The Design and Implementation of

a tutorial to illustrate theKerberos protocol

Presenter : Lindy Carter

Supervisors : Peter Wentworth

John Ebden

Kerberos - Some Background…

Trusted third party network authentication protocol.

Implemented in Windows 2000 over the Response Authentication Protocol that Windows NT used.

Uses symmetric key cryptography. Contains 3 “separate” parts –

Authentication Server, Ticket Granting Service and the server.

Background cont…

Central security server shares keys with each controlled resource.

Makes use of authentication tickets that are granted to users.

Both client and server can be authenticated.

The Problem

Difficult to understand and demonstrate.

The aim

Build a web based tutorial which will teach the Kerberos protocol in an effective way.

Tutorial must be able to be extended to cater for other protocols with only slight modification – most security protocols have similar features.– Locks and keys– Message passing

Design Considerations and Implementation Issues

Read up on Kerberos and understand the protocol thoroughly – Read up on other security protocols and try to relate

them to Kerberos.

Examine existing tutorials and see what teaching methods are used.

Consider FAQ’s to try and understand where the problems lie– an indication of what areas to concentrate on

• e.g. why do the system clocks need to be synchronized

Design Considerations and Implementation issues cont Decide on a metaphor on which a physical

model can be based.– Must take into account the other protocols– Final product to be based on the model

Identify how student can be involved in learning process

Build the physical model Implement using Java

The Output

Physical model. Web based tutorial. Some sort of generic platform on which

other authentication protocol tutorials can be based.

Possible extensions

The implementation of tutorials for other authentication protocols

Other generic platforms to build tutorials for other types of protocols

????Questions

?????