Kerberos Is A Network Authentication Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.


Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Kerberos is available in many commercial products.

The Internet is an insecure place. Many of the protocols used in the Internet do not provide any security. Tools to "sniff" passwords off of the network are in common use by malicious hackers. Thus, applications which send an unencrypted password over the network are extremely vulnerable.

Some sites attempt to use firewalls to solve their network security problems. Unfortunately, firewalls assume that "the bad guys" are on the outside. Most of the really damaging incidents of computer crime are carried out by insiders. Firewalls also have a significant disadvantage.

Kerberos was created by MIT as a solution to these network security problems. The Kerberos protocol uses strong cryptography so that a client can prove its identity to a server and vice versa across an insecure network connection. After a client and server have used Kerberos to prove their identity, they can also encrypt all of their communications to assure privacy and data integrity.

Kerberos is freely available from MIT, under copyright permissions very similar those used for the BSD operating system and the X Window System. MIT provides Kerberos in source form so that anyone who wishes to use it may look over the code for themselves and assure themselves that the code is trustworthy. Hence, we are going to implement the Kerberos authentication protocol in our operating system (Ubuntu) for an authentication.


What is Kerberos?

Kerberos is a trusted third-party authentication service based on the model presented by Needham and Schroeder. It is trusted in the sense that each of its clients believes Kerberos' judgment as to the identity of each of its other clients to be accurate. Timestamps have been added to the original model to aid in the detection of replay. Replay occurs when a message is stolen off the network and resent later.

What Does Kerberos Do?

Kerberos keeps a database of its clients and their private keys. The private key is a large number known only to Kerberos and the client it belongs to. In the case that the client is a user, it is an encrypted password. Network services requiring authentication register with Kerberos, as do clients wishing to use those services. The private keys are negotiated at registration.

Because Kerberos knows these private keys, it can create messages which convince one client that another is really who it claims to be. Kerberos also generates temporary private keys, called session keys, which are given to two clients and no one else. A session key can be used to encrypt messages between two parties.

Kerberos provides three distinct levels of protection. The application programmer determines which is appropriate, according to the requirements of the application. For example, some applications require only that authenticity be established at the initiation of a network connection, and can assume that further messages from a given network address originate from the authenticated party. Our authenticated network file system uses this level of security.

Kerberos provides safe messages. Yet a higher level of security is provided by private messages, where each message is not only authenticated, but also encrypted.

Kerberos Software Components

The Athena implementation comprises several modules:

Kerberos applications library

encryption library

database library

database administration programs

administration server

authentication server

db propagation software

user programs


The Kerberos applications library provides an interface for application clients and application servers.

Encryption in Kerberos is based on DES, the Data Encryption Standard. The encryption library implements those routines. Several methods of encryption are provided, with tradeoffs between speed and security. An extension to the DES Cipher Block Chaining (CBC) mode, called the Propagating CBC mode, is also provided. In CBC, an error is propagated only through the current block of the cipher. The encryption library is an independent module, and may be replaced with other DES implementations or a different encryption library.

Another replaceable module is the database management system. The current Athena implementation of the database library uses ndbm, although Ingres was originally used. Other database management libraries could be used as well.

The Kerberos database needs are straightforward; a record is held for each principal, containing the name, private key, and expiration date of the principal, along with some administrative information.

The Kerberos servers use the database library, as do the tools for administering the database.

The administration server or KDBM server provides a read-write network interface to the database. The client side of the program may be run on any machine on the network. The server side, however, must run on the machine housing the Kerberos database in order to make changes to the database.

The authentication server or Kerberos server performs read-only operations on the Kerberos database. Since this server does not modify the Kerberos database, it may run on a machine housing a read-only copy of the master Kerberos database.

Database propagation software manages replication of the Kerberos database. It is possible to have copies of the database on several different machines, with a copy of the authentication server running on each machine. Each of these slave machines receives an update of the Kerberos database from the master machine at given intervals.


The internet is not a secured place. It has security problems and as the technology of security increases, the more advance the security of network is breached. Websites are secured with new implementation but how much do it really take main priority in saving our secret information. Kerberos gives a credible solution as Kerberos is a technology that allows for strong authentication in open, distributed networks. Kerberos meets the requirements of modern distributed systems. It was developed in response to a well defined and clearly thought through set of requirements for secure authentication in an open environment with insecure communications links. Kerberos is architecturally sound. It is designed around a clear set of architectural and functional abstractions; that architectural soundness has allowed it to evolve over time, and make it easy to integrate it into other systems. This same architectural soundness makes it easy to analyze how Kerberos will behave Kerberos is already in place. Kerberos is already integrated into most popular operating systems and many widely-used software applications. Besides that it gives an edge for authentication as it is more secure, more flexible, and more efficient. Most problem of network security issues starts from authentication, Kerberos gives benefits in a way of delegated authentication. Kerberos protocol provides the information that a service needs to impersonate its client locally. However, some distributed applications are designed so that a front-end service must impersonate clients when connecting to back-end services on other computers. The Kerberos protocol includes a proxy mechanism that enables a service to impersonate its client when connecting to other services.

Kerberos is interoperability Kerberos V5 protocol is based on standards-track specifications that are recommended to the Internet Engineering Task Force (IETF). Finally the Kerberos gives an mutual authentication by using the Kerberos protocol, a party at either end of a network connection can verify that the party on the other end is the entity it claims to be. The Kerberos V5 protocol makes no such assumption.


In a non-networked personal computing environment, resources and information can be protected by physically securing the personal computer. In a timesharing computing environment, the operating system protects users from one another and controls resources. In order to determine what each user is able to read or modify, it is necessary for the timesharing system to identify each user. This is accomplished when the user logs in.

In a network of users requiring services from many separate computers, there are three approaches one can take to access control:

One can do nothing, relying on the machine to which the user is logged in to prevent unauthorized access;

One can require the host to prove its identity, but trust the host's word as to who the user is; or

One can require the user to prove her/his identity for each required service.

In a closed environment where all the machines are under strict control, one can use the first approach. When the organization controls all the hosts communicating over the network, this is a reasonable approach.

In a more open environment, one might selectively trust only those hosts under organizational control. In this case, each host must be required to prove its identity. The rlogin and rsh programs use this approach. In those protocols, authentication is done by checking the Internet address from which a connection has been established.

In the Athena environment, we must be able to honor requests from hosts that are not under organizational control. Users have complete control of their workstations: they can reboot them, bring them up standalone, or even boot off their own tapes.

Our environment places several requirements on an identification mechanism.

First, it must be secure. Circumventing it must be difficult enough that a potential attacker does not find the authentication mechanism to be the weak link.

Second, it must be reliable. Access to many services will depend on the authentication service. If it is not reliable, the system of services as a whole will not be.

Third, it should be transparent. Ideally, the user should not be aware of authentication taking place.

Finally, it should be scalable. Many systems can communicate with Athena hosts. Not all of these will support our mechanism, but software should not break if they did.

Kerberos is the result of our work to satisfy the above requirements. The security of Kerberos relies on the security of several authentication servers. The authentication server provides a properly authenticated user with a way to prove her/his identity to servers scattered across the network.


Kerberos is an appropriate option for some network communication environments. As an alternative authentication protocol strategy, Kerberos addresses security vulnerabilities that other protocols cannot. With a proper understanding of its strengths and vulnerabilities, one can implement the protocol with confidence, at low cost, and with high efficiency. As a publicly shared protocol, it is likely to remain useful. In summary, the Kerberos protocol is, for some environments, a superior alternative to public-key, certificate-based authentication systems, such as SSL.