Secure Communications Flashcards
(17 cards)
What does TLS stand for?
Transport Layer Security
What does TLS protect?
Info passed between browsers and Web servers
What two protocols make up TLS?
Handshake protocol, Record Protocol
What is the Handshake protocol?
Use public key cryptography to establish a shared secret key between client and server
What is the Record Protocol?
Use the secret key from Handshake protocol to protect client-server conversation
4 steps of Handshake Protocol
1) Client sends Hello to Server. 2) Server sends certificate, how key exchange will happen, and request for client certificate 3) Client gives certificate, agree on key exchange method and verifies server certificate 4) Once server verified, client switches to encrypting with server’s public key
What is Kerberos?
Network Authentication Protocol
What does Kerberos allow?
Allows users to access services across a network
Difference between Kerberos and TLS authentication?
TLS, server authenticates, Kerberos clients and servers mutually authenticate with username and password
What are tickets in Kerberos?
Proof of user identity, shown to application servers, Issued by Authentication Server
What is Phase 1 of Kerberos?
User gets Ticket Granting Ticket (TGT) from Authentication Server
What is Phase 2 of Kerberos?
User uses TGT to get ticket for the service they need to access. Get this from Ticket Granting Server
What is Phase 3 of Kerberos?
User accessed service
What is the Key Distribution Center (KDC)?
Model comprised of Authentication Server and Ticket Granting Server
Limitations of Kerberos: What is the limitation regarding KDC? How to mitigate?
KDC down, no one can log in. Can implement multiple KDCs
Limitations of Kerberos: What is the limitation regarding passwords?
Vulnerable to password guess attacks, as password doesn’t change
Limitations of Kerberos: What is the limitation regarding user workstation?
Assumes user workstation is secure
