Sto cercando di capire l'autenticazione Kerberos.
Finora la mia comprensione è:
Supposing 'Alice' (A) wants to talk to 'Bob' (B).
Step 1:
A -> S: {A, B, None} K(A, S) Where S is the Kerberos Server, and K(A,S) is a key to communicate between A and S.Step 2:
S->A {K(A,B), {K(A,B), A} K(B,S)} K(A,S) Server returns the key used to communicate between A and B and a second copy of such key encrypted with a key used to share information between B and S K(B,S). K(B,S) is not known to A. All of this is encrypted with K(A,S).Step 3:
{K(A,B), A} K(B,S) A sends B the key they will used encrypted with K(B,S)Step 4:
B->A {Nonce} K(A,B) B decrypts the message and sends back a Nonce encrypted using K(A,B)Step 5:
A->B {Nonce+1} K(A,B) Sanity test that they are on the same key
Quindi:
If S doesn't authorize the communication between A and B, it wouldn't have certified the key K(A,B) to B. By encrypting {K(A,B) A} K(B,S) we guarantee that S has validated the process. A doesn't have K(B,S), so couldn't validate it itself.
If 'A' used a different key, say K(B,S)' which they attempted passing off, they would be sending: {K(A,B) A} K(B,S)'. When B deciphered this using K(B,S), as the message would have been encrypted using a different key, it wouldn't result in K(A,B), rather some K(A,B)'. So, when B sent back {Nonce} K(A,B)' A wouldn't be able to retrieve the Nonce and complete the authentication.
L'ho capito correttamente?
Inoltre (penso che questa possa essere una domanda separata): in che modo Kerberos imposta in modo sicuro K (A, S) e K (B, S) in modo sicuro? E come fa Kerberos a garantire che "A" sia chi dicono di essere?