Risk Assessment Mitigation of Kerberos Protocol Using Public Key Cryptography

M.Muni Babu*, K.V.Siva Prasad Reddy**
*-** Lecturer, Department of Computer Science and Engineering, Jawarhalal Nehru Technological University, Andhra Pradesh, India.
Periodicity:August - October'2014
DOI : https://doi.org/10.26634/jcc.1.4.3191

Abstract

Kerberos is an authentication service, which provides security over the network. It assumes that the messages can be read, modified and fabricated by an intruder. It does not provide any security against breaches caused by buggy software or poor passwords. The original design and implementation of Kerberos V1 through V4 was the work of three former Athena Project staff members, Steve Miller of Digital Equipment Corporation and Clifford Neuman along with Jerome Saltzer, Technical Director of Project Athena, and Jeffrey Schiller, MIT Campus Network [1][8][10]. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. The Kerberos protocol uses Data Encryption Standard (DES) so that a client can prove its identity to a server (and vice versa) across an insecure network connection. Authentication is one of the important network security aspects nowadays in internet activity, a more secure application for authentication is fairly useful. Kerberos is an authentication service developed as part of Project Athena at MIT. In this paper, three proposed extensions to integrate public-key cryptography into Kerberos in cross realm are outlined and some basic performance comparisons are made between them and also comments were made on the major security issues related to public-key enhancements introduced to the Kerberos Authentication Protocol trust model. Here the authors have given brief introduction to Kerberos and, public-key cryptography is provided for those unfamiliar with these security systems.

Keywords

Kerberos, DES, MIT, PKINIT, Authentication.

How to Cite this Article?

Babu, M. M., and Reddy, K. V. S. P. (2014). Risk Assessment Mitigation of Kerberos Protocol Using Public Key Cryptography. i-manager’s Journal on Cloud Computing,1(4), 19-23. https://doi.org/10.26634/jcc.1.4.3191

References

[1]. J. Kohl, C. Neuman (1993). “The Kerberos Network Authentication Service (V5)”, September 1993, RFC 1510, ACM Digital Library.
[2]. Ian Downard, (2002). “Public-Key Cryptography Extensions into Kerberos”, University of Missouri-Rolla, Department of Electrical and Computer Engineering.
[3]. Carlo Baliello, Alessandro Basso, Cinzia Di Giusto, Hassan Khalil, Daniel Machancoses, (2002). “Kerberos protocol: an overview”, Distributed Systems Fall, pp. 1-12.
[4]. Farhana S. Munnee, Anirudh Jonnavitula, (2007).“Kerberos Using Public Key Cryptography”, GMUECE 646 Fall .
[5]. Harbitter, A. H., Menasce, D.A., (2001). “Performance of Public-key-enabled Kerberos authentication in large networks”, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001, pp. 170-83.
[6]. Downward, Ian (Naval Research Laboratory), (2002). “Public-key cr yptography extensions into kerberos”, IEEE Potentials, Vol. 21, No. 5, DEC/JAN, pp. 30- 34.
[7]. M. Bellovin and M. Merritt, (1994). “Limitations of the Kerberos authentication system”, Computer Commun. Rev., Vol.20, No. 5, pp.1 19-1 32.
[8]. William Stallings, (1999). “Cryptography and Network Security (Principle and Practice)”, Upper Saddle River N.J., Prentice Hall 1999.
[9]. Eman El-Emam, Magdy Koutb, Hamdy Kelash, and Osama Farag Allah, “An Optimized Kerberos Authentication Protocol”, 978 1-4244-5844-8/09, IEEE.
[10]. MIT Kerberos consortium, by the MIT Kerberos Consortium, 2008.
If you have access to this article please login to view the article or kindly login to purchase the article

Purchase Instant Access

Single Article

North Americas,UK,
Middle East,Europe
India Rest of world
USD EUR INR USD-ROW
Online 15 15

Options for accessing this content:
  • If you would like institutional access to this content, please recommend the title to your librarian.
    Library Recommendation Form
  • If you already have i-manager's user account: Login above and proceed to purchase the article.
  • New Users: Please register, then proceed to purchase the article.