Kerberos

tags
Network authentication, Cryptography
resources
Main page, Computerphile video

Kerberos is a centralized authentication protocol that uses symmetric encryption as its main way of ensuring online privacy on a network with a trusted central entity (e.g. a corporate network).

A central server must have long term keys for every user on the network. It uses these keys to securely issue session keys with other devices on the network thanks to a Ticket-granting server (TGS).

The protocol goes something like this:

  • New user A on the network with long term key shared with the authentication server
    1. Sends a TGS request to the authentication server S.
    2. If S does have a key with A, \(K_{\mathtt{AS}}\), it generates a key \(K_{\mathtt{A,TGS}}\) and sends back two messages.
      • A message containing \(K_{\mathtt{A,TGS}}\) encrypted with \(K_{\mathtt{AS}}\) to be read by A.
      • Another message encrypted with S and TGS shared key containing \(K_{\mathtt{A,TGS}}\) to be read by TGS.
    3. Therefore, A now has a key to communicate with the TGS and a unreadable ticket-granting ticket that TGS will decrypt and use to communicate with A.
  • User A wants to communicate with user B
    1. A sends a request to TGS encrypted with \(K_{\mathtt{A,TGS}}\) to communicate with B.
    2. If B is known to TGS, it sends back a message encrypted with \(K_{\mathtt{A,TGS}}\) containing a generated session key \(K_{\mathtt{AB}}\) and another message containing the same key but encrypted with \(K_{\mathtt{B,TGS}}\).
    3. A forwards the message encrypted with \(K_{\mathtt{B,TGS}}\) to B and may begin communicating securely with B.

This is an interesting protocol, which doesn’t use Public key encryption at all. It also uses only a key per device on the network, which is a lot less than a key per pair of devices.

Some of its drawbacks include the fact that its a single point of failure system, because every user relies on a central entity to communicate. It the TGS gets compromised or is taken down, communication is not possible anymore.

Links to this note

Last changed | authored by

Comments


← Back to Notes