AuthenticationAdvanced Software Engineering (CSE870)

Instructor: Dr. B. ChengContact info: chengb at cse dot msu dot edu

Eduardo DiazDan Fiedler

Andres Ramirez

Road Map

?Introduction to Authentication?Needham-Schroeder, Otway-Rees, Kerberos

?Commonalities?Additional Requirements?Class Diagrams?State Diagrams?Conclusions

Authentication

?Meet:?Alice (Staff)

?Bob (MISys)

Authentication

?Purpose?Key exchange.?Allow Alice to secretly communicate with Bob using a shared

cryptographic key.

?Methods?Private keys, shared keys, public keys…

?Potential Problems?Trustworthy??Safe handling of private keys?

Needham-Schroeder

1. Alice Cathy: {Alice || Bob || rand1}2. Cathy Alice: {Alice || Bob || rand1}Ksess

|| {Alice || Ksess}kbob}kalice

3. Alice Bob: {Alice || ksess}kbob

4. Bob Alice: {rand2}ksess

5. Alice Bob: {rand2 - 1}ksess

Needham Schroeder

?Motive??Prevent replay attacks?A valid data transmission is retransmitted

maliciously.

?Nonces?Randomly generated numbers to identify

exchanges.?Key idea: Cathy is trusted by Alice and

Bob.

Otway-Rees

1. Alice Bob: num || Alice || Bob || { rand1 || num || Alice|| Bob}kalice

2. Bob Cathy: num || Alice || Bob ||{rand1 || num || Alice || Bob}kalice || {rand2 || num || Alice || Bob}kbob

3. Cathy Bob: num || {rand1 || ksess}kalice || {rand2 || ksess}kbob

4. Bob Alice: num || {rand1 || ksess}kalice

Otway-Rees

?Motivation?Needham-Schroeder assumes all cryptographic

keys are secure… in practice generated pseudorandomly… but it can be predicted.

?Num?Verify that num agrees through the exchanges.

?Key Idea?Cathy is again the trustworthy element.

Kerberos

1. Alice Cerberus: Alice || Barnum2. Cerberus Alice: {kalice,barnum}kalice || Talice,barnum

3. Alice Barnum: Guttenberg || Aalice,barnum ||Talice,barnum

4. Barnum Alice: Alice || {kalice,guttenberg}kalicebarnum

|| Talice,guttenberg

5. Alice Guttenberg: Aalice,guttenberg ||Talice,guttenberg

6. Guttenberg Alice: {t+1}kalice,guttenberg

Kerberos

?What is T??Talice,barnum = Barnum || {Alice || Alice Address ||

valid time || kalice,barnum}kbarnum

?What is A??{Alice || generation time || kt}kalice,barnum?Kt… not used.

Kerberos

?Motivation?Separate authentication of the user to ticket granting

server and resource being requested.

?2 Servers?Authenticate first?Obtain ticket second

?Key Idea:?Time windows?Separation of trusted parties

Commonalities

?Message Passing?Authentication Requests?Encryption / Decryption?Key Passing?… other than that, not much!?Each protocol has slight variants.

Additional Requirements

?Same as other groups plus:?Incorporate 2 design patterns?1 must be a security design pattern?Strategy Design Pattern (encryption algorithms)?Single Access Point (entry and logging)

?Instantiate the framework at MISys?At the whitebox level

Whitebox Class Diagram

N.S. Class Diagram

O.R. Class Diagram

Kerberos Class Diagram

Whitebox Class Diagram-MISys

State Diagrams, NS

State Diagrams, N.S.

State Diagram, O.R.

State Diagram, O.R.

State Diagram, Kerberos

Graybox Class Diagram

BlackBox Class Diagram

Conclusions

?Questions?