Scribd Logo
Upload

Welcome to Scribd!

  • 7 views

    20 Kerberos

    Uploaded by

    177 Sumit Rathor
    The document discusses Kerberos, a network authentication protocol that allows clients and servers to authenticate each other using secret-key cryptography. It describes the main components of Kerberos including the authentication server, ticket granting server, and database. It also provides an overview of the Kerberos authentication process.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    20 Kerberos

    Uploaded by

    177 Sumit Rathor
    7 views4 pages
    The document discusses Kerberos, a network authentication protocol that allows clients and servers to authenticate each other using secret-key cryptography. It describes the main components of Kerberos including the authentication server, ticket granting server, and database. It also provides an overview of the Kerberos authentication process.

    Original Title

    20-Kerberos

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document discusses Kerberos, a network authentication protocol that allows clients and servers to authenticate each other using secret-key cryptography. It describes the main components of Kerberos including the authentication server, ticket granting server, and database. It also provides an overview of the Kerberos authentication process.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    7 views4 pages

    20 Kerberos

    Uploaded by

    177 Sumit Rathor
    The document discusses Kerberos, a network authentication protocol that allows clients and servers to authenticate each other using secret-key cryptography. It describes the main components of Kerberos including the authentication server, ticket granting server, and database. It also provides an overview of the Kerberos authentication process.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 4

    Lecture-20

    CS 703
    Department of CSE/IT

    Kerberos
     Kerberos is a network authentication protocol.

     It is designed to allow users, clients and servers, authenticate themselves


    to each other.

     This mutual authentication is done using secret-key cryptography.

     Using secret-key encryption, or as it is commonly known, conventional


    encryption, a client can prove its identity to a server across an insecure
    network connection.

     Similarly, a server can also identify itself across the same insecure network
    connection. Communication between the client and the server can be
    secure after the client and server have used Kerberos to prove their
    identities.

     From this point on, subsequent communication between the two can be
    encrypted to ensure privacy and data integrity.
    Kerberos client/server authentication requirements are as follows:

    • Security – that Kerberos is strong enough to stop potential eavesdroppers from


    finding it to be a weak link.

    • Reliability – that Kerberos is highly reliable, employing a distributed server


    architecture where one server is able to back up another. This means that
    Kerberos system is fail safe, meaning graceful degradation, if it happens.

    • Transparency – that users are not aware that authentication is taking place
    beyond providing passwords.

    • Scalability – that Kerberos systems accept and support new clients and servers.

    The main components of Kerberos are:

     Authentication Server (AS):


    The Authentication Server performs the initial authentication and ticket
    for Ticket Granting Service.

     Database:
    The Authentication Server verifies access rights of users in database.

     Ticket Granting Server (TGS):


    The Ticket Granting Server issues the ticket for the Server
    Kerberos Overview:

     Step-1:
    User logon and request services on host. Thus user request for ticket-
    granting-service.

     Step-2:
    Authentication Server verifies user’s access right using database and then
    gives ticket-granting-ticket and session key. Results are encrypted using
    Password of user.
     Step-3:
    Decryption of message is done using the password then send the ticket to
    Ticket Granting Server. The Ticket contain authenticators like user name
    and network address.

     Step-4:
    Ticket Granting Server decrypts the ticket send by User and authenticator
    verifies the request then creates the ticket for requesting services from the
    Server.

     Step-5:
    User send the Ticket and Authenticator to the Server.

     Step-6:
    Server verifies the Ticket and authenticators then generate the access to
    the service. After this User can access the services.

    You might also like