This is a brief description of the kerberos protocol, which is used for secure, validated communications between parties in a computer network. For a more complete description, refer to rfc1510. For the purposes of this document, it is assumed that a client/server environment between several computers exists, and that a symmetric ( single, secret key ) encryption algorithm has been chosen for use in the protocol.
A trusted server is established within a group of clients and servers. The trusted server will issue secret keys to each client and server, keys that will be known only to the individual client or server and the trusted server.
When the client wishes to connect to a particular server, the client sends a request to the trusted server. The trusted server replies to the client, sending them a "session key" and a "ticket" and this message is encrypted using the client’s secret key. The trusted server knows that only the client will be able to decipher the message, because the message is encrypted using the client’s secret key. The client knows the message came from the trusted server because the message is encrypted using the client’s secret key.
The client deciphers the message, and now has a session key that it will use to encrypt communications with the desired server, and a ticket. The session key will only be good for this particular session with the desired server, and cannot be reused. The client also has a "ticket" that is sent to the desired server.
The desired server receives the ticket, which has been encrypted with the desired server’s secret key ( encrypted by the trusted server, which knows the desired server’s secret key ). This encryption prevents the client from creating a forged ticket, since only the trusted server and the desired server know the desired server’s secret key. The desired server decrypts the ticket, which contains the session key, and the identity of the client, in the form of a "certificate." The desired server can validate the identity of the client with the trusted server, using the certificate.
The client can now connect with the desired server using the session
key to encrypt the communication. Both the client and the desired
server are certain that their connection is secure, and that their identities
have been validated.
Click here to go back to Mad Cow !