Many real-life systems use an authentication protocol called Kerberos the Needham - Shroeder is the basis of Kerberos.
Version 4 of Kerberos is found in most practical implementation also version 5 is in use.
Working of Kerberos
There are four parties involved in Kerberos protocol. 1. Alice - the client workstation. 2. Authentication saver (AS) - Verifies (authenticates) the user during login. 3. Ticket Granting Server (TGS) - issues tickets to certify proof of identity.
-The job of AS is to authenticate every user at the login time. AS shares a unique secret password with every user, The job of TGS is to certify to the servers in the network that a user is really who he/she claims to be for proving this, the mechanism pf tickets(which allows entry into server, just as ticket allows parking a car or entering a music concert) is used.
-following are the three primary steps in Kerberos Protocol :
Step 1: Login
The user uses public workstation & enters his name the workstation sends his name in plaintext to AS.
In response , the AS performs several actions. It first creates a package of the username (Alice) & a randomly generated session key (KS). It encrypts this package with the symmetric key that the AS shares with the Ticket Granting Server (TGS). The output pf this step is called the Ticket Granting Ticket (TGT) which can be opened only by the TGS, since only it possesses the corresponding symmetric key for decryption. The AS then continues the TGT with the session key (KS) & encrypts the two together using a symmetric key derived from the password of Alice (KA) thus final output can be opened by Alice.
After this message is received Alice’s workstation asks him for the password, When Alice enters it, the workstation generates the Symmetric Key (KA) derived from the password (uses that key to extract the session key(KS)) & the TGT. The workstation destroys the password of Alice from its memory immediately to prevent an attacker from stealing it, (Alice cannot open the TGT as it is encrypted with the key of the TFS) refer fig in step 1 diagram.
Step 2 : Obtaining a service granting ticket (SGT)
Assume that after a successful login, Alice wants to make the use of Bob – the email server for some email communication for this Alice would inform his workstation that he needs to contact Bob, Thus Alice needs a ticket to communicate with Bon. At this stage, Alice’s workstation creates a message intended for the Ticket granting server(TGS), which contains the following items :
a) the TGS in Step 1
b) the id of the server(Bob) whose service Alice is interested in.
c)The current timestamp, encrypted with the same session key (Ks) ( shown in the fig A )
The TGT is encrypted with the secret key of TGS, the TGT, KS were encrypted together by the as with the secret key derived from the password of Alice. Therefore, only Alice could have opened that package & retrieved the TGT
Once the TGS is satisfied of the credentials of Alice, the TGS creates a session key KAB, for Alice to have a secure communication with Bob, TGS sends it twice to Alice to have secure communication with Bob, TGS sends it twice to Alice once completed with Bob’s id (Bob) & encrypted with Bob’s secret key (KB) (shown in fig(B))
Step 3 : User contacts Bob for Accessing the server :
- Alice can now send KAB TO Bob in order to enter into a session with him, Since this exchange is also desired to be secure, Alice can simply forward KABA encrypted with Bob’s secret Key (which was received from TGS in Step 2) to Bob. This will ensure that only Bob can access KAB, to guard against replay attacks, Alice also sends the time stamp encrypted with KAB to Bob.
To know whether Bob received KAB correctly or not? Bob adds 1 to timestamp sent by Alice, encrypts the result with KAB & sends it back to Alice.
Since only Alice & Bob know KAB, Alice can open this packet & verify that the timestamp incremented by Bob was indeed the one sent by him to Bob in the 1st place.
Now Alice & Bo can communicate securely with each other. They would use the shared secret key KAB to encrypt messages before sending & also to decrypt the encrypted message received from each other.