Ci-1)

 Decryption: Pi = Ci-1 , DK(Ci)

GCM: Galois/Counter Mode:
Adds an authentication tag to the ciphertext to ensure also
authenticity (integrity)
 DES - ECB Mode
Plaintext
64-Bit Block #1 64-Bit Block #2 64-Bit Block #3..... 64-Bit Block #n

DES Encryption 64-Bit Ciphertext
Process Block #1
64-Bit Key

64-Bit Block #1

DES Encryption 64-Bit Ciphertext
Process Block #2
64-Bit Key

64-Bit Block #2.... Block #n
 DES - CBC Mode
Plaintext
64-Bit Block #1 64-Bit Block #2 64-Bit Block #3..... 64-Bit Block #n

Initialization Vector (IV)

DES Encryption 64-Bit Ciphertext
Process Block #1
64-Bit Key

64-Bit Block #1

DES Encryption 64-Bit Ciphertext
Process Block #2
64-Bit Key

64-Bit Block #2.... Block #n
 Symmetric Cryptography: Key Distribution
Problem

Bob

For N entities, Number of keys = N(N - 1) / 2

Alice

John
 Public Key (Asymmetric) Cryptography
Key Distribution Problem: In symmetric cryptography, securely sharing
a secret key is challenging. Asymmetric cryptography solves this by
allowing secure key exchange over public channels.

How Public Key Cryptography Works:
Every entity has a public key and a private key.
Public key can be shared openly with anyone.
Private key must be kept secret by the owner.
One-way relationship: It is computationally infeasible to derive the
private key from the public key.
Encryption and Decryption: Data encrypted with the public key
can only be decrypted by the private key and vice versa (used for
digital signature).
 Public Key (Asymmetric) Cryptography

Bob

Bob public
keys ring
Alice

Encryption Key
Decryption Key
(Alice's Public key)
(Alice's Private key) Alice

John
 RSA: the famous asymmetric algorithm

RSA by Ron Rivest, Adi Shamir, and Leonard Adleman – 1977

The security of RSA relies on the fact that factoring large numbers
into prime factors is computationally infeasible with current
technology:
Two large prime numbers are chosen (let's call them p and q).
Multiply them together to get a large number (n), which forms
part of the public and private keys.
Factoring n back into p and q is extremely difficult, especially
as the numbers grow larger.
RSA algorithm
 The Challenge of Public Key Sharing

Key availability ?

Key ownership ?

Key validity ?
 Certificate Authorities
Public key cryptography relies on distributing public keys openly, but
without proper verification, a hacker can spoof or impersonate
someone’s identity by providing a fake public key.

Man-in-the-Middle (MITM) Attacks: If a hacker intercepts a public key
exchange, they can replace the real public key with their own, allowing
them to decrypt, modify, or intercept communications.

Certificate Authorities (CAs) provides a solution:
A Certificate Authority (CA) is a trusted third party that verifies the
ownership of public keys.
CAs issue digital certificates that bind an entity’s public key to its
identity.
These certificates provide authentication, ensuring that the public
key truly belongs to the person or entity claiming it.
Digital Certificates
 Web of trust?

How can I get a certified public key?
Auto-certification
 Symmetric vs Asymmetric Cryptography:
Advantages & Challenges
Characteristic Symmetric Cryptography Asymmetric Cryptography
Encryption The same key is used for both Different keys are used: a public
Method encryption and decryption. key for encryption and a private
key for decryption.
Security - Secure key storage and - The private key must be kept
Requirements transmission. secret.
- Knowledge of the algorithm plus - Impossible to derive the private
samples of ciphertext must be key from the public key.
insufficient to determine the key - Knowledge of the algorithm or
ciphertext shouldn’t reveal the
private key.
Advantages - Faster and more efficient for large - Simplifies key distribution.
data. - Provides non-repudiation through
- Lower computational overhead. digital signatures.
Disadvantages - Key management and secure key - Slower performance for
exchange is challenging. encryption/decryption due to
complex algorithms.
 Hybrid Encryption
symmetric session key




plaintext
 plaintext
encrypt  decrypt



encrypt decrypt

Bob’s Bob’s
public private
Hashing: the One-way function

easy

f(x)

Difficult… unless you know
x some auxiliary information!
 Hash (One-Way) Functions
Hashing:
Mathematical process for converting any input (of any size) into
fixed-length outputs.
Different inputs should have different outputs.
Hash function:
Algorithm that does the hashing. It hashes the input with a shared
secret or password. Example: MD5, SHA1, SHA256 ….
Simulator: http://www.cryptage-md5.com/

Input Hash sum

Car Hash Function D7J9655J

Red Car Hash Function KJGH76GD

red car Hash Function JHTGFRTY
This is not a
Hash Function NEO04CCP
car
 Hash Functions : Security Uses
Password hashing
Store the password’s hash. When a password is supplied, it computes
the password’s hash and compares it with the stored value.

Message integrity
Using cryptographic hash functions to generate a MAC

Download security
Using a hash function to ensure a download program is not modified

Improving signature efficiency
Compute a message digest (using a hash function) and sign that.
 Encryption vs. Hashing
Encryption Hashing

Use of Key Uses a key as an Password is usually added
input to an to text; the two are
encryption method combined, and the
combination is hashed

Length of Output is similar in Output is of a fixed
Result length to input short length,
regardless of input

Reversilbility Reversible; ciphertext One-way function; hash
can be decrypted cannot be “de-hashed” back
back to plaintext to the original string
 Why Protect Integrity and Authenticity?

Integrity: Ensures that the data has not been tampered with during
transmission or storage.

Authenticity: Confirms the identity of the sender and guarantees the
message originates from the stated source.

Without protection, data can be altered, and communication can
be impersonated by attackers.

Cryptography provides the solutions:
Message Authentication Code (MAC)
Digital Signature
 Message Authentication Code (MAC)

Ensures both data integrity and authentication.

Uses a symmetric key shared between sender and receiver.

A MAC tag is appended to the message and verified by the
receiver.

Ref: https://www.thesslstore.com/blog/what-is-a-message-authentication-code-mac/
 Digital Signature
Ensures data integrity, authentication, and non-repudiation (prevent
Sender from denying he sent the message).

Use asymmetric encryption (e.g., RSA, ECDSA): private key to sign,
public key to verify.

Hi :) Hi :) Hi :) Hi :)

S S’

Hash function Hash function
Alice Bob

Alice's
h h
Public Key

Decryption
Encryption
Alice's
Private Key h’ =?
S
 Outline

Introduction to Cryptography
 Symmetric Key Encryption
 Asymmetric Key Encryption
 Hash functions

Access Control

Authentication

Kerberos Protocol
 Access Control in Cybersecurity

What is Access Control?
A security mechanism that defines who can view, use, or interact
with resources.
Controls permissions based on roles or identities, ensuring only
authorized entities (e.g., users, processes, systems) can access
specific resources.
Ensures confidentiality and integrity by preventing unauthorized
access & Limits the damage that can be caused by attackers or
insiders by restricting access.
Helps comply with regulations and standards (e.g., GDPR, HIPAA)

Types of Access Control:
Discretionary Access Control (DAC): The owner of the resource
decides who can access it.
Mandatory Access Control (MAC): Access is determined by
centralized policies (usually used in government or military).
Role-Based Access Control (RBAC): Access is based on roles and
responsibilities within the organization.
Access Control Process: Authentication,
Permissions, and Auditing
 DAC and the Access Matrix

Discretionary Access Control (DAC):
DAC allows the owner of a resource to determine who can access it.
It’s a flexible model often used in personal systems but has security
risks due to potential user errors.

The Access Matrix:
is a model used to describe permissions in a DAC system.
Rows represent users, and columns represent resources.
Each cell in the matrix indicates the permissions a user has for a
resource (read, write, execute).
An Access Control List (ACL) or Capabilities List can be used to
implement the matrix
 Role-Based Access Control (RBAC)

RBAC controls access based on the user’s role (not the individual user)
within the organization:
Roles are assigned permissions based on the responsibilities of the
role. Roles reflect organizational structures (e.g., Admin, Manager,
Security Officer, HR).
Users are assigned one or more roles, and their permissions are
determined by the role(s) they hold.
Simplifies access management as administrators manage roles, not
individual user permissions.

Advantages of RBAC:
Scalability: Easier to manage permissions across large organizations.
Security: Reduces the risk of excessive permissions by assigning only
necessary access based on role.
Efficiency: Simplifies adding or revoking access when users change
roles or leave the organization.
Role-Based Access Control (RBAC) Cont.
 What is Authentication?

Authentication is the process of verifying the identity of a user or
entity before allowing access to a system.

Identification vs. Authentication:
Identification: Claiming an identity (e.g., by providing a username).
Authentication: Verifying that the identity claim is legitimate (e.g., using
a password or fingerprint).

Why It Matters: Authentication is the first critical step in access control
i.e., it is necessary to ensure that only authorized entities can access
sensitive data and resources.
 User authentication Principles

There are three main types of authentication factors:
Something you know: A password or PIN.
Something you have: A security token, smart card, or mobile device.
Something you are: Biometrics such as fingerprints, facial
recognition, or retina scans.

Multi-factor Authentication (MFA): Combining two or more factors to
strengthen security (e.g., password + fingerprint).
 Password Based Authentication:
Issues & Challenges
User login and password is the most common authentication method.

Security Challenges:
Guessing: Weak passwords are vulnerable to brute-force or dictionary
attacks.
Password Leakage: Stolen passwords due to phishing, malware, or
breaches.
Reuse: Users often reuse passwords across multiple systems,
increasing vulnerability.

Solutions:
Strong password policies (e.g., length, complexity).
Use of password managers.
Multi-factor authentication (MFA).
Biometric Authentication: "Something You Are"
Biometric authentication uses unique physical or behavioral traits
for identity verification.
Physical Features: Fingerprint scanning, facial recognition, iris or retina
scanning.
Behavioral Features: Voice recognition, Signature recognition including
how the signature is produced (pressure, speed, stroke order), not just
how the signature looks, Typing style, including speed and rhythm of
key pressure

Advantages:
Difficult to forge or steal.
Convenient—no need to remember a password.

Challenges:
Privacy concerns.
False positives or negatives.
Requires secure storage of biometric data.
 Service Authentication

Service Authentication: Verifying that network services, like servers
or applications, are genuine and secure.

While user authentication focuses on verifying individuals, service
authentication ensures that devices, applications, or services are
legitimate and trustworthy.

Service Authentication Methods:
Certificates (e.g., SSL/TLS for websites).
OAuth tokens for APIs...

Mutual authentication between services is strongly recommended
Centralised Authentication – Kerberos Protocol
 Why Centralized Authentication
Protocols Are Necessary?
Users need to access multiple services hosted on different servers, not
just locally but across a network or the internet.

The user needs to prove his or her identity for each service invoked. Also
require that servers prove their identity to users.

If each server handles authentication individually, it leads to several
issues:
Credential leakage risk: The more frequently credentials are shared,
the higher the risk of them being intercepted or stolen.
Burden on each server: Every server must manage user
authentication, which increases the load and complexity.

Solution: centralizing authentication protocol like Kerberos that:
secure user credentials across multiple services,
assists other servers to authenticate the users and establish session
keys.
 Kerberos: An Overview
Kerberos is an Authentication and Authorization Infrastructure (AAI)
designed to provide strong authentication for client/server applications.

Designed for open, distributed environments where users access
services on different servers from various locations.

Developed at MIT as part of Project Athena

Named after the three-headed watchdog from

Greek mythology.
Kerberos vs. Needham-Schroeder Protocol

Needham-Schroeder Protocol is a cryptographic protocol developed in
1978 by Roger Needham and Michael Schroeder to enable mutual
authentication between two parties over an insecure network.

How it works:
Step 1: One party (A) requests a session key from the Key Distribution
Center (KDC) to communicate with another party (B).
Step 2: The KDC generates a session key and sends it to A, along with an
encrypted version of the session key for B.
Step 3: A forwards the encrypted session key to B.
Step 4: Both A and B now have the same session key and can securely
communicate.

Kerberos is essentially an evolution of the Needham-Schroeder protocol,
incorporating stronger security mechanisms such as timestamps, nonces,
and additional features like the Ticket Granting Ticket (TGT) to streamline
repeated authentication in distributed systems.

52
 How Kerberos Works: An Overview

1. User requests authentication from
the Authentication Server (AS).

2. The AS verifies the user’s identity
and issues a Ticket Granting
Ticket (TGT).

3. The user uses the TGT to request
access to services from the Ticket
Granting Server (TGS).

4. The TGS issues a service ticket for
the specific service.

5. The user presents the service
ticket to access the resource.

6. Server return the resource, data or
services to the client
 Step1: User Request to AS

1. C → AS: IDC, IDtgs, TS1
The client module (on user’s PC) sends on behalf of the user a request
to the Authentication Server (AS). This request includes a time-stamp
(TS1) and two identities:
IDC : to inform AS of the user
IDtgs : to inform AS of the Ticket Granting Service required.
There may be multiple TGS’s.
 Step2: AS Answer

2. AS → C: EKc[Kc,tgs, IDtgs, TS2, Lifetime2, Tickettgs]
Where Tickettgs = EKtgs[Kc,tgs, IDC, ADC, IDtgs, TS2, Lifetime2]

A session key, Kc,tgs , is generated for secure communication with the
ticket granting server indicated by IDtgs.

A time-stamp (TS2) is specified, as is a lifetime (Lifetime2) for the ticket.

Tickettgs :This is for access to TGS: It includes:
The same session key, identity, time-stamp and lifetime.
IDC : indicating the user.
ADC: indicated the network address of the client/user
 Step3: Ticket Granting Request

3. C → TGS: IDV, Tickettgs, AuthenticatorC
Where AuthenticatorC = EKc,tgs[IDC, ADC, TS3]

o The client now has a ticket to communicate with a ticket granting service,
and in this step it communicates with the TGS to request a Server ticket.

IDV : indicates the relevant server.

Tickettgs : is the client’s permission to access the TGS.

AuthenticatorC : It is used by TGS to authenticate C.
Only C and TGS can open it.
Contains IDC, ADC, TS3.
 Step4: Ticket Granting Server Answer

4. TGS → C: EKc,tgs[KC,V , IDV, TS4, Lifetime4, TicketV]
Where TicketV = EKv[Kc,v, IDC, ADC, IDV, TS4, Lifetime4]

The TGS returns a ticket to C, granting access to server/service
V.
The message is encrypted to ensure confidentiality and
authentication.
A key, KC,V , for C to talk to V.
IDV is the identity of the server
There is a new time-stamp (TS4) and a lifetime for the new ticket.
 Step5: User Request to Server

5. C → V: TicketV, AuthenticatorC
Where AuthenticatorC = EKc,v[IDC, ADC, TS5]

The client now communicates TicketV and AuthenticatorC with V for
access.
o AuthenticatorC: Only C and V can open it
Used by V to authenticate C.
Contains IDC, ADC, TS5.
 Step6: Server Answer

6. V → C: EKc,v[TS5 + 1]

In this step the server acknowledges the message from the client.

Access to resources (data or service) is granted
 Summary of KerberosV4 Exchanges

Once per user
logon session:

Once per type
of service

Once per
service session
 Kerberos V4 vs. V5: Encryption & Ticket Lifetime

Kerberos V4 Kerberos V5

Supported Primarily relied on the DES Supports a wider range of stronger
Encryption algorithm, which is now encryption algorithms like AES
Algorithms considered weak
Flexibility to add new encryption
algorithms in the future.

Ticket Lifetime Had a fixed ticket lifetime and Introduced renewable tickets. Users can
didn’t support renewal or request ticket extensions without
extended ticket use. This needing to re-authenticate frequently.
could cause issues if the ticket
expired during long sessions. Allows configurable ticket lifetimes
based on policies,
Cross-Realm No Users can authenticate across multiple
Authentication Kerberos realms, enabling
authentication between different
organizations.
NB: A Kerberos realm is a set of managed nodes
that share the same Kerberos database.
 Kerberos V4 vs. V5: Encryption & Security
Improvements & Authentication Forwarding

Kerberos V4 Kerberos V5
Authentication No support for forwarding user Introduced authentication forwarding,
Forwarding credentials to other services or allowing a user to access services on
machines multiple machines without needing to re-
authenticate.

Known Vulnerable to dictionary Improved protection by using stronger
Vulnerabilities & attacks due to weak encryption algorithms and salting
Security encryption (DES) and lack of passwords before hashing, making
salting for password hashes. dictionary attacks harder.
Enhancements
Replay attacks were possible Introduced timed tickets with timestamps
because the system didn’t and nonces, making it more resistant to
implement proper replay attacks.
timestamping.
Introduces the concept of a subkey,
which is an optional session key that the
client or server can propose to use
instead of the session key generated by
the KDC.
Kerberos Version 5: Message Exchanges

63
 Kerberos and Single Sign-On (SSO)

Single Sign-On (SSO) with Kerberos:
Kerberos provides users with SSO by allowing them to authenticate
once and gain access to multiple services within a network without re-
entering credentials.
The Ticket Granting Ticket (TGT) is issued after the initial login,
allowing the user to request service tickets for various resources
without needing to authenticate again.
This process reduces the risk of repeated password transmissions
across the network, enhancing both user experience and security.

Role in Network Security:
Kerberos ensures mutual authentication between users and services,
preventing impersonation and other forms of attacks.
Widely adopted in enterprise environments (e.g., Microsoft Active
Directory), it integrates seamlessly with existing network services.
Questions?