NIST PKI 06: Integrating PKI and Kerberos (updated April 2007) Jeffrey Altman



Similar documents
CS 356 Lecture 28 Internet Authentication. Spring 2013

4.2: Kerberos Kerberos V4 Kerberos V5. Chapter 5: Security Concepts for Networks. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme

Implementing a Kerberos Single Sign-on Infrastructure

Attacking Kerberos Deployments

Kerberos and Active Directory symmetric cryptography in practice COSC412

Authentication Applications

10.2 World Wide Web Security S-HTTP (secure hypertext transfer protocol) SEA (security extension architecture)

Using Kerberos for Web Authentication. Wesley Craig University of Michigan

Introduction to Computer Security

Authentication Applications

Kerberos and Single Sign-On with HTTP

Introduction to Computer Security

KERBEROS ROAD MAP SAM HARTMAN MIT KERBEROS CONSORTIUM APRIL 7, 2008

Chapter 4. Authentication Applications. COSC 490 Network Security Annie Lu 1

Windows 2000 Security Architecture. Peter Brundrett Program Manager Windows 2000 Security Microsoft Corporation

Kerberos authentication made easy on OpenVMS

WATCHING THE WATCHDOG: PROTECTING KERBEROS AUTHENTICATION WITH NETWORK MONITORING

How To Use The Gss-Api And Sspi For A Security Reason On A Microsoft Microsoft Server (Or A Microsplatte)

GT 6.0 GSI C Security: Key Concepts

Stealing credentials for impersonation

Enterprise Security: Building On All Your Assets

Two SSO Architectures with a Single Set of Credentials

Kerberos on z/os. Active Directory On Windows Server William Mosley z/os NAS Development. December Interaction with.

Kerberos. Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, BC. From Italy (?).

Leverage Active Directory with Kerberos to Eliminate HTTP Password

Taming the beast : Assess Kerberos-protected networks

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Kerberos. Login via Password. Keys in Kerberos

HOBCOM and HOBLink J-Term

Chapter 17. Transport-Level Security

Connecting Web and Kerberos Single Sign On

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Authentication Application

Architecture of Enterprise Applications III Single Sign-On

Managing Credentials with

Kerberos v5 Tutorial. Ken Hornstein Jeffrey Altman

Security. TestOut Modules

Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 15.1

Remote access. Contents

-- Mario G. Salvadori, Why Buildings Fall Down*

Web Single Sign-On System. For WRL Company

Key Management and Distribution

Using PIV Smart Cards on Linux for Authentication to Windows Active Directory

Password Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos

A method to Implement the Kerberos User. Authentication and the secured Internet Service

Copyright Warning & Restrictions

WHITE PAPER. Smart Card Authentication for J2EE Applications Using Vintela SSO for Java (VSJ)

TOPIC HIERARCHY. Distributed Environment. Security. Kerberos

Standards and Products. Computer Security. Kerberos. Kerberos

Guide to SASL, GSSAPI & Kerberos v.6.0

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Step- by- Step guide to Configure Single sign- on for HTTP requests using SPNEGO web authentication

Configuring Integrated Windows Authentication for JBoss with SAS 9.2 Web Applications

Key Management and Distribution

Authentication is not Authorization?! And what is a "digital signature" anyway?

The Security Framework 4.1 Programming and Design

10/23/12. Fundamentals of Linux Platform Security. Linux Platform Security. Roadmap. Security Training Course. Module 9 Application Security

PKI Made Easy: Managing Certificates with Dogtag. Ade Lee Sr. Software Engineer Red Hat, Inc

Securing Session Initiation Protocol for VOIP Services

Table of Contents. KITC use-case 11 June 2010 Copyright MIT-KC All Rights Reserved. Page 4 of 14

An Analysis of the Kerberos Authentication System

API-Security Gateway Dirk Krafzig

Network Security Protocols

Entrust Managed Services PKI

CS 4803 Computer and Network Security

Single Sign-On: Reviewing the Field

Chapter 15 User Authentication

Single Sign-On, Two Factor & more: Advanced Authentication & Authorization at the University of Pennsylvania

IQS Identity and Access Management

Angel Dichev RIG, SAP Labs

The Role of Digital Certificates in Contemporary Government Systems: the Case of UAE Identity Authority

IceWarp Server - SSO (Single Sign-On)

Contents. Supported Platforms. Event Viewer. User Identification Using the Domain Controller Security Log. SonicOS

HP Access Control Smartcard Solution

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Single Sign-On for Kerberized Linux and UNIX Applications

Introduction to Network Security Key Management and Distribution

Secure Cloud Service Management and its Resource Utilization of Server Using Volunteer Computing

Cryptography and network security CNET4523

VMware Zimbra Security. Protecting Your VMware Zimbra and Collaboration Environment

Using Entrust certificates with VPN

Grid Computing - X.509

Security Technical. Overview. BlackBerry Enterprise Service 10. BlackBerry Device Service Solution Version: 10.2

Juniper Networks Secure Access Kerberos Constrained Delegation

SECO Whitepaper. SuisseID Smart Card Logon Configuration Guide. Prepared for SECO. Publish Date Version V1.0

Lecture 31 SSL. SSL: Secure Socket Layer. History SSL SSL. Security April 13, 2005

Security Guide. BES12 Cloud. for BlackBerry

Recommended Practices for Deploying & Using Kerberos in Mixed Environments

Overview. SSL Cryptography Overview CHAPTER 1

Using the MyProxy Online Credential Repository

Advanced Administration

Web Security: Encryption & Authentication

Attestation and Authentication Protocols Using the TPM

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Security of information systems secure file transfer

Chapter 7 Transport-Level Security

CERTIFICATES AND CRYPTOGRAPHY

How To Make A Trustless Certificate Authority Secure

What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4

Certificates in a Nutshell. Jens Jensen, STFC Leader of EUDAT AAI TF

Transcription:

NIST PKI 06: Integrating PKI and Kerberos (updated April 2007) Jeffrey Altman

The Slow Convergence of PKI and Kerberos At Connectathon 1995 Dan Nessett of Sun Microsystems was quoted saying Kerberos will gradually move toward public-key in reference to the publication of Internet Draft draft-ietf-cat-kerberos-pk-init-00 IETF CAT Working Group (Apr 1995) discussed not only pkinit-00 but also Netscape s proposal for something called SSL. Eleven years and 34 drafts later PK-INIT was approved as an IETF Proposed Standard (RFC 4556) How much more gradually can we move?

A Three Slide Overview of Kerberos V5 Before PKI: Single Realm The Authentication Service (AS) Exchange The client obtains an "initial" ticket from the Kerberos authentication server (AS), typically a Ticket Granting Ticket (TGT). The AS-REQ may optionally contain preauthentication data to prove the client s identity. The AS-REP, containing an authenticator (aka ticket), is encrypted in the client s long term key. The Ticket Granting Service (TGS) Exchange The client subsequently uses the TGT to authenticate and request a service ticket for a particular service, from the Kerberos ticketgranting server (TGS). The Client/Server Authentication Protocol (AP) Exchange The client then makes a request with an AP-REQ message, consisting of a service ticket and an authenticator that certifies the client's possession of the ticket session key. The server may optionally reply with an AP-REP message. AP exchanges typically negotiate session specific symmetric keys. 1. AS-REQ 2. AS-REP Client@FOO.KERB 6. AP-REP 5. AP-REQ 3. TGS-REQ 4. TGS-REP FOO.KERB Srv/Host@FOO.KERB

Slide 2: Kerberos 5 Cross Realm Tickets Obtained krbtgt/foo.kerb@foo.kerb krbtgt/bar.kerb@foo.kerb Srv/Host@BAR.KERB 1. AS-REQ 2. AS-REP FOO.KERB Cross Realm works when realm FOO.KERB shares a key with realm BAR.KERB. 7. AP-REQ 8. AP-REP 3. TGS-REQ 4. TGS-REP In all cases, the KDC must share a key with the application Service. Srv/Host@BAR.KERB Client@FOO.KERB 5. TGS-REQ 6. TGS-REP BAR.KERB

Slide 3: Kerberos 5 Delegation Delegation utilizes the ability to FORWARD tickets from a client machine to a service. The service can then assume the identity of the client in order to authenticate to a subsequent service. Constraints can be applied to the forwarded tickets using authorization data.

PKI and Kerberos have each excelled in separate but overlapping spheres PKI and the Web Smartcards for logon Web Service authentication TLS authenticated services FTP, SMTP, IMAP, many more Signatures and Privacy (S/MIME) E-mail Instant Messages Kerberos and Enterprise Services Console Logon Remote Console Logon File System Access AFS, NFS, CIFS, FTP E-mail Service Access Print Services Real-time authenticated messaging Zephyr

But combining PKI and Kerberos is necessary for true Single Sign-On Multifactor Initial Authentication Mutual Client Server authentication With Delegation Through Proxies Supporting all protocols It s a big task but we can do it!!!

How the PKI and Kerberos worlds can be joined Imagine a world in which each Kerberos Key Distribution Center is also a Certificate Authority. Its not hard to do, think Microsoft Active Directory. PK-INIT* Kerberos Initial Ticket Acquisition using Public Key Certificates or Raw Key Pairs PK-CROSS Establishment of Kerberos Cross Realm relationships using Public Key Mutual Authentication of KDCs Secure Generation of Static Keys PK-APP (aka kx509/kca)* Acquisition of Public Key certificates via Kerberized Certificate Authorities *implementations are currently available

PK-INIT: How does it work? PK-INIT is implemented as a Kerberos Pre-authentication mechanism If the client s request adheres to KDC policy and can be validated by its trusted CAs, then the reply is encrypted either with A key generated by a DH key exchange and signed using the KDC s signature key, or A symmetric encryption key, signed using the KDC s signature key, and then encrypted with the client s public key. Any required keying material is returned to the client as part of the AS-REP s PA-PK data. If the client can validate the KDC s signature, obtain the encryption key, and decrypt the reply, then it has successfully obtained an Initial Ticket Granting Ticket.

PK-INIT: Not Vaporware Draft -9 deployed by Microsoft in Windows 2000 and above The Proposed Standard (RFC 4556) is being deployed today: Microsoft Vista Heimdal Kerberos Future deployments: MIT Kerberos 1.7 and the operating systems that distribute it

PK-INIT: Opening the doors to alternative enrollment models Trusted CA issued certificate can be enrolled with multiple realms Raw public key pairs can be used instead of certs allowing SSH style enrollments A single smart card can be enrolled with multiple realms allowing the acquisition of TGTs for multiple service providers

PK-CROSS: Easing the administrative challenges to key exchange Kerberos Cross Realm succeeds in Active Directory Forests because the key establishment is automated Kerberos Cross Realm works for the major Universities and Government labs because they have taken the time to manually establish keys For the rest of us, an automated key establishment protocol is required. Public key crypto could reduce the administrative burden to the configuration of policy.

KX.509 (or How to authenticate using a Kerberos identity to a PKI service) KX509 utilizes a Kerberos Application Service authentication to communicate with a special certificate service that issues client certificates with the same identity and valid lifetime as the Kerberos Service ticket. The resulting certificate is placed in the certificate store for use by applications such as web browsers.

What s Next for Kerberos and PKI Integration? Standardize PK-CROSS and PK-APP (kx509/kca) Strive for Zero Configuration Standardize the use of SAML decoration of PKI Certificates and Kerberos Tickets Standardize a firewall friendly method of communicating with Kerberos KDCs Microsoft and Secure Endpoints are co-authoring IAKERB, a proxy mechanism that permits Kerberos TGS requests to be tunneled as part of a GSS-API service authentication Improve the user experience Focus deployment efforts on the goal of reducing the number of credentials end users are responsible for securing

References KX509/Kerberized Certificate Authority http://www.kx509.org IETF Kerberos Working Group http://www.ietf.org/html.charters/krb-wg-charter.html Heimdal PKINIT http://people.su.se/~lha/patches/heimdal/pkinit/ Microsoft Windows 2000 PKINIT http://support.microsoft.com/kb/248753/en-us

Q&A

Requirements for Federated Single Sign-On Trusted initial authentication Smartcards, Zero Knowledge Inference, Biometrics, One Time Pads. May require different methods depending on the environment Mutual Authentication between each set of endpoints Delegation of credentials with constraints Forwardable Kerberos tickets Authorization Data (MS PAC, SAML) provide constraints Ability to present a recognizable credential to each service Certificates or Tickets Federated acceptance of presented credentials

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information