Scribd
Upload
383 views2 pages

Kerberos

Kerberos is an authentication system that uses encrypted tickets and session keys to authenticate users and allow access to network services without transmitting passwords over the network. It works by having the user first authenticate with a key distribution service that provides an encrypted session key and ticket granting ticket. The user then presents these to the ticket granting service to get a temporary key and ticket for the requested network service, which are used to authenticate with that service. This process authenticates the user and allows access to network services without sending passwords over the network.

Uploaded by

saurabmi2
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
383 views2 pages

Kerberos

Kerberos is an authentication system that uses encrypted tickets and session keys to authenticate users and allow access to network services without transmitting passwords over the network. It works by having the user first authenticate with a key distribution service that provides an encrypted session key and ticket granting ticket. The user then presents these to the ticket granting service to get a temporary key and ticket for the requested network service, which are used to authenticate with that service. This process authenticates the user and allows access to network services without sending passwords over the network.

Uploaded by

saurabmi2
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOC, PDF, TXT or read online on Scribd

Kerberos

 Kerberos is an authentication system for open systems and


networks.
 Historically, Kerberos has been used with Unix-oriented protocols such
as Sun's Network File System and in the exchange of certificates.
 Kerberos uses an encryption system based on the Data Encryption
Standard.
 Each user has a private authentication key.

How does Kerberos work?

1. Like its namesake, the many-headed dog who guards the entrance to
the underworld, Kerberos guards the data transmitted between
machines that communicate over the network.
2. Kerberos uses cryptographic keys known as tickets to protect the
security of the messages you send to the system and the messages
the system sends back to you.
3. Kerberos never transmits passwords, even in encrypted form, on the
network.
4. Passwords reside only in a highly secure machine called a key server.
5. Kerberos performs authentication both when you log into the system
and when you request any type of network service (e.g., a printer or a
mail system).

The Kerberos authentication sequence works like this:

1. When you log in, you enter your login name. The login process sends
your login name to the Kerberos key distribution service, which returns
the following to you:
o An encrypted session key a temporary key you use to
communicate with the Kerberos ticket granting service .
o An encrypted ticket for the Kerberos ticket granting service.
2. You enter your password. The login process uses your password as a
private key to decrypt the session key and the ticket sent to you by the
key distribution service. If the decryption works, you're authenticated.
3. When you request a network service (e.g., mail), the system sends
your temporary session key and your ticket granting ticket to the
Kerberos ticket granting service. Each service has its own password.
The ticket granting service returns a temporary key and a ticket for use
with the service. The system uses your session key to decrypt the key
and the ticket.
4. To make the connection to the service, the system sends the service
your session key, your temporary service key, and your service ticket.
If the server can decrypt the request sent to it, you're allowed to use
the service.

You might also like