random subjects for 312
This commit is contained in:
shockrahwow
parent
a441ac65e1
commit
c746dd5ef9
8
312/kerberos.md
Normal file
8
312/kerberos.md
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
# Kerberos
|
||||||
|
|
||||||
|
Method of distributing keys where we deal with clusters made of two parts:
|
||||||
|
|
||||||
|
* Authentication server
|
||||||
|
* Ticket-granting server
|
||||||
|
|
||||||
|
|
||||||
35
312/key-dist.md
Normal file
35
312/key-dist.md
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
# Key Distribution
|
||||||
|
|
||||||
|
A wants to talk to B but securely(duh).
|
||||||
|
A trusted third party steps in to provide keys
|
||||||
|
|
||||||
|
|
||||||
|
## Needham-Schoeder
|
||||||
|
|
||||||
|
> _used to authenticate users_
|
||||||
|
|
||||||
|
Say we have A & B that want to talk.
|
||||||
|
|
||||||
|
```
|
||||||
|
A sends (IDA, IDB) to KDC
|
||||||
|
KDC sends Enc(SessionKeyA, IDB, Nonce1, Enc(SessionKeyB, SharedKeyA, IDA)) to A
|
||||||
|
A sends Enc(SessionKeyB, SharedKeyB, IDA) // this bit came in the package from last round
|
||||||
|
...
|
||||||
|
...
|
||||||
|
```
|
||||||
|
|
||||||
|
## Denning
|
||||||
|
|
||||||
|
Fixes step 3 with timestamps. We also shorten the overall process.
|
||||||
|
Problem: both parties need to be time synchronized.
|
||||||
|
|
||||||
|
NOTE: the Sessionkey below is shared between A and B. THe SharedKeyX is shared between the Key Distribution Center and the user.
|
||||||
|
|
||||||
|
1. A sends {IDA, NonceA} B
|
||||||
|
2. B sends {NonceB, Enc(SharedKeyB, [IDA, NonceA, TimeB])} to KDC
|
||||||
|
3. KDC sends {Enc(SharedKeyA, [IDB,, NonceA, SessionKey, TimeB), E(SharedKeyB, [IDA, SessionKey, TimeB]), NonceB} to A
|
||||||
|
4. A sends {E(SharedKey, [IDA, SessionKey, TimeB]), E(SessionKey, NonceB} to B
|
||||||
|
|
||||||
|
## Kerberos
|
||||||
|
|
||||||
|
The model itself can be thought of similar to
|
||||||
Loading…
Reference in New Issue
Block a user