Professional Documents
Culture Documents
Network Security
2
Introduction
Many real-life systems use an authentication protocol called Kerberos.
Designed at MIT to let workstations allow network resources in a secure manner, the name Kerberos signifies a multi-
headed dog in Greek mythology (apparently used to keep outsiders away).
Version 4 of Kerberos is found in most practical implementations. However, Version 5 is also in use now.
3
The Working of Kerberos
There are four parties involved in the Kerberos protocol:
Step 1: Login
To start with, Alice, the user, sits down at an arbitrary public workstation and enters her name. The workstation sends her
name in plain text to the AS, as shown in Figure 1.
7
Figure: AS sends back encrypted session key and TGT to Alice
The Working of Kerberos
Step 2: Obtaining a Service Granting Ticket (SGT)
Now, let us assume that after a successful login, Alice wants to make use of Bob—the email server—for
some email communication.
For this, Alice would inform her workstation that she needs to contact Bob. Therefore, Alice needs a ticket
to communicate with Bob.
At this juncture, Alice’s workstation creates a message intended for the Ticket Granting Server (TGS), which
contains the following items:
Note that an attacker, Tom, can try and obtain the first message in this step sent
by Alice, and attempt a replay attack.
However, this would fail as the message from Alice contains the encrypted time
stamp.
Tom cannot replace the time stamp, because he does not have the session key
(KS). Even if Tom attempts a reply attack really quickly, all that he will get back is
the above message from TGS, which Tom cannot open, as he does not have
access to either Bob’s secret key or the session key (KS).
12
The Working of Kerberos
Step 3: User Contacts Bob for Accessing the Server
13
The Working of Kerberos
Step 3: User Contacts Bob for Accessing the Server
14
Figure 4: Alice sends KAB securely to
The Working of Kerberos
Step 3: User Contacts Bob for Accessing the Server
Since only Bob has his secret key, he uses it to first obtain the information (Alice + KAB).
From this, it gets the key KAB, which he uses to decrypt the encrypted time stamp value.
Now how would Alice know if Bob received KAB correctly or not?
In order to satisfy this query, Bob now adds 1 to the time stamp sent by Alice, encrypts the
result with KAB and sends it back to Alice.
This is shown in Figure 5. Since only Alice and Bob know KAB, Alice can open this packet,
and verify that the timestamp incremented by Bob was indeed the one sent by her to Bob
in the first place.
15
The Working of Kerberos
Step 3: User Contacts Bob for Accessing the Server
16
Figure 5: Bob acknowledges the receipt of
The Working of Kerberos
Step 3: User Contacts Bob for Accessing the Server
Since Alice needs to authenticate or sign on only once, this mechanism is called Single Sign On (SSO).
Alice need not prove her identity to every resource in the network individually. She needs to authenticate
herself only to the central AS only once. That is good enough for all the other servers/network resources to
be convinced of Alice’s identity.
18
The Working of Kerberos
Step 3: User Contacts Bob for Accessing the Server