The authentication protocol Kerberos allows a number of computers to prove their identity among them safely over an insecure network. The operation of the protocol is based on the Needham-Schroeder protocol, which defines a ''trusted third party'' called Key Distribution Center (KDC). William Stallings in his book Fundamentals of Network Security: Applications and Standards, Second Edition (p.394) defines a KDC as follows:
Authorized system to transmit temporary session key for users. Each session key is transmitted encrypted using a master key that the Key Distribution Center shares with the target user.
The KDC can be seen as a set of two logic stages: an authentication server (AS) and an ticket granting server (TGS). The AS has the function to identify each user, validate their identity and give the client a key that allows to communicate with the TGS. Furthermore, the TGS is the responsible server for checking that the client possesses the authentication ticket and provides a key to the user that allows access to the requested services. This scenario is shown in Figure # 1.
Figure # 1: Components and communication flow of Kerberos protocol.
It is clear that so far, none of the attacks carried out against full-AES has been successful, these attacks usually focus on reducing rounds. Many authors claim that none of the following types of attacks have been more effective than an exhaustive-key search:
- Linear cryptanalysis
- Differential Cryptanalysis
- Truncated diferencials
- Interpolation attacks
- Square attack
However, the ordered structure and the deep mathematical basis that AES uses, make it an object of study for new attacks proposals such as algebraic attacks. These attacks consist on propose an equation system, and with the unknowns of the system, it can deduce the key; one of the advantages of this type of attack, is the small number of known texts needed.
Security Protocol Animator (SPAN) is a free tool to check cryptographic protocols that helps in searching and characterization of attacks. The main advantage of this application is that allows different verification techniques using a same protocol. We can say, it is a graphical interface for managing HLPSL (High-Level Protocol Specification Language) and CAS + (an implementation of the Protocol Central Authentication), which allows the translation between these languages and also provides a friendly graphical user interface. SPAN helps to produce interactively sequences messages or MSC (Message Sequence Charts).
This tool is used for simulating cryptographic protocol, allows active or passive intruder simulation, the automatic attack's construction of the designed protocols. The protocol can be edited by means of HLPSL or CAS+, having the ability to convert between these languages. Some features of the graphical user interface are shown in Figure # 1.
Figure # 1: SPAN GUI description.
As we mentioned in a previous article, rounds that make up the AES algorithm can be divided into three different categories: initial rounds, standard round and final round. When encryption, the information is subjected to a different number of rounds (10, 12 and 14 respectively) in each case depending on the length of the key (128, 192 and 256 respectively). Each such round is made up of combinations of transformations, the possible transformations include: ByteSub, ShiftRow, MixColumns and AddRoundKey. Figure # 1 shows the relationship of the transformation and corresponding rounds.
Figure # 1: Distribution of the transformations in each round.