Authentication protocols of remote desktop services
Remote desktop access is the ability to get accesses to a computer from a remote distance. It allows users fully control and access the remote computer as if they were sitting in front of the computer. For this reason, remote desktop application creates potential security threats over insecure netwo...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Final Year Project |
| Language: | English |
| Published: |
2013
|
| Subjects: | |
| Online Access: | http://hdl.handle.net/10356/52059 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| Summary: | Remote desktop access is the ability to get accesses to a computer from a remote distance. It allows users fully control and access the remote computer as if they were sitting in front of the computer. For this reason, remote desktop application creates potential security threats over insecure network, such as communication channel could be eavesdropped and the message transmitted could be modified even impersonation attacks could be mounted. Chris Hopen, co-founder of TappIn, said “The largest underlying problem with remote access technologies isn't with remote access; its poor identity validation and weak authentication”.
Thus, this project had analysed the authenticated key establishment protocol of two widely used remote desktop services: Virtual Networking Computing (VNC) and Remote Desktop Protocol (RDP). The analysis had shown that these two protocols were insecure and vulnerable to security attacks.
VNC used only challenge response to authenticate client which is weak. It was vulnerable to man-in-middle as it doesn’t authenticate server and attacker can easily impersonate the server. Moreover VNC transfer the data in plaintext which can be easily modified and replaced by attacker. RDP does achieved mutual authentication but only when the TLS channel was set up and configure correctly. Beside that a Morto Worm attack had been successfully break into RDP protocol even last year due to the weak password being used by client. Solutions such as establish the SSH or TLS while using VNC and RDP had been proposed. But it may result in false negative as exploitation on SSH and TLS was found. The report had also discussed the threats found on SSH and TLS.
In addition, Secure Remote Password (SRP) protocol, an authenticated key establishment protocol had been proposed and implemented to prevent those attacks found in VNC and RDP. When using SRP protocol, the password is not sent over the network and no useful information regarding the session key is revealed on the network. These resist the brute-force attack and man-in-middle attack that found on VNC and RDP. Furthermore, SRP had achieved mutual authentication and provided perfect forward secrecy. A prototype of remote desktop application using SRP protocol had been implemented successfully. It proved that SRP was better and suitable for a remote desktop application. |
|---|