Explain Kerberos5, Remote User Authentication and One Way Authentication?

Kerberos5: It is developed in mid 1990’s and specified as Internet standard RFC 1510

  1. provides improvements over v4
    • addresses environmental shortcomings
      • encryption alg, network protocol, byte order, ticket lifetime, authentication forwarding, interrealm auth
    • and technical deficiencies
      • double encryption, non-std mode of use, session keys, password attacks.

Untitled

Remote User Authentication:

  1. We have used of public-key encryption for session key distribution
    • assumes both parties have other’s public keys
    • may not be practical
  2. have Denning protocol using timestamps
    • uses central authentication server (AS) to provide public-key certificates
    • requires synchronized clocks
  3. have Woo and Lam protocol using nonces
  4. care needed to ensure no protocol flaws

One-Way Authentication:

  1. have public-key approaches for email
    • encryption of message for confidentiality, authentication, or both
    • must now public keys
    • using costly public-key alg on long message
  2. for confidentiality encrypt message with one-time secret key, public-key encrypted
  3. for authentication use a digital signature
    • may need to protect by encrypting signature
  4. use digital certificate to supply public key

Leave a Reply

Your email address will not be published. Required fields are marked *