Table of content

1 - What is Kerberos ?

Kerberos is the result of an effort by the MIT, known as Project Athena. It started in May 1983, and resulted in many internal versions at the MIT, and finally, Kerberos V4 was openly released in January 1989. *Kerberos V5 is available since 1993.

Kerberos is a computer network authentication protocol, which provides a secure Single Sign On(SSO) based on a trusted third-party mutual authentication service.

  • It is secure because the user's password is never transmitted over the wire. Kerberos uses Tickets which are negociated with the server, with a limited time to live.

  • It is a SSO system, a single ticket can be used by all the services till its validity expires.

  • It acts as a trusted third party cause all the keys of users and services are managed by the Kerberos server.

  • It is a mutual authentication system that guarantees not only that the user is who he is pretending to be, but also because each user is guaranteed that the services he has access to are the expected services.

Kerberos is widely used in the Microsoft™ world, as all the authentication mechanisms on Microsoft™ are done through this protocol.