Kerberos Authentication Protocol (V5) -- RFC 1510

Subject: Kerberos Authentication Protocol (V5) -- RFC 1510
Author: Alex_Raj
Posted on: 11/08/2006 06:47:42 PM

The authentication process proceeds as follows: A client sends a request to the authentication server (AS) requesting "credentials" for a given server. The AS responds with these credentials, encrypted in the client's key. The credentials consist of 1) a "ticket" for the server and 2) a temporary encryption key (often called a "session key"). The client transmits the ticket (which contains the client's identity and a copy of the session key, all encrypted in the server's key) to the server. The session key (now shared by the client and server) is used to authenticate the client, and may optionally be used to authenticate the server. It may also be used to encrypt further communication between the two parties or to exchange a separate sub-session key to be used to encrypt further communication.

The Kerberos protocol consists of several sub-protocols (or exchanges):

AS -- The Authentication Service Exchange

TGS-- The Ticket-Granting Service Exchange

CS -- The Client/Server Authentication Exchange

Replies:

AS -- The Authentication Service Exchange Alex_Raj 11/08/2006 07:10:51 PM
TGS-- The Ticket-Granting Service Exchange Alex_Raj 11/08/2006 07:23:27 PM
CS -- The Client/Server Authentication Exchange Alex_Raj 11/08/2006 07:32:55 PM
Kerberos Authentication Error Codes Alex_Raj 11/08/2006 07:48:43 PM

References:

Next Post: AS -- The Authentication Service Exchange Alex_Raj 11/08/2006 07:10:51 PM
Previous Post: DIGEST-MD5 HTTP Authentication authen 08/07/2006 01:09:46 AM
Next Topic: Parse URL or Query String using JavaScript WebSpider 12/13/2006 03:45:32 PM
Previous Topic: DIGEST-MD5 HTTP Authentication authen 08/07/2006 01:09:46 AM
Index: by Date
Index: by Topic