Meet the Three-headed Hell-hound … Kerberos

Meet the Three-headed Hell-hound … Kerberos

… and Trent

Introduction

As we become more dependent on the Web, we can never be 100% sure that everything is correct and as it should be. This might relate to receiving an email from someone who says that they know you, but how can you tell if the person is genuine? The email address looks fine, but the email content does not have the same writing style as the person who normally writes from that email address. Unfortunately there is very little that we can do, at present, to determine if this is genuine, but things are changing, and it is trust that is becoming the key element of how we interact with the Web.

Bruce Schneier highlights this, in that we are entering a new phase, and defines that:

Trust and cooperation are the first problems we had to solve before we could 
become a social species. In the 21st century, they have become the most important problems we need to solve — again.Our global society has become so large and complex that our traditional trust mechanisms no longer work.

Our existing trust infrastructure — the PKI (Public Key Infrastructure) — is not really fit for purpose, as we rely on centralised entity to create the trust. With Kerberos we setup our own trust server, and register the verify the entities we trust.

So What?

So let’s relate this to real life. Bob and Alice trust Trent but want a way to identify each other and communicate in a secret way. So Alice goes to Trent and says that she has to prove her identity to Bob, and vice-versa. For this Trent will make a special key for a box, and will make a copy for Bob and Alice (he might also keep a copy for himself, just in case they lose them). Trent will then take a photograph of Alice, and write down the date and time on it, and the amount of time he can verify Alice for. He will then put it into the box, and gives the box to Alice, along with the key. Along with this, he will give her a sealed letter for the attention Bob which has his stamp on it. Inside will be a photograph of Alice that he took, and the secret key, along with the date/time that he created the key.

Alice goes home, and then puts her photograph in the box, and locks it with the secret key. She then passes the box, without the key, along with the sealed letter to Bob. Bob opens the sealed letter, which has a key inside to open up the box, and which has the photograph that Trent took of Alice. Bob then opens the box with the secret key provided by Trent and takes out the photograph that Alice has provided. If it is the same as the one that Trent put in the sealed letter, Bob thus verifies Alice’s identity.

Bob and Alice now have the same key to open and close the secret box, and can now use it to send secret messages to each other. No-one else will have that unique key, thus any messages in there must have been provided by Bob and Alice.

Kerberos (The Three-headed Beast)

Users must thus ask themselves who they trust on the Internet? We can use hash signatures to determine if the information has been changed, but how can we be sure that the person who created the data, and signed it, is actually the person who they say they are. So the only way we can properly identify two users to each other is to use a trusted partner who both parties trust, and thus we introduce the concept of Trent, who is trusted by both Bob and Alice.

In a legal system, Trent is a lawyer, who is trusted enough to see through a house sale and to take the money from Bob’s account, and then place it in Alice’s account, and where Trent has to places the funds in his own account as part of the transfer. Bob and Alice trust Trent enough that he will not deposit the money in his account, and then run off with the money. Trust is thus a key part of our lives and as citizens, we have developed strong trust relationships, such as with the legal systems, the police, and with our banks. We thus trust our banks to be able to look after our money, and not to go and use it to invest in dodgy deals, and use the money to pay high salaries to their executives — or do we? If not, then are trust has reduced, as banks at one time were seen to be a safe place to deposit money, and then be able to take it out again.

So we now have three parties involved: Bob, Alice and Trent. So where does Kerberos come in? Well Kerberos (or Cerberus) was defined in Greek and Roman mythology as, typically, a three-headed dog. It is often known as the hellhound that guards the gates of the Underworld, in order to stop those who have crossed the river Styx from escaping. As we’ll find both the description of the three-headed beast fits the three-way communication, and also that the protocol is a bit of a beast.

The Detail of the Encryption

One of the best protocols for implementing this trust infrastructure is Kerberos. It is fairly complex in its implement, but it supports both the security of the transmitted data between Bob and Alice, and also proves the identity of both Bob and Alice. So with the Kerberos protocol, Alice and Bob first deposit their secret keys, and will define their unique identifies (such as their email addresses). Trent will then be trusted to store these keys. What we need now is to generate a session key between Bob and Alice that they can use, and also to be able for Trent to prove Alice’s identity to Bob, and also Bobs identity to Alice. An example is here:

Kerberos encryption

Step 1: First Alice sends her identity, and Bob’s to Trent, who will then find the keys where relate to them.

Step 2: Next Trent creates a random key to be used for the session key, and create a Timestamp (T), a Lifetime (L), which define the starting time for the trust relationship, and how long it will be valid for. He will then create two parts to send back to Alice:

EA(T,L,K,B) and EB(T,L,K,A)

where is the first part is encrypted with Alice’s secret key, and the other part is encrypted with Bob’s secret key.

Step 3: Next Alice will decrypt the first part, and can thus determine T (the timestamp), L (the lifetime), K (the session key) and B (Bob’s Identity). Alice now knows the session key (K), and now uses it to encrypt the Timestamp (T) and Alice’s Identity (A) to Bob, along with the second part of the message from Trent [EB(T,L,K,A)]:

EK(T,A) and EB(T,L,K,A)

Step 4: Bob will then decrypt the second part, and determines the session key (K), which can be used to decrypt the first part. He will then check Alice’s identity is the same as the one that Trent sent.

Step 5: Bob takes the time stamp and add one onto it, and sends back to Alice:

EK(T+1)

Step 6: Alice then decrypts with the session key, and checks the timestamp. If it checks with the expected value, then Bob has proven his identity. Bob and Alice and now communicate using the session key, and be secure, as only Trent will know the session key.

So Bob and Alice trust Trent! The key fundamental element of this, is that Bob never has to communicate with Trent, as he knows that the only person who has his key is Trent, so he is the only one able to encrypt the information contained within the information sent by Alice. Alice then cannot change her identity, as Bob will be able to determine this by checking what Trent has said is Alice’s identity is, with the identity that Alice produces, using the session key.

Conclusions

The core of security on the Internet — PKI — is flawed. We need new ways to define trust. Kerberos can be rather difficult to setup on a system, but it provides a more scaleable way to implement trust. Having your own trust architecture is much better than relying on someone else’s, as it is one of the most fundamentals parts of our data infrastructure.