Authentication Protocol Kerberos is a computer network authentication
Authentication Protocol
Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner Kerberos is perhaps the most-widely used authentication protocol on Earth. (Search. Security. com)
To talk about Kerberos history is to talk about the project Athena. The project Athena was a join project between the Massachusetts Institute of Technology (MIT), IBM, and Digital Equipment Corporation
Main objectives of Athena was • produce a campus-wide distributed computing environment. • it was to integrate a SSO (Single Sign-on) • networked file systems • a unified graphical environment • a naming convention service
Kerberos was developed to answer many of the authentication and single sing –on questions. Kerberos was to going to be the authentication protocol for the distributed system that project Athena was developing. In 1987 MIT released Kerberos version 4 software as open source.
Kerbers TGS 3 1 2 4 User Client Server 5
• Kerberos version 1 to 3 had been released within MIT. • Steve Miller and Clifford Neuman were the primary designers of Kerberos v 4 targeted it primarily for Project Athena • Kerberos version 5, designed by John Kohl and Clifford Neuman, was released in 1993 • Last version of Kerberos is 5 -1. 9 released on December 2010
Designed to overcome the limitations and security problems of version 4. Main features: • The network protocol has been completely redone and now uses ASN. 1 (Abstract Syntax Notation ) • Support forwardable, renewable, and postdatable tickets was added • Tickets can now contain multiple IP addresses and addresses for different types of networking protocols • A generic crypto interface module is now used so it allows the ability to replace DES with a more cryptographic algorithm
• X-Box uses Kerberos. • The cable TV industry uses Kerberos to authenticate set-top boxes and modems to their networks.
In 2007, MIT formed the Kerberos Consortium to foster continued development Founding sponsors include vendors such as • Oracle, • Apple Inc. , • Google, • Microsoft • Centrify Corporation. • Academic institutions such as KTH-Royal Institute of Technology, Stanford University, and MIT
Kerberos wants to be available on more devices Expand to work with Databases Support mobile devices Interoperability with SAM (Security Assertion Markup Language) • Wants to able to work seamlessly between different technologies across different networks. • • • Become the standard.
- Slides: 13