#technology #authentication

idea

Kerberos is a way to manage authentication and authorization using symmetric encryption, without key exchange (so no public key).

The general concept is to use a trusted third party to handle key management: the Kerberos Domain Controller. Each client in the network has a common key with the KDC used to secure communication, access to resources is granted by by a unique key (ticket) obtained from the KDC.

graph TD
  A --> KDC[Kerberos Domain Controller]
  B --> KDC
  C --> KDC
  D --> KDC

KDC has two components: authentication server (S), and ticket granting server (T, or TGS).

Protocol goes is to authenticate and request access to some TGS. Authentication is a key $K_{AS}$ derived from the password. Reply from authentication server is encrypted with $K_{AS}$ and contains a temporary key $K_{AT}$ to authorize communication with the TGS, some lifetime information $LT$, plus a "ticket granting ticket" $TGT$ which allows to get more key in the future, itself encrypted with $K_{ST}$ which is a common key between the authentication and ticket granting server, unreadable by client.

graph LR
  A(["A Client"])
  A -- "1. Kas(Password, TGS)" --> S
  S -- "2. Kas(Kat, LT) <br/>and TGT=Kst(Kat, LT)" --> A
  subgraph KDC
    S["Authentication Server"]
    T["Ticket Granting Server"]
  end

When the client A requires access to a resource B, it sends a message to the Ticket Granting Server with the access request encrypted by $K_{AT}$, alongside the $TGT$.

The TGS validates authorization, and returns $K_{AB}$ to encrypt communication, and a ticket encrypted with $K_{BT}$ to the client, which is a key known only to B and the TGS.

graph LR
  A(["A Client"])
  A -- "1. Kat(B) <br/>and TGT=Kst(Kat, LT)" --> T
  T -- "2. Validates authorization" --> T
  T -- "3. Kab(LT) <br/>and Kbt(LT)" --> A
  subgraph KDC
    S["Authentication Server"]
    T["Ticket Granting Server"]
  end

Then the client can communicate to the resource by using $K_{AB}$ and the ticket encrypted with $K_{BT}$. The server validates that the ticket is correct and grants the request, since it is encrypted with a key that could be obtained only if authorization was successful.

graph LR
  A(["A Client"])
  B(["B Server"])
  A -- "Kab(request) <br/>and Ticket=Kbt(LT)" --> B

notes

Kerberos is named after a mythological three headed dog.

links

references

Youtube - Computerphile / Taming Kerberos