Cybercrime is an unfortunate fact of life today, regardless of whether we are talking about individual consumers or the business world in general. No company or organization is safe, and the problem is not going to get better any time soon. Experts predict that the damage caused by cybercrime will cost the world $6.1 trillion by 2021. On top of that, Forbes predicts that an increasing number of cybercriminals will use Artificial Intelligence (AI) to scale their attacks.
These predictions, and many others, point to the harsh reality that cybercrime is here to stay, and the problem is only going to get worse. As a result, the digital world is eager to find and employ new strategies to strengthen cybersecurity.
Today we are dealing with authentication protocols, specifically Kerberos. Let’s pull back the curtain and familiarize ourselves with this effective network protocol.
In this article you will learn the following topics in detail:
- What is kerberos?
- How does kerberos work?
- What is kerberos used for?
- Kerberos protocol flow summary
- Is kerberos infallible?
What is Kerberos and how does it work?
Kerberos is a computer network security protocol that authenticates service requests between two or more trusted hosts over an untrusted network, such as the Internet. It uses secret key cryptography and a trusted third party to authenticate client-server applications and verify the identity of users.
Initially developed by the Massachusetts Institute of Technology (MIT) for Project Athena in the late 1980s, Kerberos is now the default authorization technology used by Microsoft Windows. Kerberos implementations also exist for other operating systems such as Apple OS, FreeBSD, UNIX and Linux.
Microsoft released its version of Kerberos in Windows 2000, and it has become the protocol of choice for web sites and single sign-on implementations across different platforms. The Kerberos Consortium maintains Kerberos as an open source project.
The protocol is named after the legendary three-headed dog Kerberos (also known as Cerberus) of Greek myth, the canine guardian of the entrance to the underworld. Kerberos had a snake tail and a particularly bad temper and, despite one notable exception, was a very useful guardian.
But in the case of the protocol, the three Kerberos heads represent the client, the server and the Key Distribution Center (KDC). The latter functions as the trusted third-party authentication service.
Users, machines and services using Kerberos rely solely on the KDC, which functions as a single process that provides two functions: authentication and ticketing. KDC “tickets” provide authentication to all parties, allowing nodes to securely verify their identity. The Kerberos authentication process employs conventional shared-secret cryptography that prevents packets traveling over the network from being read or altered, as well as protecting messages from eavesdropping and replay attacks.
Now that we have learned what Kerberos is, let’s understand what Kerberos is used for.
What is Kerberos used for?
Although Kerberos is found throughout the digital world, it is widely used in secure systems that rely on reliable auditing and authentication functions. Kerberos is used in Posix authentication, and in Active Directory, NFS and Samba. It is also an alternative authentication system to SSH, POP and SMTP.
As part of the learning flow of what Kerberos is, we will now learn about the Kerberos protocol flow.
Kerberos protocol flow summary
Let’s take a closer look at what Kerberos authentication is and how it works, breaking it down into its main components.
These are the main entities involved in the typical Kerberos workflow:
- Customer. The customer acts on behalf of the user and initiates communication for a service request.
- Server. The server hosts the service that the user wants to access.
- Authentication Server (AS). The AS performs the desired client authentication. If the authentication is successful, the AS issues a ticket called TGT (Ticket Granting Ticket) to the client. This ticket assures the other servers that the client is authenticated.
- Key Distribution Center (KDC). In a Kerberos environment, the authentication server is logically divided into three parts: A database (db), the authentication server (AS) and the ticketing server (TGS). These three parts, in turn, exist on a single server called the Key Distribution Center (KDC).
- Ticket Granting Server (TGS). The TGS is an application server that issues service tickets as a service.
Now let’s break down the flow of the protocol.
First, there are three crucial secret keys involved in the Kerberos flow. There are unique secret keys for the client/user, the TGS, and the server shared with the AS.
- Client/user. Hash derived from the user’s password
- TGS secret key. Hash of the password used to determine the TGS.
- Server secret key. Hash of the password used to determine the server providing the service.
The flow of the protocol consists of the following steps:
Step 1: Initial client authentication request. The user requests a Ticket Granting Ticket (TGT) from the authentication server (AS). This request includes the client ID.
Step 2: The KDC verifies the customer’s credentials. The AS checks the database for the availability of the client and the TGS. If the AS finds both values, it generates a client/user secret key, using the hash of the user’s password.
Next, the AS calculates the TGS secret key and creates a session key (SK1) encrypted by the client/user secret key. Next, the AS generates a TGT containing the client ID, client network address, timestamp, time-to-live and SK1. Next, the TGT secret key encrypts the ticket.
Step 3: The client decrypts the message. The client uses the client/user’s secret key to decrypt the message and extract the SK1 and TGT, generating the authenticator that validates the client’s TGS.
Step 4: The client uses the TGT to request access. The client requests a ticket to the server offering the service by sending the extracted TGT and the created authenticator to the TGS.
Step 5: The KDC creates a ticket for the file server. Next, the TGS uses the TGS secret key to decrypt the TGT received from the client and extracts the SK1. The TGS decrypts the authenticator and checks if it matches the client ID and network address of the client. The TGS also uses the extracted timestamp to ensure that the TGT has not expired.
If the process performs all checks successfully, the KDC generates a service session key (SK2) that is shared between the client and the target server.
Finally, the KDC creates a service ticket that includes the client identifier, client network address, timestamp and SK2. This ticket is encrypted with the server’s secret key obtained from the database. The client receives a message containing the service ticket and SK2, all encrypted with SK1.
Step 6: The client uses the archive ticket to authenticate itself. The client decrypts the message using SK1 and extracts SK2. This process generates a new authenticator containing the client’s network address, client ID and timestamp, encrypted with SK2, and sends it along with the service ticket to the destination server.
Step 7: The target server receives decryption and authentication. The target server uses the server’s secret key to decrypt the service ticket and extract the SK2. The server uses SK2 to decrypt the authenticator, performing checks to ensure that the client ID and client network address of the authenticator and service ticket match. The server also checks the service ticket to see if it has expired.
Once the checks are satisfied, the destination server sends the client a message verifying that the client and server have authenticated each other. The user can now start a secure session.
Having come this far in learning what Kerberos is, let’s next look at the issue of whether Kerberos is foolproof.
Is Kerberos infallible?
No security measure is 100% impregnable, and Kerberos is no exception. Because it has been around for so long, hackers have had the opportunity over the years to find ways to circumvent it, usually by forging tickets, making repeated attempts to guess passwords (brute force/credential stuffing) and using malware to lower the encryption.
Despite this, Keberos remains the best security access protocol available today. The protocol is flexible enough to employ more robust encryption algorithms to help combat new threats, and if users practice good password choice policies, there should be no problems!
I hope you like this post and find it helpful.