Blog

Categories:
25. 1. 2025
Security Cryptography
SASL analysis, part three

SASL Analysis, part three

After previous episodes, mainly focused on client-to-server authentication, the aim of this episode is to focus on individual technologies used to choose the authentication method and on methods providing authentication to a third party. For each protocol, its properties and structure of protection mechanisms will be mentioned again. The aim is to provide material on which to base the analysis of the technologies used. To return to the previous episode, you can use the link SASL Analysis, Part Two.

Introductory terminology for GS2-*, GSSAPI, GSS-SPNEGO, SPNEGO, NEGOEXT

As mentioned in the first episode, these protocols provide selections or calls for other mechanisms through internal mechanisms. To illuminate how exactly they work, it is necessary to explain the history of the development of the SASL mechanism and the development of user authentication in operating systems.
GSSAPI: The success and security of the Kerberos protocol triggered the need for a universal interface. Because the implementations sometimes differed significantly from one another, it was created to standardize the GSSAPI interface, but it was not standardized until 1993 (RFC 1508). Thus, the GSSAPI interface serves primarily for the Kerberos protocol, although over time the ability to call other authentication mechanisms has been added. Its equivalent in the Microsoft operating system environment is the SSPI interface, which is not fully compatible with GSSAPI. If a call from the SSPI environment against GSSAPI is combined, it is necessary to explicitly specify the missing information within the communication, otherwise the authentication may not happen at all. This is a kind of gray area, which falls on differences in implementation. GSSAPI was already incorporated in the basic SASL standard, today unofficially called SASL1. It is therefore an interface that for historical reasons can be offered as a method, leading to chaos and confusion.
SPNEGO: In the Microsoft operating system environment, a request was made for the possibility of using the Kerberos or NTLM mechanism based on system capabilities and requirements. This request led to the SPNEGO interface, which allowed the user to request the use of the available service when authenticating. This service was selected by the server based on the information provided by the client and the available methods on its side. This mechanism allows calling methods such as the Kerberos Network Authentication Service (RFC 4120, for both SASL and Microsoft Windows), User to User Kerberos Authentication (Microsoft Windows only), the Extended GSSAPI Negotiating mechanism NEGOEXT (OID 1.3.6.1.4.1.311.2.2.30, Microsoft Windows only), the NT LanMager authentication protocol, known as NTLM (for both SASL and Microsoft Windows) and DIGEST-MD5 (SASL only). Standardization took place in 1998 (RFC 2478), support for this mechanism also appeared in later versions of SASL. For this reason, there was also further confusion in the naming and calling capabilities of these methods.
GSS-SPNEGO: Generic SPNEGO interface available through GSS-API.
GS2: The GS2 interface, more specifically GS2-[method] came into existence a few years later, as part of the SASL mechanism. The primary purpose was a standardized method for accessing GSSAPI, which was subsequently expanded to include the ability to call other supported methods integrated in SASL. More specifically, it was a version with the unofficial name SASL2, which had a significantly changed architecture to make it more extensible. Despite support for other mechanisms, the main supported method in GS2 remains Kerberos (GS2-KRB5). Thus, in the case of GS2, it is a method designed to use GSSAPI to call specific authentication mechanisms.
NEGOEXT: It is one of Microsoft's proprietary mechanisms within the GSSAPI interface. The mechanism is based on SPNEGO, but is not standardized. It also extends the ability to call authentication procedures outside of regular NTLM and Kerberos5 to include mechanisms such as OAUTH, OpenID, and others designed for federated identities. Examples include authentication against cloud systems such as Azure. NEGOEXT can be identified by (OID 1.3.6.1.4.1.311.2.2.30). NEGOEXT is thus an extension of SPNEGO mechanisms.
GSS-SPNEGO: The general SPNEGO interface available through the GSS-API.
GS2: The GS2 interface, more specifically the GS2-[method] was created a few years later, as part of the SASL mechanism. The primary purpose was a standardized method for accessing GSSAPI, which was subsequently expanded to include the ability to call other supported methods integrated in SASL. More specifically, it was a version with the unofficial name of SASL2, which had a significantly changed architecture to make it more extensible. Despite the support for other mechanisms, the main supported Kerberos method (GS2-KRB5) remains in GS2. Thus, in the case of GS2, it is a method designed to use GSSAPI to call specific authentication mechanisms.
NEGOEXT: It is one of Microsoft's proprietary mechanisms within the GSSAPI interface. The mechanism is based on SPNEGO, but is not standardized. It also extends the ability to call authentication procedures outside of normal NTLM and Kerberos5 to include mechanisms such as OAUTH, OpenID, and others, designed for federated identities. Examples include authentication against cloud systems such as Azure. NEGOEXT can be identified by (OID 1.3.6.1.4.1.311.2.2.30). NEGOEXT is therefore an extension of SPNEGO mechanisms.

SPNEGO and SPNEGO-PLUS

In this particular case, it is debatable whether to rate the algorithm as an authentication algorithm or a mechanism allowing a choice between Kerberos Network Authentication Service (RFC 4120), User to User Kerberos Authentication (Microsoft Windows only), Extended GSSAPI Negotiating mechanism NEGOEXT (OID 1.3.6.1.4.1.311.2.2.30), NT LanMager authentication protocol, known as NTLM and DIGEST-MD5 (SASL only). GSSAPI is usually used for the call, in the case of Microsoft Windows, it is possible to use the SSPI interface (API for SPNEGO and other mechanisms, differences and relationships already mentioned in the first part) with reservations.
During the authentication process, the client sends a list of supported mechanisms to the server and the server chooses the login method. All exchanges of information take place through the SPNEGO mechanism until the selection is finished, then communication continues directly with the selected authentication mechanism. For the extended SPNEGO-PLUS method, the rule is again that the algorithm is cryptoprimitively bound to a specific communication channel (that is, SPNEGO-PLUS requires information about the communication channel and provides a link of the communication channel to the given login). Of interest is the SSPI property, which is not fully compatible with GSSAPI and in this case it is necessary to inform the mechanisms accordingly in order to complete the authentication at all. Only the SPNEGO method can be used through this interface, not the SPNEGO-PLUS method. Furthermore, although SPNEGO supports SSO (Single-Sing On) technology, it is necessary to avoid NTLM or DIGEST-MD5 authentication and to support only secure methods (Kerberos). The above login method is intended mainly for systems using the SMB (Samba) protocol and for web server access authentication, it corresponds to the specification within RFC 4178.

Channel Binding: Only for the PLUS version.
Realms: Yes
Crypto-primitives: Obsolete (NTLM and Kerberos), current (Kerberos)
Number of pages on authentication: 2 for NTLM, 3 for Kerberos
PQC/QRC: No
ZKP: No
Crypt interface support: Under certain conditions
Tokenization: N
Uniqueness: N/A
Credentials protection: N/A
Replay protection: N/A
Relay protection: N/A
Hijack protection: N/A
Forge protection: N/A
MFA support: N/A
Integrity protection: N/A
Encryption type: N/A

GS2-*, GSSAPI, GSS-*

The GSSAPI interface allows access to a large number of different authentication mechanisms, GS2 being a mechanism capable of calling those APIs within SASL. GSS-* mechanisms are then custom mechanisms that can be called directly via API.

Channel Binding: For the PLUS version only.
Realms: Yes
Crypto-primitives: Obsolete (NTLM and Kerberos), current (Kerberos)
Number of pages in authentication: 2 for NTLM, 3 for Kerberos
PQC/QRC: No
ZKP: No
Crypt interface support: Under certain conditions
Tokenization: Maybe
Uniqueness: N/A
Credentials protection: N/A
Replay protection: N/A
Relay protection: N/A
Hijack protection: N/A
Forge protection: N/A
MFA support: N/A
Integrity protection: N/A
Encryption type: N/A

GS2-KRB5, GS2-KRB5-PLUS

This is a GS2-group method (GSS SASL), provided through GSS-APIs. More about GS2-KRB5 in KERBEROS_V5, GS2-KRB5-PLUS method contains an extra link to the channel that transmits information. An example is SSL/TLS. More about this method again in the KERBEROS_V5 section.

KERBEROS_V4

In 1983, the Athena project was created at MIT (Massachusetts Institute of Technology) in collaboration with DEC and IBM. Its goal was to create a tool for networks at this university. Kerberos was an authentication tool and was one of the tools within this project. Due to the nature of the protocol, which allowed users to authenticate themselves using central systems, it was necessary to approach this process differently than with normal systems, thus protecting user secrets from eavesdropping and misuse. The first version of the Kerberos protocol dates back to before the Athena project, neither the first nor the second version was ever publicly available. The third version was created in 1988, and only the fourth version gained attention. Since then, the flow of communication messages has not changed, so the data flows are the same for both Kerberos v4 and Kerberos v5. The main authors were Steve Miller and Clifford Neumann, but other collaborators from that project worked with them on the protocol.
Kerberos v4 uses a fixed message structure, the service ticket is 256B in size and therefore cannot be expanded at will. Of course, this structure significantly reduces usability, it is not possible to transport user-related expanded data with the above protocol. Similarly, it used a single time zone and was not able to work between time zones, only the DES algorithm was used for encryption. In addition, the first versions of the Kerberos protocol were burdened with export restrictions, i.e. DES with a 40b key was used. For this reason, there were two other implementations created outside the U.S. that did not have these restrictions.
The description of the protocol is in the next paragraph for Kerberos v5. For encryption, the DES algorithm was generally used in CBC mode, which could not be changed. For some information, encryption using DES-ECB, or DES-PCBC, was used, for checking cryptograms, a simple cryptographic checksum based on DES-CBC was used. All messages were provided with a checksum using CRC-32.

Channel Binding: No
Realms: Yes
Crypto-primitives: Obsolete (DES)
Number of pages on authentication: 3 for Kerberos
PQC/QRC: No
ZKP: No
Crypt interface support: No
Tokenization: Yes
Uniqueness: N/A
Credentials protection: Yes
Replay protection: Yes
Relay protection: N/A
Hijack protection: N/A
Forge protection: N/A
MFA support: N/A
Integrity protection: N/A
Encryption type: Internal

KERBEROS_V5

In 1993, the development of the Kerberos project continued with another version. The protocol was reworked, the dynamic structure started to be used. The new version started to support time zones, which solved the original logging problems. Furthermore, the previous version had a precisely defined protocol structure, but the new version started to use a dynamic structure for the data based on the ASN.1 structure and the DER format. These abbreviations can also be found on certificates. ASN.1 is a symbolic language describing the data structure, DER is an encoding format ensuring the unambiguously shortest possible length of the data. This is advantageous in case of any digital signature, because the data is unambiguously arranged. In addition, the actual structure thanks to the ASN.1 structure allows the transfer of data that was not part of the design. An example is the authorization information in the Microsoft Active Directory, where the service ticket contains a list of affiliations to PACs (Priviledge Attribute Certificate). This of course also has its limitations, for the Kerberos protocol they are rather technical. In the Microsoft Windows network environment, the limitations are tied to the maximum size of the PAC record, which for each version is as follows:
- Windows 2000 and others - 8KB
- Windows 2003 and others - 12KB
- Windows 2008 and others - 48KB
- Windows 2012 and others - 64KB, the value can be changed by configuration
More about the Kerberos protocol and especially about implementation in Microsoft Windows can be found in the Authentication to shared folders using the SMB

Kerberos Protokol

Breakdown of exchanged messages:

  • S1: AS REQUEST, part of the client's query for AS.
           IDClient||TimestampClient||NonceClient
  • R2: AS REPLY, part of AS response.
           KKTS=Enc(KClient,KKTS)
  • R3: AS REPLY, part of AS response.
           TGT=Enc(KTGS,IDClient||KClient||Lifetime||..)
  • S4: TGS REQUEST, part of message for TGS.
           Enc(KTGS, TGT) - copy of encrypted TGT ticket from previous step
  • S5: TGS REQUEST, part of message for TGS.
           Enc(KTS, IDClient||Timestamp||..)||IDServer||NonceClient
  • R6: TGS REPLY, part of the message on TGS.
           Enc(KAP, KSS)
  • R7: TGS REPLY, part of the message on TGS.
           Enc(KTS, IDClient||KSS||Lifetime||..)
  • S8: AP REQUEST, part of the message to the application server.
           Enc(KAP, KSS) - copy of Session key from previous step
  • S9: AP REQUEST, part of the message to the application server.
           Enc(KSS, IDClient||Timestamp)
  • R10: AP REPLY, part of the application server response. This response occurs only in the case of mutual authentication
           Enc(KSS, TimestapmServer)
  • S10: PAC VALIDATION REQUEST, part of optional client authentication by application server on TGS. It is generally not used.
           Enc(KAP, PAC Signature||PAC Info||TGT||Timestamp)
  • R11: PAC VALIDATION RESPONSE, part of optional client authentication by application server on TGS. It is generally not used.
           Enc(KAP, Validated PAC Signature||Validated PAC Attributes||Timestamp)

Code Algorithm State
0x01hdes-cbc-crcObsolete
0x02hdes-cbc-md4Obsolete
0x03hdes-cbc-md5Obsolete
0x04hreservedN/A
0x05hdes3-cbc-md5Obsolete
0x06hreservedN/A
0x07hdes3-cbc-sha1Obsolete
0x09hDSAWithSHA1-CmsOIDObsolete
0x0ahMD5WithRSAEncryption-CmsOIDObsolete
0x0bhSHA1WithRSAEncryption-CmsOIDObsolete
0x0chrc2-cbc-sha1Obsolete
0x0dhRSAEncryption-EnvOIDObsolete
0x0ehRSAES-OAEP-EnvOIDRundown
0x0fhdes-ede3-cbcObsolete
0x10hdes3-cbc-sha1-kdObsolete
0x11haes128-cts-hmac-sha1-96Obsolete
0x12haes256-cts-hmac-sha1-96Obsolete
0x13haes128-cts-hmac-sha256-128Current
0x14haes256-cts-hmac-sha384-192Current
0x17harcfour-hmac/rc4-hmacObsolete
0x18harcfour-hmac-ext/rc4-hmac-exp (40b key)Obsolete
0x19hcamellia128-cts-chmacCurrent
0x20hcamellia256-cts-cmacCurrent
0x41hsubkey-keymaterialN/A

Channel Binding: No
Realms: Yes
Crypto-primitives: Obsolete (DES)
Number of pages on authentication: 3 for Kerberos
PQC/QRC: No
ZKP: No
Crypt interface support: No
Tokenization: Yes
Uniqueness: N/A
Credentials protection: Yes
Replay protection: Yes
Relay protection: N/A
Hijack protection: N/A
Forge protection: N/A
MFA support: N/A
Integrity protection: N/A
Encryption type: Internal

OAUTH10A

The original OAUTH protocol was created as a combination of existing protocols and practices for authorization delegation. This is not an authentication, but authorization protocol. A working group was established within the IETF in 2007 to standardize this protocol, and the first standard was published in 2007. Based on a session fixation published in 2009, a revision was created, referred to as OAUTH10A. This protocol supports permission delegation, but only within one provider identity. It does not support token sharing and centralized multi-domain administration.
This is a mechanism that allows client authentication and delegation of permissions (e.g. to a third-party application) with minimal cryptography. The actual protocol uses either a digital signature based on RSA or only HMAC for checksum creation, this form of "signature" must be included in all API calls. No other form of cryptographic protection is used. The following components are part of the communication:
- user, i.e. data owner
- authentication server for login, in this case also authorization server for authorization delegation
- application or application server, requesting authorization. In this version it is considered owner of resources

S1: Before any requests, the client must login to the authentication server. In this case, the authentication and authorization server is identical, after login it provides authorization data allowing authorization delegation. The actual login method is not specified in the OAUTH10A protocol, most often the login data is protected only by transport encryption (HTTPS, i.e. HTTP with SSL/TLS support). When logging in for registration, the consumer key, which is public and serves for further identification for the duration of the connection, is used. When logging on again, the consumer key is only used.
At the beginning of the connection, the client asks for a temporary request token using a query where it uses the HTTPS protocol. This is chosen to protect against eavesdropping. As the transferred account information is not otherwise protected, it is advisable to use any algorithm other than PLAIN or LOGIN to connect to the authentication server. The content of the HTTP request looks something like this, all other exchanges of information use similar records:
- oauth_consumer_key="consumer key",
- oauth_signature_method="PLAINTEXT|HMAC-SHA1|RSASSA-PKCS1-v1_5",
- oauth_signature="signature based on oauth_signature_method algorithm",
- oauth_timestamp="timestamp",
- oauth_nonce="nonce",
- oauth_callback="https address to receive token"
Where:
- Signature=HMAC-SHA1(Consumer||Token||&,HTTPREQ)
- HTTPREQ contains HTTP parameters, method and URI for connection.

R2: The server returns a temporary token or a temporary login and authorization address (URI).
S3: The client forwards the information to the application or application server for authorization (URI).
S4: The application server uses the authorization address (URI) to login using a temporary token.
R5: The server authorises or denies the application or application server authorization. In case of authorization, it sends a verification key and redirects the server to a specific address (callback URI).
R6: The application server passes a verification key and a new address (callback URI).
S7: The client sends a verification key, a temporary token and a temporary server login. Requests a token for the application server in exchange.
R8: The client receives a token for the application server.
S9: The client forwards the token to the application server.

Channel Binding: Yes
Realms: No
Cryptoprimitives: Obsolete (SHA-1) or rundown (RSA)
Number of pages when authenticating: 3
PQC/QRC: No
ZKP: No
Crypt interface support: Maybe
Tokenization: Yes
Uniqueness: N/A
Credentials Protection: Subject
Replay protection: Yes
Protection against Relay: N/A
Hijack protection: N/A
Protection against Forge: N/A
MFA support: Yes
Integrity protection: Yes (HMAC-SHA1)
Encryption type: TLS (required)

OAUTH10A Protokol

XOAUTH

The XOAUTH protocol was developed as an implementation of the authorization protocol OAUTH by Google (OAUTH → XOAUTH) to support applications and services such as GMail, where the user's username and password need to be passed to authenticate the user. This specific implementation is intended only to secure logins to mail servers (protocols SMTP, IMAP4, POP3). Except for minor details, it is identical to OAUTH10A.

Channel Binding: Yes
Realms: No
Crypto-primitives: Obsolete (SHA-1) or rundown (RSA)
Number of pages on authentication: 3
PQC/QRC: No
ZKP: No
Crypt interface support: Maybe
Tokenization: Yes
Uniqueness: N/A
Credentials protection: Reservation
Replay protection: Yes
Relay protection: N/A
Hijack protection: N/A
Forge protection: N/A
MFA support: Yes
Integrity protection: Yes (HMAC-SHA1)
Encryption type: TLS (required)

OAUTH10A Protokol

Conclusion

This overview describes the basic structure of protocols used to authenticate users using basic interfaces and protocols. Only OAUTH2, XOAUTH2, OAUTHBEARER, OPENID20 and SAML remain from the whole list. These protocols will be discussed in the next episode SASL part fourth. The last episode will then cover implementations in individual libraries and algorithms that can be considered safe from the current perspective.

Reference:

  1. Simple Authentication and Security Layer (SASL)
    Source: https://www.rfc-editor.org/
  2. Using Generic Security Service Application Program Interface (GSS-API) Mechanisms in Simple Authentication and Security Layer (SASL): The GS2 Mechanism Family
    Source: https://www.rfc-editor.org/
  3. RFC draft A Kerberos 5 SASL Mechanism
    Source: https://www.ietf.org/
  4. Towards pluggable GSS-API modules
    Source: https://blog.josefsson.org
  5. A GSS-API Mechanism for the Extensible Authentication Protocol
    Source: https://www.rfc-editor.org/
  6. Simple and Protected GSS-API Negotiation Mechanism (SPNEGO) Extension
    Source: https://www.microsoft.com/
  7. NT LAN Manager (NTLM) Authentication Protocol
    Source: https://www.microsoft.com/
  8. A Set of Simple Authentication and Security Layer (SASL) Mechanisms for OAuth
    Source: https://www.rfc-editor.org/
  9. The OAuth 1.0 Protocol
    Source: https://www.rfc-editor.org/
  10. OAuth Core 1.0 Revision A
    Source: https://oauth.net/
  11. The OAuth 2.0 Authorization Framework
    Source: https://www.rfc-editor.org/
  12. OAuth 2.0
    Source: https://oauth.net/
  13. OATH: Open Auhtentication
    Source: https://www.openauthentication.org/
  14. OAuth Authentication for Google Mail IMAP and SMTP
    Source: https://gsuite-developers.googleblog.com
  15. FIDO: Fast IDentity Online
    Source: https://fidoalliance.org/

Autor článku:

Jan Dušátko
Jan Dušátko

Jan Dušátko has been working with computers and computer security for almost a quarter of a century. In the field of cryptography, he has cooperated with leading experts such as Vlastimil Klíma or Tomáš Rosa. Currently he works as a security consultant, his main focus is on topics related to cryptography, security, e-mail communication and Linux systems.

Podobné články

Sharing files with SMB protocol and cryptography
16. 9. 2024
Sharing files with SMB protocol and cryptography
Sharing files with NFS protocol and cryptography
17. 9. 2024
Sharing files with NFS protocol and cryptography
Quantum computer resistant algorithms
27. 9. 2024
Quantum computer resistant algorithms
Storing password with Crypt interface
8. 10. 2024
Storing password with Crypt interface
logo

Your learning platform for cryptography
and security.

Jan Dušátko
info@cryptosession.cz
+420 602 427 840

Pod Harfou 938/58
190 00, Praha 9

IČ: 43479766
DIČ: CZ 7208253041

Bank no.:
78-7768770207/0100

© 2025 Cryptosession.cz Design: Lukáš Kejha, Development: Karel Tropp

1. Introductory Provisions

1.1. These General Terms and Conditions are, unless otherwise agreed in writing in the contract, an integral part of all contracts relating to training organised or provided by the trainer, Jan Dušátko, IČ 434 797 66, DIČ 7208253041, with location Pod Harfou 938/58, Praha 9 (next as a „lector“).
1.2. The contracting parties in the general terms and conditions are meant to be the trainer and the ordering party, where the ordering party may also be the mediator of the contractual relationship.
1.3. Issues that are not regulated by these terms and conditions are dealt with according to the Czech Civil Code, i.e. Act No.89/2012 Coll.
1.4. All potential disputes will be resolved according to the law of the Czech Republic.

2. Creation of a contract by signing up for a course

2.1. Application means unilateral action of the client addressed to the trainer through a data box with identification euxesuf, e-mailu with address register@cryptosession.cz or register@cryptosession.info, internet pages cryptosession.cz, cryptosession.info or contact phone +420 602 427 840.
2.2. By submitting the application, the Client agrees with these General Terms and Conditions and declares that he has become acquainted with them.
2.3. The application is deemed to have been received at the time of confirmation (within 2 working days by default) by the trainer or intermediary. This confirmation is sent to the data box or to the contact e-mail.
2.4. The standard time for registration is no later than 14 working days before the educational event, unless otherwise stated. In the case of a natural non-business person, the order must be at least 28 working days before the educational event.
2.5. More than one participant can be registered for one application.
2.6. If there are more than 10 participants from one Client, it is possible to arrange for training at the place of residence of the intermediary or the Client.
2.7. Applications are received and processed in the order in which they have been received by the Provider. The Provider immediately informs the Client of all facts. These are the filling of capacity, too low number of participants, or any other serious reason, such as a lecturer's illness or force majeure. In this case, the Client will be offered a new term or participation in another educational event. In the event that the ordering party does not agree to move or participate in another educational event offered, the provider will refund the participation fee. The lack of participants is notified to the ordering party at least 14 days before the start of the planned term.
2.8. The contract between the provider and the ordering party arises by sending a confirmation from the provider to the ordering party.
2.9. The contract may be changed or cancelled only if the legal prerequisites are met and only in writing.

3. Termination of the contract by cancellation of the application

3.1. The application may be cancelled by the ordering party via e-mail or via a data mailbox.
3.2. The customer has the right to cancel his or her application for the course 14 days before the course takes place without any fees. If the period is shorter, the subsequent change takes place. In the interval of 7-13 days, an administrative fee of 10% is charged, cancellation of participation in a shorter interval than 7 days then a fee of 25%. In case of cancellation of the application or order by the customer, the possibility of the customer's participation in an alternative period without any additional fee is offered. The right to cancel the application expires with the implementation of the ordered training.
3.3. In case of cancellation of the application by the trainer, the ordering party is entitled to a full refund for the unrealized action.
3.4. The ordering party has the right to request an alternative date or an alternative training. In such case, the ordering party will be informed about all open courses. The alternative date cannot be enforced or enforced, it depends on the current availability of the course. If the alternative training is for a lower price, the ordering party will pay the difference. If the alternative training is for a lower price, the trainer will return the difference in the training prices to the ordering party.

4. Price and payment terms

4.1. By sending the application, the ordering party accepts the contract price (hereinafter referred to as the participation fee) indicated for the course.
4.2. In case of multiple participants registered with one application, a discount is possible.
4.3. The participation fee must be paid into the bank account of the company held with the company Komerční banka č. 78-7768770207/0100, IBAN:CZ5301000000787768770207, BIC:KOMBCZPPXXX. When making the payment, a variable symbol must be provided, which is indicated on the invoice sent to the client by the trainer.
4.4. The participation fee includes the provider's costs, including the training materials. The provider is a VAT payer.
4.5. The client is obliged to pay the participation fee within 14 working days of receipt of the invoice, unless otherwise stated by a separate contract.
4.6. If the person enrolled does not attend the training and no other agreement has been made, his or her absence is considered a cancellation application at an interval of less than 7 days, i.e. the trainer is entitled to a reward of 25% of the course price. The overpayment is returned within 14 days to the sender's payment account from which the funds were sent. Payment to another account number is not possible.
4.7. An invoice will be issued by the trainer no later than 5 working days from the beginning of the training, which will be sent by e-mail or data box as agreed.

5. Training conditions

5.1. The trainer is obliged to inform the client 14 days in advance of the location and time of the training, including the start and end dates of the daily programme.
5.2. If the client is not a student of the course, he is obliged to ensure the distribution of this information to the end participants. The trainer is not responsible for failure to comply with these terms and conditions.
5.2. By default, the training takes place from 9 a.m. to 5 p.m. at a predetermined location.
5.3. The trainer can be available from 8 a.m. to 9 a.m. and then from 17 a.m. to 6 p.m. for questions from the participants, according to the current terms and conditions.
5.4. At the end of the training, the certificate of absorption is handed over to the end users.
5.5. At the end of the training, the end users evaluate the trainer's approach and are asked to comment on the evaluation of his presentation, the manner of presentation and the significance of the information provided.

6. Complaints

6.1. If the participant is grossly dissatisfied with the course, the trainer is informed of this information.
6.2. The reasons for dissatisfaction are recorded in the minutes in two copies on the same day. One is handed over to the client and one is held by the trainer.
6.3. A statement on the complaint will be submitted by e-mail within two weeks. A solution will then be agreed within one week.
6.4. The customer's dissatisfaction may be a reason for discontinuing further cooperation, or financial compensation up to the price of the training, after deduction of costs.

7. Copyright of the provided materials

7.1. The training materials provided by the trainer in the course of the training meet the characteristics of a copyrighted work in accordance with Czech Act No 121/2000 Coll.
7.2. None of the training materials or any part thereof may be further processed, reproduced, distributed or used for further presentations or training in any way without the prior written consent of the trainer.

8. Liability

8.1. The trainer does not assume responsibility for any shortcomings in the services of any third party that he uses in the training.
8.2. The trainer does not assume responsibility for injuries, damages and losses incurred by the participants in the training events or caused by the participants. Such costs, caused by the above circumstances, shall be borne exclusively by the participant in the training event.

9. Validity of the Terms

9.1 These General Terms and Conditions shall be valid and effective from 1 October 2024.

Consent to the collection and processing of personal data

According to Regulation (EU) No 2016/679 of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation, hereinafter referred to as "the Regulation"), the processor xxx (hereinafter referred to as "the Controller") processes personal data. Individual personal data that are part of the processing during specific activities at this web presentation and in the course of trade are also broken down.
Although the collection of data is ubiquitous, the operation of this website is based on the right to privacy of each user. For this reason, the collection of information about users takes place to the extent absolutely necessary and only if the user decides to contact the operator. We consider any further collection and processing of data unethical.

Information about the records of access to the web presentation

This website does not collect any cookies. The site does not use any analytical scripts of third parties (social networks, cloud providers). For these reasons, an option is also offered for displaying the map in the form of a link, where the primary source is OpenStreet and alternatives then the frequently used Maps of Seznam, a.s., or Google Maps of Google LLC Inc. The use of any of these sources is entirely at the discretion of the users of this site. The administrator is not responsible for the collection of data carried out by these companies, does not provide them with data about users and does not cooperate on the collection of data.
Logging of access takes place only at the system level, the reason being the identification of any technical or security problems. Other reasons are overview access statistics. No specific data is collected or monitored in this area and all access records are deleted after three months.

Information about contacting the operator of the site

The form for contacting the operator of the site (administrator) contains the following personal data: name, surname, e-mail. These data are intended only for this communication, corresponding to the address of the user and are kept for the time necessary to fulfil the purpose, up to a maximum of one year, unless the user determines otherwise.

Information about the order form

In case of an interest in the order form, the form contains more data, i.e. name, surname, e-mail and contact details for the organisation. These data are intended only for this communication, corresponding to the address of the user and are kept for one year, unless the user determines otherwise. In the event that a business relationship is concluded on the basis of this order, only the information required by Czech law on the basis of business relations (company name and address, bank account number, type of course and its price) will continue to be kept by the administrator.

Information about the course completion document

Within the course, a course completion document is issued by the processor. This document contains the following data: student's name and surname, the name and date of the course completion and the employer's name. The information is subsequently used for the creation of a linear hash tree (non-modifiable record). This database contains only information about the provided names and company names, which may or may not correspond to reality and is maintained by the processor for possible re-issuance or verification of the document's issuance.

Rights of the personal data subject

The customer or visitor of this website has the possibility to request information about the processing of personal data, the right to request access to personal data, or the right to request the correction or deletion of any data held about him. In the case of deletion, this requirement cannot be fulfilled only if it is not data strictly necessary in the course of business. The customer or visitor of this website also has the right to obtain explanations regarding the processing of his personal data if he finds out or believes that the processing is carried out in violation of the protection of his private and personal life or in violation of applicable legislation, and the right to request removal of the resulting situation and to ensure the correction.
Furthermore, the customer/visitor of this website may request restriction of processing or object to the processing of personal data and has the right to withdraw his/her consent to the processing of personal data at any time in writing, without prejudice to the lawfulness of their processing prior to such withdrawal. For this purpose, the contact e-mail address support@cryptosession.cz is used.
The customer/visitor has the right to file a complaint against the processing of personal data with the supervisory authority, which is the Office for Personal Data Protection.