Please use this identifier to cite or link to this item: https://hdl.handle.net/10356/52059
Title: Authentication protocols of remote desktop services
Authors: Teo, Hui Ling.
Keywords: DRNTU::Engineering::Computer science and engineering
Issue Date: 2012
Abstract: Remote desktop access is the ability to get accesses to a computer from a remote distance. It allows users fully control and access the remote computer as if they were sitting in front of the computer. For this reason, remote desktop application creates potential security threats over insecure network, such as communication channel could be eavesdropped and the message transmitted could be modified even impersonation attacks could be mounted. Chris Hopen, co-founder of TappIn, said “The largest underlying problem with remote access technologies isn't with remote access; its poor identity validation and weak authentication”. Thus, this project had analysed the authenticated key establishment protocol of two widely used remote desktop services: Virtual Networking Computing (VNC) and Remote Desktop Protocol (RDP). The analysis had shown that these two protocols were insecure and vulnerable to security attacks. VNC used only challenge response to authenticate client which is weak. It was vulnerable to man-in-middle as it doesn’t authenticate server and attacker can easily impersonate the server. Moreover VNC transfer the data in plaintext which can be easily modified and replaced by attacker. RDP does achieved mutual authentication but only when the TLS channel was set up and configure correctly. Beside that a Morto Worm attack had been successfully break into RDP protocol even last year due to the weak password being used by client. Solutions such as establish the SSH or TLS while using VNC and RDP had been proposed. But it may result in false negative as exploitation on SSH and TLS was found. The report had also discussed the threats found on SSH and TLS. In addition, Secure Remote Password (SRP) protocol, an authenticated key establishment protocol had been proposed and implemented to prevent those attacks found in VNC and RDP. When using SRP protocol, the password is not sent over the network and no useful information regarding the session key is revealed on the network. These resist the brute-force attack and man-in-middle attack that found on VNC and RDP. Furthermore, SRP had achieved mutual authentication and provided perfect forward secrecy. A prototype of remote desktop application using SRP protocol had been implemented successfully. It proved that SRP was better and suitable for a remote desktop application.
URI: http://hdl.handle.net/10356/52059
Schools: School of Computer Engineering 
Rights: Nanyang Technological University
Fulltext Permission: restricted
Fulltext Availability: With Fulltext
Appears in Collections:SCSE Student Reports (FYP/IA/PA/PI)

Files in This Item:
File Description SizeFormat 
SCE12-0306.pdf
  Restricted Access
FYP3.11 MBAdobe PDFView/Open

Page view(s) 1

1,664
Updated on Oct 9, 2024

Download(s) 50

75
Updated on Oct 9, 2024

Google ScholarTM

Check

Items in DR-NTU are protected by copyright, with all rights reserved, unless otherwise indicated.