Cryptographic Protocols: Kerberos and IPSec - Assignment Example

The Running Head: Research Report on Cryptography   Your name:   Course name:             Professors’ name: Date: Introduction Internet is an insecure place; the existing protocols used in the internet don’t provide any protection. Nowadays tools to “sniff” passwords from the existing networks are common used by hackers. Thus, unencrypted passwords sent over the networks are vulnerable to attacks. Worst yet, other server or client applications will rely on client program to be “honest” about the identity of the user, while other applications will depend client to restrict its activities of its users. Some sites will use firewalls to provide network security. Unfortunately, firewalls assumes that hackers are on outside, but most of incidents of computer crime are carried from within the network. When an individual makes a security decision, he/she might wonder whether to use Kerberos or IPSec for encryption and authentication. The main different between the two is that Kerberos authenticates user- to-service communications and IPSec authenticates computer-to-computer communication. This report will try to explain and contrast role, function of the two cryptographic protocols: Kerberos and IPSec. Table of Content IPSec Protocol IPSec Sub-protocols IPSec Modes IPSec Security Kerberos Protocol Realm Client-based Logon Client Authentication Limitations of Kerberos Conclusion References IPSec Protocol IPSec protocol has been designed to provide integrity, verification or authentication, and confidentiality in a network. This is just a layer that can be found between TCP and the physical layer. It is being used to enhance the IP layer by encrypting data, and this include what is being sent in the IP packets (Carmouche, 2007). IPSec will allow for authentication of the sender and receiver and will provide methods in which the communication for both parties is secured; IPSec support is a mandatory part of IPv6. IPSec can only be used to protect that traffic that are IP-based, but with other network layer protocol such as IPX or Kerberos is of no use. Because this protocol operates at Layer 3 of the OSI model, the protocol has an advantage over SSL and other protocols that operate at a higher layer in OSI model. Therefore, applications can be used with IPSec without being written to be aware of it; encryption occurs transparently to the upper layers. On theoretical level (Snader,2006), IPSec protocol is designed to protect or provide security for IP based network traffic, while on practical level the protocol is used to encrypt data so that it cannot be ‘cracked’ and then subsequently altered or read (Carmouche, 2007). Fig1. IPSec: Security Architecture for IP Network IPSec Sub-protocols IPSec protocol is made up of two protocols: AH (Authentication Header) and ESP (Encapsulating Security Payload) which can be used together or separately. The two protocols will be used together in cases where both the IP header and Data need to be protected (Snader, 2006). -AH (Authentication Header). AH is used to verify the identity of the user- sender- and to ensure data will not be modified (provide integrity to data). This protocol cannot encrypt data, and will not provide confidentially; Authentication Header signs the entire packet (Snader, 2006). - ESP (Encapsulating Security Payload).ESP protocol will provide confidentiality to data by encrypting it, at same time this protocol will provide integrity and authentication, but the protocol will not sign the entire packet; only data (Snader,2006). IPSec Modes There are two modes of operation for both Authentication Header (AH) and Encapsulating Security Payload (ESP): Tunnel mode, this mode is used to create a virtual private network, and provide server to server or gateway to gateway protection (Tiller, 2000). Transport mode, this mode is used to encrypt data that has been created by Layer two tunneling protocol (L2TP). This mode will provide security in end-to-end communication (Tiller, 2000). IPSec Security IPSec protocol will provide security services by allowing a system in network layer to select required security protocols, this is usually determined by algorithm(s) to use for the service(s) and provide any cryptographic keys that are requested by the system in the network. IPSec can be used to protect one or more “paths” between a pair of security gateway, between a pair of hosts, or between a host and security gateway (Davis, 2001). The security services that are offered by IPSec protocol include: connectionless integrity, access control, rejection of replayed packets, data origin authentication, limited traffic flow confidentiality and encryption. When these mechanisms are correctly integrated in internet components that do not have these security mechanisms for protection of their data traffic; they cannot affect hosts and users, in addition these mechanism have been designed to algorithm-independent, in other words, mechanism will permit selection of different sets of algorithms and this will not affect the other parts that has been implemented. For example, different users in the network may select different sets of algorithms if required; creating cliques (Davis, 2001). Kerberos Protocol This is a network authentication protocol that has been designed to provide a strong authentication for clients or server application in a network by using secret-key cryptography. Kerberos Protocol will provide a means of identifying the identities of a network server or workstation user on an open network (Needham, and Schroeder,1997). The host operating system will accomplish this process without relying on authentication, without the need of physical security of all the hosts, and assuming the packets that travel on the network can be modified, read and inserted at will. Kerberos protocol will use conventional cryptography and perform authentication as a trusted third-party, in other words, share secret key- Secret and private are often used interchangeably in the literature. Kerberos protocol has been designed to enable two clients systems to exchange information across an open network, and this is done through assigning a unique key, which is known as a ticket, to each client system, the ticket will be used to log on to the network. The ticket has message or information so that the client system sending the message can be identified. Kerberos uses symmetric Needham-Schroeder protocol as its basis, key distribution center (KDC will be used as a trusted third party and consist of two logically separated parts: a Ticket Granting Server (TGS) and a key distribution center (KDC). As a result of “tickets”, the protocol is able to prove the identity of users using the network. in Kerberos the work of KDC is to maintain a database of secret keys; whether a server or a client, and the protocol will only share the secret key only with KDC and itself. While for communications that involves two different entities, KDC will generate a session key and which it will be used to secure interactions between the two entities. Kerberos relies heavily on synchronized time and on short-lived assertions of authenticity called Kerberos tickets (Kohl, & Neuman, 1993). Realm The used of realm is to indicate an authentication in administrative domain, it purpose is to establish boundaries that are found within which an authentication server has the authority to authenticate a host, user or service; each entities must belong to the same realm, but if two entities are not in the same realms, authentication will take place only if the two entities have a trusted relationship and this is known as Cross-Authentication (Linn, 1993). A service or a user belongs to a realm if and only if they share a secret key or password. Realm is usually case sensitive, in other words, there is different between lower case and upper case letters, but on defaults realms will appear in upper case letters. Client-based Logon A user will enter his username and password on the computer or client machine, and the client machine will perform a one-way function when the user has enter the password, to the machine this will become a secret key of the user or client. Client Authentication This protocol is made up of several sub-protocols- exchanges, and there are two methods in which the client can ask Kerberos protocol for information. In the first method, workstation client will send a cleartext requesting for a desired server in the network to the AS, the reply that is sent back will be encrypted with the client secret key (Denning, and Sacco, 2000). This request is for a ticket-granting ticket (TGT), and sometimes can be used with the ticket-granting server (TGS) in the network. In the second method, in which client ask Kerberos protocol for information. The workstation client will send a request to the TGS; the workstation client will send TGT to TGS in a manner as if it was contacting any other application server, the reply is encrypted in the session key from the TGT (Denning, and Sacco, 2000). Limitations of Kerberos Kerberos protocol is not effective against password, for example if a person uses a weak password then an attacker can guess his/her password and impersonate the that user. Similarly, Kerberos will require a trusted path in which password can be entered (Bellovin, & Merritt, 1990). If the person enters a password to a program or computer that has already been modified by an attacker-a Trojan horse, or if the path between the user and the initial authentication program can be monitored, then an attacker may obtain sufficient information to impersonate the person that has entered the password. Another limitation, when the central server is down no user can be able to log in, but this can be prevented when multiple Kerberos servers are used. Lastly, since all authentications are controlled by a centralized KDC, compromise of this authentication infrastructure will allow an attacker to impersonate any user. Conclusion When a user tries to make a security decisions, he/she might be wondering whether to use Kerberos or IPSec protocols for encryption and authentication. In IPSec protocol will not control the access to services running on a server, it will control whether the user will connect to the computer or machine at the IP layer but not the application layer. Therefore Kerberos will be the best choice for authenticating SQL Server users. For encryption, the protocol to be used will be IPSec because server Net-Libraries and SQL Server 2000 client don’t offer a way that will enable Kerberos encryption, but IPSec can encrypt the entire network packet and prevent it from being tampered with. If a user want to secure his/her data on the network then he/she can use IPSec because it will defend against a wider range of attacks and both UNIX/Linux and Windows platforms support it.   References Bellovin, S. M. and Merritt, M. Limitations of the kerberos authenication system. Computer Communication Review, 20(5):119-132, October 1990. Carmouche, J.H. IPSec virtual private network fundamentals. New York, Cisco Press, 2007 Champine, G. A., and Ruh, W. Project Athena as a distributed computer system. IEEE Computer, 23(9):40-51, September 1990. Davis, C.R. IPSec: securing VPNs. London, Osborne/McGraw-Hill Publisher, 2001. Denning, D. E and Sacco, G. M. Timestamps in key distribution protocols. Communication of the ACM, 24(8):533-536, August 2000. Kohl, J. T. and Neuman, B. C. The Kerberos network authentication service. Internet RFC 1510, September 1999. Linn, J. Generic security service application program interface. Internet RFC 1508, September 1993. Needham, R. M. and Schroeder, M. D. Using encryption for authentication in large networks of computers. Communication of the ACM, 21(12):993-999, December 1997. Snader, J.C. VPNs illustrated: tunnels, VPNs, and IPsec. London, Addison-Wesley Publisher, 2006 Tiller,J. A technical guide to IPSec virtual private networks. New York, CRC Press, 2000 Read More