SESAME Protocol Vulnerabilities

B.

Sesame is an authentication and access control protocol, that also supports communication confidentiality and integrity.

It provides public key based authentication along with the Kerberos style authentication, that uses symmetric key cryptography.

Sesame supports the Kerberos protocol and adds some security extensions like public key based authentication and an ECMA-style Privilege Attribute Service.

The users under SESAME can authenticate using either symmetric encryption as in Kerberos or Public Key authentication.When using Symmetric Key authentication as in Kerberos,SESAME is also vulnerable to password guessing just like Kerberos would be.The Symmetric key being used is based on the password used by the user when he logged on the system.If the user has a simple password it could be guessed or compromise.Even thou Kerberos or SESAME may be use, there is still a need to have strong password discipline.

The Basic Mechanism in Sesame for strong authentication is as follow: The user sends a request for authentication to the Authentication Server as in Kerberos, except that SESAME is making use of public key cryptography for authentication where the client will present his digital certificate and the request will be signed using a digital signature.

The signature is communicated to the authentication server through the preauthentication fields.

Upon receipt of this request, the authentication server will verifies the certificate, then validate the signature, and if all is fine the AS will issue a ticket granting ticket (TGT) as in Kerberos.

This TGT will be use to communicate with the privilage attribute server (PAS) when access to a resource is needed.

Users may authenticate using either a public key pair or a conventional (symmetric) key.

If public key cryptography is used, public key data is transported in preauthentication data fields to help establish identity.

Kerberos uses tickets for authenticating subjects to objects and SESAME uses Privileged Attribute Certificates (PAC), which contain the subjects identity, access capabilities for the object, access time period, and lifetime of the PAC.

The PAC is digitally signed so that the object can validate that it came from the trusted authentication server, which is referred to as the privilege attribute server (PAS)

The PAS holds a similar role as the KDC within Kerberos.

After a user successfully authenticates to the authentication service (AS), he is presented with a token to give to the PAS.

The PAS then creates a PAC for the user to present to the resource he is trying to access.

Reference(s) used for this question: http://srg.cs.uiuc.edu/Security/nephilim/Internal/SESAME.txt and KRUTZ, Ronald L.

& VINES, Russel.

D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, 2001, John Wiley & Sons, Page 43.

SESAME, which stands for Secure European System for Applications in a Multi-vendor Environment, is a security protocol similar to the Kerberos protocol. It is designed to provide secure communication over an insecure network, such as the Internet.

Like Kerberos, SESAME is subject to certain security risks. One of these risks is timeslot replay attacks. This type of attack involves an attacker intercepting and re-sending a previously recorded message or transaction to the server. The server will then accept the message as if it were a legitimate message and provide the attacker with access to the system.

Password guessing is not a threat to SESAME as it uses strong encryption to protect user credentials. Therefore, an attacker cannot easily guess the user's password.

Symmetric key guessing is also not a threat to SESAME because it uses a different key distribution method than Kerberos. Kerberos uses a single key distribution center (KDC) to distribute session keys, whereas SESAME uses a distributed key generation (DKG) method, which makes it more resistant to attacks.

Asymmetric key guessing is also not a threat to SESAME because it uses symmetric encryption, which means that the same key is used for encryption and decryption. Asymmetric encryption, on the other hand, uses two different keys, one for encryption and one for decryption.

Therefore, the correct answer to the question is A, timeslot replay attacks, as SESAME, like Kerberos, is subject to this type of attack.