CSC8419 Assignment 2: Kerberos Authentication Protocols

Verified

Added on 2025/05/02

AI Summary

Desklib provides solved assignments and past papers to help students succeed.

CSC8419 - ASSIGNMENT 2
Understanding the Kerberos Systems and
Kerberos Authentication Protocols
Student Name:
Student ID:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Table of Contents
Introduction......................................................................................................................................3
Kerberos System & Application Protocols......................................................................................3
Kerberos Framework...................................................................................................................3
Kerberos Overview and Working................................................................................................4
Conclusion.......................................................................................................................................5
References........................................................................................................................................6

Introduction
For improving and maintaining the network security in the communication and business industry
various authentication mechanisms are usually coupled and integrated with powerful encryption
techniques. This coupling of authentication systems and encryption technique helps in providing
better security and effective control over unauthorized access and related attacks on any system.
There are many protocols developed to support such preventive measures for communication
security in computing systems.
In the report, a brief study and understanding on a one on such preventive mechanism will be
given. The mechanism chosen for this research report is the Kerberos mechanism which follows
a particular authentication protocol known by the name “Needham - Schroeder”. The report is
going to briefly describe various components and computational techniques used in the Kerberos
security mechanism (Kirsal-Ever et al., 2014).
Kerberos System & Application Protocols
It is an authentication protocol used in many security systems to ensure secure authentication and
system security. This protocol is structured on the symmetric cryptography of key used in the
authentication. Securing the computing networks and the connected system architectures are
becoming more and more important. In order to secure the information and knowledge resources
stored on various servers, it is important to have a strong authentication system. Kerberos is sub-
divided into two different elements, the KDC, and the TGS. The KDC is used for storing the
authentication information and the TGS stores the digitally developed ticket which is used to
identify clients and different servers.
Kerberos Framework
The framework consists of different components and changes in Kerberos to improve the
effectiveness and strength of Kerberos. The PKINIT and PKCROSS are two authentication draft
features introduced in Kerberos. The PKINIT provides specifications to define a way of
integrating the cryptography of the public-key into Kerberos. The key generated is used for
providing initial authentication to the client while interacting with the KDC and the PKCROSS is

an extension of this authorization. It provides authentication between internal components of the
KDC (Eneh, Gemikonakli & Comley 2013).
PKDA is a proposal that aims at removing the intermediate handlers and tasks in order to attain
high scalability and system security. PKDA can be understood as a Kerberos system which is
based on the use of public-keys in the distributed authentication process. The framework also
includes a protocol which couples the many properties and functionalities of Kerberos & the
“Key Exchange” techniques. These protocols are focused on responding effectively to different
security challenges. There was also a new strategy which included shutting down any kind of
access to servers in order to distribute the set of keys to the users. These keys are generated
randomly and the shut-down helps in the secure key transfer (Tbatou et al. 2016).
Kerberos Overview and Working
There are a lot of specifications provided and the authentication protocols are designed based on
these specifications. Still, these protocols are prone to several types of security attacks. Kerberos
protocols are frequently introduced to many decisions to solve the constraint systems. The
encrypted keys for user verification are termed as “Tickets” which is used to securely transport
the sessions through different networks. The communication model developed to establish secure
communication includes various steps between the Authentication-Server, the Application and
Ticket-Granting Server. The flow of information and the communication pattern is shown in the
below image (Al-Janabi & Rasheed 2011).
Figure 1: Overview of the Kerberos Authentication, Source: (Al-Janabi & Rasheed 2011)

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Conclusion
The research report contributes towards providing some information and topic understanding on
the Kerberos Authentication mechanism. There are a lot of authentication and security protocols
which forms the backbone of Kerberos. The key developed for the users and client servers are
used to provide multiple authentication steps in a system. The key generation is introduced
because the normal password-based authentications suffer a lot in maintaining a system’s
security. The integration of passwords along with the cryptographic keys provides an additional
security layer to Kerberos.
This research report is used to simplify the understanding of Kerberos and helps in identifying
various extensions which are based on public-keys. Introduction and heavy use of Public-Keys
affect the overall system performance. This report is a basic milestone to be covered before
completing a detailed analysis of Kerberos and the integrated authentication systems.

References
Kirsal-Ever, Y., Eneh, A., Gemikonakli, O. and Mostard, L. (2014). Analysing the Combined
Kerberos Timed Authentication Protocol and Frequent Key Renewal Using CSP and Rank
Functions. KSII Transactions on Internet and Information Systems, 8(12).
Tbatou, Z, Asimi, A, Asimi, Y, Sadqi, Y & Guezzaz, A 2016, "A New Mutuel Kerberos
Authentication Protocol for Distributed Systems", International Journal of Network Security, vol.
19, no. 6, pp. 889-898.
Al-Janabi, S & Rasheed, M 2011, "Public-Key Cryptography Enabled Kerberos Authentication",
Developments in E-systems Engineering.
Eneh, H, Gemikonakli, O & Comley, R 2013, SECURE ELECTRONIC COMMERCE
AUTHENTICATION PROTOCOLS IN ECONOMICALLY DEPRIVED COMMUNITIES, 1st
ed, London, pp. 2-11.
Ever, Y, Agozie, E, Gemikonakli, G & Mostarda, L 2014, "Analysing the Combined Kerberos
Timed Authentication Protocol and Frequent Key Renewal Using CSP and Rank Functions",
KSII Transactions on Internet and Information Systems, vol. 8, no. 12, pp. 4604-4623.