The Kerberos Network Authentication Service

Without knowledge of the identity of an individual requesting an operation, it is often difficult to decide whether the operation should be allowed. Traditional authentication methods are not suitable for use in computer networks where attackers can monitor network traffic and intercept passwords. The use of strong authentication methods that do not disclose passwords is imperative. The Kerberos authentication system supports strong authentication on such networks.

Links

Click here for IETF Kerberos working group web page.
Click here for the MIT Kerberos web page.

Documents, Papers, Specifications

C. Neuman, T. Yu, S. Hartman, K. Raeburn, The Kerberos Network Authentication System (RFC4120), July 2005.
K. Raeburn, Advanced Encryption Standard (AES) Encryption for Kerberos 5 (RFC3962), February 2005.
B. Clifford Neuman and Theodore Ts'o. Kerberos: An Authentication Service for Computer Networks, IEEE Communications, 32(9):33-38. September 1994.

This web page is maintained by USC's Center for Computer Systems Security