Introduction to Kerberos
The following article provides an outline for Kerberos. Kerberos is a computer network authentication protocol. It is designed at MIT to allow network resources in a secure manner.
How does Kerberos Work?
Kerberos works in three steps.
Let’s see those three steps one by one:
Step 1: Login
The client enters his name at an arbitrary workstation. Then workstation sends the name to the authentication server in plain text format.
In response, the Authentication server performs some action. First, it creates the package of user name, i.e. Client and generates the session key. It encrypts this package with a symmetric key that the authentication server shares with Ticket Granting Server(TGS). The output of this process is called a Ticket Granting Ticket (TGT). The authentication server then combines both TGT and session key and encrypts them together using the symmetric key, which is derived from the client’s password.
After this message is received, the user’s workstation asks for the password. When a user or client enters his password, the workstation generates the symmetric key derived from an authentication server’s password. This key is used to extract the session key and TGT. After that, the workstation destroys the client’s password f om its memory to prevent the attack.
Step 2: Obtaining a Service Granting Ticket
Let’s assume that, after the successful login, the user wants to communicate with other users through the mail server.
For that client to inform his workstation that he wants to contact another user X., the client needs a ticket to communicate with the X. At this point, the client workstation creates a message intended for a ticket-granting server, which contains the below-mentioned items:
- Ticket granting ticket.
- The id of the X whose services clients are interested in.
- The current timestamp should be encrypted with the same session key.
Ticket granting, the ticket is encrypted only with the secret key of the ticket-granting server; hence only the ticket-granting server can open a ticket-granting ticket. Because of this ticket-granting server believes that the message comes from the indeed client. The session authentication server encrypted the ticket-granting ticket and session key.
An authentication server encrypts it using the secret key, which is derived from the client’s password. Hence the only client can open the package and retrieve the ticket Granting Ticket.
Once the ticket-granting server is satisfied with the details entered by the client, the ticket-granting ticket creates a session key KAB for the client to perform the secure communication with X. Ticket Granting Server send it twice to client – first time it sends when combined with X’s id and encrypted with the session key, the second time it sends when combined with client id’s and encrypted with X’s secret key KB.
In this case, the Attacker can try and obtain the client’s first message and can attempt a reply attack. However, this would fail as the client message contains an encrypted timestamp, and the attacker cannot replace the time stamp as he does not have the session key.
Step 3: User Contacts X for Accessing the Server
A client sends KAB to X to create a session with X. For secure communication, the client forward KAB encrypted with X’s secret key to X. X can access KAB. To protect from a reply attack, the client sends a timestamp to X, which is encrypted with KAB. X uses his secret key to obtain the information; he uses KAB to decrypt the stamp value from this information. Then X adds 1 into the timestamp value, encrypts it using KAB, and sends it to the client. The client then opens the packet and verify the stamp incremented by X. From this process, the client ensures that the X received the same KAB, which the client sends.
Now client and X can communicate with each other securely. Both use shared secret key KAB yo encrypt the data when sending and decrypt the message using the same key. Suppose that the client may want to communicate with another server Y; in that case, the client just n3d to obtain another secret key from the Ticket Granting Server. After obtaining the secret key, he can communicate with Y similarly as we have discussed in the case of X. If the client may communicate again with X, he can use the same previous key; there is no need to generate a ticket every time. Only for the first time, he needs to obtain the ticket.
Advantages and Disadvantages of Kerberos
Given below are the advantages and disadvantages:
- In Kerberos, clients and services are mutually authenticated.
- Various operating systems support it.
- Tickets in Kerberos have a limited period. If the ticket gets stolen, it is hard to reuse the ticket because of strong authentication needs.
- Passwords are never sent over the network unencrypted.
- In Kerberos, secret keys are shared, which is more efficient than sharing public keys.
- It is vulnerable to weak or repeated passwords.
- It only provides authentication for services and clients.
In this article, we have seen what kerberos is, how it works, and its advantages and disadvantages.
This is a guide to Kerberos. Here we discuss the introduction, how does kerberos works, advantages & disadvantages respectively. You can also go through our other suggested articles to learn more –