1. KERBEROS
PRESENTED BY
SUTANU PAUL(CSI 13023)
MD ARIFUL HOQUE(CSI 13020)
MTECH(IT) 1ST SEM
TEZPUR UNIVERSITY

2. OUTLINE
•
•
•
•
•
•
•
•
•
•
What is Kerberos?
Why Kerberos?
Firewall Vs Kerberos
Kerberos design
How does Kerberos work?
Application of Kerberos
Comparison between version 4 and 5
Attacks on Kerberos
Limitation of Kerberos
References

3. WHAT IS KERBEROS?
• Literal meaning: In Greek mythology,kerberos is a multi-headed
dog (usually three) which gaurds the entrance of Hades.
• Technically Kerberos is an authentication protocol implemented
on Project Athena at MIT
• Athena provides an open network computing environment
• Each user has complete control of its workstation
• But the workstations can not be trusted completely to identify its
users to the network services
• Kerberos acts as a third party authenticator
- Helps the user to prove its identity to the various services and
vice versa
• Uses symmetrical cryptographic algorithms (private key
cryptosystems)
–Same key is used for encryption as well as decryption
–Uses DES (Data Encryption Standard)

4. WHAT IS KERBEROS?…cont.
What's with the 3 heads?
● Authentication
– confirms that a user who is requesting services
is a valid user of the network
● Authorization
– granting of specific types of service to a user,
based on their authentication
● Accounting
– The tracking of the consumption of network resources
by users

5. WHY KERBEROS?
• Authentication is a key feature in a multi-user
environment.
• Sending usernames and passwords over the network is
not secure.
• Each time a password is sent in the network, there is a
chance for interception.
Problem: Cannot trust workstation to identify
their users correctly in an open distributed environment
Solution:
– Building elaborate authentication protocols at each
server
– A centralized authentication server (Kerberos)

6. FIREWALL VS KERBEROS
• Firewall make a risky assumption that attackers are
coming from the outside. In reality attacks frequently
come from within.
• Kerberos assumes that network connections (rather
than servers and workstations) are the weak link in
network security.

8. HOW DOES KERBEROS WORK?
….cont.
• To request a service from a server, the client goes through
three phases of authentication
• Phase 1
–The client requests a ticket from the Kerberos
–Kerberos grants a ticket and a session key
–The ticket is used for requesting other tickets for various
services
–Ticket conveys the identity of the client to the server
–The session key is used for conversation between the
client and the server

9. HOW DOES KERBEROS WORK?
….cont.
Phase 2
–The client uses the ticket of the first phase to request a
ticket from the ticket granting server (TGS) for a specific
service
Phase 3
–The client presents the key to the server for the service

10. A more detailed look…
AUTHENTICATION SERVER
• The client sends a plaintext request to the AS
asking for a ticket it can use to talk to the TGS.
• Request:
-Login name
-TGS name
• Since this request contains only well-known
names, it does not need to be sealed.

11. AUTHENTICATION SERVER
• The AS finds the keys corresponding to the login
name and the TGS name.
• The AS creates a ticket:
– Login name
– TGS name
– Client network address
– TGS session key
• The AS seals the ticket with the TGS secret key.

12. AUTHENTICATION SERVER
RESPONSE
• The AS also creates a random session key for the
client and the TGS to use.
• The session key and the sealed ticket are sealed
with the user (login name) secret key.
Sealed with TGS key
Ticket:
TGS session key
Sealed with user key
login name
TGS name
net address
TGS session key

13. ACCESSING THE TGS
• The client decrypts the message using the
user’s password as the secret key.
• The client now has a session key and ticket
that can be used to contact the TGS.
• The client cannot see inside the ticket, since
the client does not know the TGS secret key.

14. ACCESSING A SERVER
• When a client wants to start using a server
(service), the client must first obtain a ticket.
• The client composes a request to send to the TGS
Sealed with
TGS key
TGS Ticket
Authenticator
Server Name
Sealed with
session key

15. TGS RESPONSE
• The TGS decrypts the ticket using it’s secret
key. Inside is the TGS session key.
• The TGS decrypts the authenticator using the
session key.
• The TGS check to make sure login names,
client addresses and TGS server name are all
ok.
• TGS makes sure the authenticator is recent.

16. TGS RESPONSE
Once everything checks out - the TGS:
• Builds a ticket for the client and requested server.
The ticket is sealed with the server key.
• Creates a session key
• Seals the entire message with the TGS session key
and sends it to the client

17. CLIENT ACCESSES SERVER
• The client now decrypts the TGS response
using the TGS session key.
• The client now has a session key for use with
the new server, and a ticket to use with that
server.
• The client can contact the new server using
the same format used to access the TGS.

19. WHY TWO SERVERS?
Note that
–First phase is used for user-authentication (using the id and
password)
–Second and third phase may continue several times with the same
TGT granted by the first phase
In absence of this additional phase
–For each service, the user needs to authenticate itself using its
password
–Once the intruder gets the first session key, it can continue doing
malicious works throughout the session
–That’s why life and timestamp are mentioned

20. APPLICATIONS OF KERBEROS
• Windows servers use Kerberos as the primary
authentication protocol.
• Telnet/FTP uses Kerberos.
• Authentication for web services.
• Authenticating email client and servers.

21. comparison between version 4 and 5
Version 4
• Environmental drawbacks
– Encryption system dependence
– Internet protocol dependence
– Message format
– Ticket lifetimes
– Authentication forwarding
– Inter-realm authentication

22. VERSION 4
• Technical deficiencies
– Double Encryption (Bellovin and Merritt [Bel90])
– PCBC encryption
– Authenticators and replay detection
– Password attacks
– Session keys
– Cryptographic checksum
– Kerberised

23. ATTACKS ON KERBEROS
•
•
•
•
KDC security
Availability
Replay attacks
Password-guessing attacks

24. Limitations of Kerberos

25. REFERENCES
Books
o Computer
Networks
by
Andrew
S
Tanenbaum, Fifth Edition.
o Data Communications and Networking
by Behrouz A Forouzan, Fourth Edition.
Websites
owww.mit.edu
owww.google.com
owww.wikipedia.com

26. KERBEROS DESIGN
•
•
•
•
•
•
•
•
Every User has a password.
Every service has a password.
Password are never sent across the network in clear text(or stored in memory)
User must identify himself once at the beginning of a workstation session(login
session)
The only entity that knows all the passwords is the AUTHENTICATION SERVER (AS)
Every user shares its private secret key with the AUTHENTICATION SERVER
-User X doesn’t know the private key of user Y.
Key Distribution: When X wants to communicate with Y, they need to use a secret key
between them
-AS is responsible for distributing this session key (conversation key) between X
and Y
Everybody has to trust AS

27. HOW DOES KERBEROS WORK?
….cont.
• Instead of client (Alice) sending password to
application server(Bob):
-It Request TICKET From AUTHENTICATION SERVER
-the TICKET and encrypted request is sent to application
server(Bob).
• How To Request Tickets Without Repeatedly Sending
Credentials?
– TICKET-GRANTING TICKET (TGT)