Define kerberos. Briefly explain kerberos V4.
Subject Computer and Network Security
NU Year Set: 4.(b) Marks: 1+7 Year: 2017

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. A free implementation of this protocol is available from the Massachusetts Institute of Technology. Kerberos is available in many commercial products as well.

kerberos V4

Key Design Principles Key Design Principles

The network is open

  Need a proper secret key to understand the messages received (except message 1, which is in clear)

       2. Every client and server has a pre-shared secret with the KDC.

       3. KDC and Ticket Granting Server (TGS) are logically separate but share a secret key

       4. Both KDC and TGS are stateless and do not need to remember the permissions granted. All the  

           state is in the tickets. (Day pass is just a longer term ticket)

       5. Longer term secrets are used less frequently. Short term secrets are created and destroyed after a   

            alimited use.

Login to post your comment.