01- planning and configuring an authentication and authorization strategy

8/12/2019 01- Planning and Configuring an Authentication and Authorization Strategy

1/78

Module 1Planning and Configuring an

Authentication andAuthorization Strategy

Ing. Giuseppe Blacio Abad


2/78

Active Directory

What is a directory service?

Active Directory is a digital list containing

information about network resources, such as:

Computers Printers

Applications

People


3/78

Domains, Trees, And Forests


4/78

Active Directory Objects


5/78

Introduction

Network security is based on three fundamental

concepts: authentication, authorization, and the

principle of least privilege.


6/78

Authentication, Authorization, and

Least Privilege

Least privilege: provide users with the minimumprivileges needed to accomplish the tasks they areauthorized to perform

Authentication:the process ofverifying the identity of somethingor someone

User is really Ben Smith

Authorization:the process of determiningwhether something or someone haspermission to access a resource

Ben Smith has permission to access thisresource

User Resource


7/78

Authentication and Authorization

Authentication verifies who you are

Authorization specifies what you can do


8/78

Least privilege

The principle of least privilege states that you

should provide users with the necessary level of

privilege to perform their jobs and no more.

By restricting access that is not necessary to jobperformance, you can prevent malicious users

from using extraneous privileges to circumvent

network security.


9/78

Proof of Identity

Something you know: a password

Something you have: a smart card

Something you are: biometric data


10/78

Introducing Encryption

Secret key encryption:

One key, protected

Public key encryption:

Two keys, one distributed and one protected


11/78

Windows Server 2003

Authentication Protocols

A h P l W d


12/78

NTLM

Kerberos Default authentication protocol for Windows Server

2003, Windows 2000, and Windows XP Professional

Most secure

Authentication Protocols in Windows

Server 2003

Protocol Example

LMUsed in OS2 and Windows for Workgroups,Windows 95, Windows 98, and Windows MeLeast secure protocol

NTLMv1Used for connecting to servers running Windows NTService Pack 3 or earlier

NTLMv2Used for connecting to servers running Windows 2000,Windows XP, and Windows NT Service Pack 4 or higher


13/78

How NTLM Authentication Works

User Name, Domain

Security

Accounts

Database

Nonce2

User Password Hash + Nonce3

User Password HashUser Password Hash + Nonce

5

1

4

User Password Hash

4


14/78

How NTLM Authentication Works

1. The client sends the user name and domain name to thedomain controller.

2. The domain controller generates a 16-byte random

character string called a nonce.

3. The client encrypts the nonce with a hash of the user

password and sends it back to the domain controller.

4. The domain controller retrieves the hash of the user

password from the security account database.

5. The domain controller uses the hash value retrieved from

the security account database to decrypt the nonce. The valueis compared to the value received from the client. If the values

match, the client is authenticated.


15/78

Kerberos

The Kerberos protocol gets it name from the three-headed dog in Greek mythology who guards the entrance

to Hades


16/78

Kerberos

The three components of Kerberos are: The client requesting services or authentication.

The server hosting the services requested by the

client.

A computer that is trusted by the client and server


17/78

Kerberos

Kerberos authentication is based on specially formatteddata packets known as tickets.

In Kerberos, these tickets pass through the network

instead of passwords.

Transmitting tickets instead of passwords makes theauthentication process more resistant to attackers who

can intercept the network traffic.


18/78

Kerberos Efficiency. When a server needs to authenticate a client, the

server can validate the clients credentials without having to

contact a domain controller.

Mutual authentication. The client and the server identities are

validated to both the client and server.

Delegated authentication. Allows services to impersonateclients when accessing resources on their behalf.

Simplified trust management. Kerberos can use transitive

trusts between domains in the same forest and domains

connected with a forest trust. Interoperability. Kerberos is based on the IETF standards, and is

therefore compatible with other IETF-compliant Kerberos

realms.


19/78

Kerberos Key Distribution Center

(KDC)

To generate tickets, the KDC use the following two

services

Authentication Service (AS):

Issues ticket-granting tickets (TGTs)

Ticket-Granting Service (TGS):

Issues service tickets


20/78

Authentication Service (AS)

Issues ticket-granting tickets (TGTs) to users who

supply valid authentication credentials.

A TGT remains valid for a limited length of time

(typically 10 hours) and prevents the client fromhaving to re-authenticate each time it requests

access to a network resource.

Whenever the client requires access to a newnetwork resource, it must present its TGT to the

KDC.


21/78

Ticket-Granting Service (TGS)

Issues service tickets that provide users with

access to specific network resources.

Clients requesting access to a network resource

must present a valid TGT to the TGS beforereceiving a service ticket.


22/78

Kerberos Key Distribution Center

(KDC)

The KDC maintains a database of account

information for all security principals in the

domain.

The KDC stores a cryptographic key known onlyto the security principal and the KDC.

This key is used in exchanges between the

security principal and the KDC and is known as along term key.

The long term key is derived from a users logon

password.


23/78

Kerberos authentication process

In a Kerberos environment, the authentication

process begins at logon. The following steps

describe the Kerberos authentication process:

1. When a user enters a user name and password,the computer sends the user name to the KDC. The

KDC contains a master database of unique long

term keys for every principal in its realm.


24/78


2. The KDC looks up the users master key (KA),

which is based on the userspassword.

The KDC then creates two items: a session key (SA)

to share with the user and a Ticket-Granting Ticket(TGT). The TGT includes a second copy of the SA,

the user name, and an expiration time. The KDC

encrypts this ticket by using its own master key

(KKDC), which only the KDC knows.


25/78


3. The client computer receives the information

from the KDC and runs the users password

through a one-way hashing function, which

converts the password into the users KA. Theclient computer now has a session key and a TGT

so that it can securely communicate with the KDC.

The client is now authenticated to the domain and

is ready to access other resources in the domain byusing the Kerberos protocol.


26/78


Important When a client receives the session key

and TGT from the server, it stores that information

in volatile memory and not on the hard disk.

Storing the information in the volatile memory andnot on the hard disk makes the information more

secure, because the information would be lost if

the server were physically removed.


27/78


4. When a Kerberos client needs to access

resources on a server that is a member of the

same domain, it contacts the KDC. The client will

present its TGT and a timestamp encrypted withthe session key that is already shared with the

KDC. The KDC decrypts the TGT using its KKDC. The

TGT contains the user name and a copy of the SA.

The KDC uses the SA to decrypt the timestamp.The KDC can confirm that this request actually

comes from the user because only the user can use

the SA.


28/78


5. Next, the KDC creates a pair of tickets, one for

the client and one for the server on which the

client needs to access resources. Each ticket

contains the name of the user requesting theservice, the recipient of the request, a timestamp

that declares when the ticket was created, and a

time duration that says how long the tickets are

valid. Both tickets also contain a new key (KAB)that will be shared between the client and the

server so they can securely communicate.


29/78


6. The KDC takes the serversticket and encrypts it

using the server master key (KB). Then the KDC

nests the servers ticket inside the clients ticket,

which also contains the KAB. The KDC encrypts thewhole thing using the session key that it shares

with the user from the logon process. The KDC

then sends all the information to the user.


30/78


7. When the user receives the ticket, the user

decrypts it using the SA. This exposes the KAB to

the client and also exposes the serversticket. The

user cannot read the servers ticket. The user willencrypt the timestamp by using the KAB and send

thetimestamp and the serversticket to the server

on which the client wants to access resources.

When it receives these two items, the server firstdecrypts its own ticket by using its KB. This permits

access to the KAB, which can then decrypt the

timestamp from the client.


31/78


Now both the client and the server have the KAB.

The server can be sure that the client has truthfully

identified itself because the client used the KAB to

encrypt the timestamp.If it is necessary for the server to respond to the

user, the server will use the KAB. The client will

know that the server has truthfully identified itself

because the server had to use its KB to get the

KAB.


32/78

When a user enters a user name and password, thecomputer sends the logon credentials to the Key

Distribution Centre (KDC).

The KDC looks up the users master key (KA), which is based

on the users password. The KDC creates two items, a sessionkey (SA) to share with the user, and a Ticket Granting Ticket

(TGT).

How Kerberos Authentication Works

KAB

KAB

TGT+SA

TGT+Timestamp

Logon credentials

To access a resource, the client presents its TGT and a

timestamp encrypted with the session key

The KDC creates a pair of tickets, one for the client and one for theserver the client wants to access resources on. Both tickets also contain

a new key (KAB).


33/78

Cryptography Basics


34/78

Encryption Types

Symmetric encryption: The same key is used for

encryption and decryption. The key must be

exchanged so that both the data sender and the

recipient can access the plaintext data.


35/78

Encryption Types

Asymmetric encryption: Two mathematically

related keys, a key pair consisting of a public key

and a private key, are used in the encryption and

decryption processes. If the public key is used for encryption, the

associated private key is used for decryption.

If the private key is used for encryption, the

associated public key is used for decryption.


36/78

Algorithms and Keys

When data is encrypted, two inputs are

required for encryption: an algorithm and a

key.


37/78

Algorithms and Keys

Algorithm: defines how data is transformed

when original plaintext data is converted into

ciphertext and how the ciphertext is transformed

back to the original plaintext data. Both theencryption and decryption processes must use

the same algorithm.


38/78

Algorithms and Keys

Key: Used as an input to the algorithm, along

with the plaintext data, so that the algorithm can

encrypt plaintext data into ciphertext or decrypt

ciphertext back into plaintext data.


39/78

Algorithms and Keys

Security depends on the secrecy of the key, not

the secrecy of the algorithm


40/78

PKI Enabled application

Identify the algorithms that are supported by the

aplication

Generate a key for use with the algorithm

Determine a key distribution method provide areview of verifying and monitoring


41/78

Data Encryption

Encryption protects data against inspection

by unauthorized people.


42/78


43/78

Symmetric Encryption Process

The system generates a random symmetric key.

The length of the key, typically expressed in the

number of bits, is determined by the algorithm

and the application


44/78


45/78

Symmetric Algorithms

Data Encryption Standard (DES): An encryptionalgorithm that encrypts data with a 56-bit,

randomly generated symmetric key.

Triple DES (3DES): A variation on the DES

encryption algorithm in which DES encryption is

applied three times to the plaintext. The

plaintext is encrypted with key A, decrypted withkey B, and encrypted again with key C. A

common form of 3DES uses only two keys: The

plaintext is encrypted with key A, decrypted with

key B, and encrypted again with key A.


46/78

Symmetric Algorithms

Advanced Encryption Standard (AES):Developed as a successor to DES, rather than

using a 56-bit key, AES is able to use 128-bit,

192-bit, and 256-bit keys. AES uses the Rijndael

algorithm and can encrypt data in one passinstead of three (as is the case with 3DES).

Average time required for


47/78

Average time required for

exhaustive key search

Key Size (bits) Number of

Alternative Keys

Time required at

106 Decryption/s

32 232

= 4.3 x 109

2.15 milliseconds

56 256= 7.2 x 1016 10 hours

128 2128= 3.4 x 1038 5.4 x 1018years

168 2168= 3.7 x 1050 5.9 x 1030years


48/78

Key Distribution

1. A key could be selected by A and physicallydelivered to B.

2. A third party could select the key and physically

deliver it to A and B.

3. If A and B have previously used a key, one party

could transmit the new key to the other,

encrypted using the old key.

4. If A and B each have an encrypted connectionto a third party C, C could deliver a key on the

encrypted links to A and B.


49/78

Key Distribution

Session key: Data encrypted with a one-timesession key. At the conclusion of the session the

key is destroyed

Permanent key: Used between entities for the

purpose of distributing session keys.


50/78

Asymmetric Encryption

Asymmetric encryption increases the security ofthe encryption process by utilizing two separate

but mathematically related keys known as a

public key and a private key.

The encryption process is more secure because

the private key is possessed only by the user or

computer that generates the key pair. The public

key can be distributed to any person who wishesto send encrypted data to the private key holder.


51/78

Asymmetric Encryption

The complexity of the asymmetric encryptionalgorithm make the encryption process much

slower.

Symmetric encryption is at least 100 times faster

than asymmetric encryption when using

software-based cryptography and can be as

much as 10,000 times faster when using

hardware-based cryptography.


52/78

Asymmetric Encryption Process


53/78

Asymmetric Encryption Process

1. The data sender obtains the recipients publickey. This can be sent to the data originator by the

recipient or retrieved from a directory, such as AD

DS.

2. The plaintext data is passed through an

asymmetric encryption algorithm, using the

recipients public key as the encryption key. The

encryption algorithm creates the encryptedciphertext.


54/78

U f S t i d A t i


55/78

Use of Symmetric and Asymmetric

Encryption

It is very rare for an application to use only an

asymmetric encryption algorithm. Typically, the

data is encrypted with a symmetric algorithm,

and then only the symmetric encryption key is

encrypted with the asymmetric encryption

algorithm.


56/78

Asymmetric Signing Process

Asymmetric signing proves the senders identityand prevents the data from being modified.


57/78


1. The plaintext data is passed through anasymmetric encryption algorithm, using the

originatorsprivate key as the encryption key. The

result of the encryption algorithm is the encrypted

ciphertext.

2. The ciphertext is sent or made available to the

recipient.


58/78


3. The data recipient obtains the originatorspublic key. The public key can be sent with the

ciphertext, or the recipient can obtain the public

key from a trusted source, such as a directory.

4. The recipient decrypts the ciphertext with the

originators public key. The resulting plaintext is

the original plaintext created by the data

originator.


59/78

Asymmetric Algorithms

Diffie-Hellman Key Agreement

Rivest Shamir Adleman (RSA)

Digital Signature Algorithm (DSA)


60/78

Diffie-Hellman Key Agreement

This algorithm is not based on encryption anddecryption but instead relies on mathematical

functions that enable two parties to generate a

shared secret key for exchanging information

online confidentially.


61/78

Rivest Shamir Adleman (RSA)

This algorithm can be used for encrypting andsigning data. The encryption and signing

processes are performed through a series of

modular multiplications.

The security of the RSA algorithm can be

increased by using longer key lengths, such as

1,024 bits or morethe longer the key length,

however, the slower the encryption or signing

process.


62/78

C bi i S t i d A t i


63/78

Combining Symmetric and Asymmetric

Encryption

In most applications, symmetric and asymmetric

encryption are combined to take advantage of

each methodsstrengths.


64/78


65/78

Symmetric and Asymmetric Encryption


66/78


Process

1. The sender retrieves the recipients public key.

In an AD DS environment, the sender retrieves the

public key from a trusted source, such as AD DS.

2. The sender generates a symmetric key and usesthis key to encrypt the original data.

3. The symmetric key is encrypted with the

recipientspublic key to prevent the symmetric key

from being intercepted during transmission.



67/78


Process

4. The encrypted symmetric key and encrypted

data are provided to the intended recipient.

5. The recipient uses his or her private key to

decrypt the encrypted symmetric key.

6. The encrypted data is decrypted with the

symmetric key, which results in the recipient

obtaining the original data.


68/78

Digital Signing of Data

The goal of cryptography is three-fold:

Keep data secret,

Identify if data has been modified

Prove the source of the data.

Although encryption can keep data secret and

protect data against modification, only digitalsigning proves the source of the data in addition

to protecting the data from modification.


69/78


70/78

Message Digest


71/78

The Hash Process

A hash algorithm takes a plaintext document as

input and produces a mathematical result for the

two inputs. This mathematical result is referred to

as a hash value, message digest, digest, orthumbprint.

A digital signature applied to the resulting

message digest identifies who signed the message

digest.


72/78

The Hash Process

A hash function H is a transformation that takes a

variable-size input m and returns a fixed-size

string, which is called the hash value h

h = H(m)


73/78

Hash Algorithms

Message Digest 5 (MD5): This algorithm takes a

message of any length and produces a 128-bit

message digest.

Secure Hash Algorithm 1 (SHA1): This algorithmtakes data that is less than 264 bits in length and

produces a 160-bit message digest.

Combining Asymmetric Signing and


74/78

g y g g

Hash Algorithms

Combining Asymmetric Signing


75/78


and Hash Algorithms

1. The originator creates a plaintext data file.

2. The originatorssoftware runs a hash algorithm

against the plaintext message to create a message

digest.

3. The digest is encrypted using the originators

private key.

4. The plaintext message and the encrypted digestare sent or made available to the recipient.



76/78


and Hash Algorithms

5. The recipient decrypts the encrypted digest by

using the senderspublic key.

6. The recipient runs the same hash algorithm

used by the sender to create his or her own digestof the message. This digest is created against the

plaintext message received from the originator.

7. The two digests are compared. If the digests

differ, the message or digest has been modified

during transmission.

Combining Asymmetric Signing and


77/78

g y g g

Hash Algorithms


78/78

Encryption vs Hashing

Encryption is for maintaining data confidentiality

and requires the use of a key (kept secret) in

order to return to plaintext.

Hashing is for validating the integrityof contentby detecting all modification thereof via obvious

changes to the hash output.

01- planning and configuring an authentication and authorization strategy

Documents