# Kerberos

tags
Network authentication, Cryptography
resources
Main page, Computerphile video

Kerberos is a centralized authentication protocol that uses symmetric encryption as its main way of ensuring online privacy on a network with a trusted central entity (e.g. a corporate network).

A central server must have long term keys for every user on the network. It uses these keys to securely issue session keys with other devices on the network thanks to a Ticket-granting server (TGS).

The protocol goes something like this:

• New user A on the network with long term key shared with the authentication server
1. Sends a TGS request to the authentication server S.
2. If S does have a key with A, $$K_{\mathtt{AS}}$$, it generates a key $$K_{\mathtt{A,TGS}}$$ and sends back two messages.
• A message containing $$K_{\mathtt{A,TGS}}$$ encrypted with $$K_{\mathtt{AS}}$$ to be read by A.
• Another message encrypted with S and TGS shared key containing $$K_{\mathtt{A,TGS}}$$ to be read by TGS.
3. Therefore, A now has a key to communicate with the TGS and a unreadable ticket-granting ticket that TGS will decrypt and use to communicate with A.
• User A wants to communicate with user B
1. A sends a request to TGS encrypted with $$K_{\mathtt{A,TGS}}$$ to communicate with B.
2. If B is known to TGS, it sends back a message encrypted with $$K_{\mathtt{A,TGS}}$$ containing a generated session key $$K_{\mathtt{AB}}$$ and another message containing the same key but encrypted with $$K_{\mathtt{B,TGS}}$$.
3. A forwards the message encrypted with $$K_{\mathtt{B,TGS}}$$ to B and may begin communicating securely with B.

This is an interesting protocol, which doesn’t use Public key encryption at all. It also uses only a key per device on the network, which is a lot less than a key per pair of devices.

Some of its drawbacks include the fact that its a single point of failure system, because every user relies on a central entity to communicate. It the TGS gets compromised or is taken down, communication is not possible anymore.