1 / 14

Kerberos Network Authentication Protocol: A Team 1 Presentation

Learn about the Kerberos network authentication protocol, its basic concept, how it works, implementation details, and its pros and cons. Understand how Kerberos provides strong authentication for client/server applications.

mgilham
Télécharger la présentation

Kerberos Network Authentication Protocol: A Team 1 Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Kerberos Network Authentication Protocol A Team 1 Presentation: Les Beckford Joe DeCicco Vera Rhoads Than Lam Steve Parshley DCS835 June 24, 2000

  2. Cerberus

  3. Agenda What is Kerberos? What is the basic concept? How does it work? Prerequisites Conceptual implementation Details in action Pros & Cons Summary

  4. What is Kerberos? A network authentication protocol designed to provide strong authentication for client/server applications by using secret-key cryptography

  5. What is the basic concept? Three entities authenticate each other, using private keys. 1. User ->Client 2. Kerberos Server 3. Application Server Kerberos Server Client User Application Server

  6. How Does Kerberos Work? Prerequisites Principals list Authentication Server Ticket Granting Server Kerberos s/w Individual passwords Concept of Implementation Details in action

  7. Kerberos Prerequisites Principals list Users Clients Application servers Authentication Server (AS) Ticket Granting Server (TGS) Kerberos s/w (V4 or V5) Individual passwords

  8. Concept of Implementation Objective: secure network authentication to grant services to authorized users Authentication: Symmetric, two private keys Three two-way handshakes precede service Service: authorized services delivered from known to known

  9. The Kerberos Model and Protocols

  10. Username, PW -> AS < -AS returns TGT Start Client PW -> TGT, Kc, tgs <- Ticket, Kc S -> Ac <- Sc The Kerberos Model and Protocols

  11. Details in Action

  12. Pros/Cons of Kerberos Pros: Free, flexible, open standards, key security, ticket expiration, widespread acceptance, enhanced versions Cons: prerequisites to set up, management intensive, third party security assumed, password security assumed.

  13. Summary Kerberos is, for the correct environments, a superior alternative to public-key, certificate-based authentication systems, such as SSL. With a proper understanding of its strengths and weaknesses, one can implement the protocol with confidence, at low cost, and with high efficiency.

  14. Questions? (If you dare)

More Related