14.2 Kerberos Authentication Attacks

Previous page
Table of content
Next page
 <  Day Day Up  >  

In Windows 2003 Server, Microsoft's implementation of Kerberos v5 is the default network protocol for authentication within a domain. The Kerberos v5 protocol verifies the identity of both the user and the network services. This dual verification is known as mutual authentication.

The Kerberos protocol was initially developed in the 1980s at the Massachusetts Institute of Technology in a project known as Athena . The name Kerberos ( Cerberus in Latin) comes from the mythical three-headed dog that guards the entrance to Hades. The goal of the project was to design authentication, authorization, and auditing services (all three heads of Kerberos). However, they only implemented authentication services.

Microsoft's implementation of Kerberos includes all three heads: authentication, authorization, and auditing. Kerberos provides strong authentication methods for client/server applications in distributed environments by taking advantage of shared secret key cryptography and multiple validation technologies.

This section reviews the components that comprise Kerberos under Windows 2003 Server, in addition to the authentication process. We also point out known attacks against Kerberos (although they are not specific to a Windows environment).

 <  Day Day Up  >  

Previous page
Table of content
Next page
Security Warrior
Security Warrior
ISBN: 0596005458
EAN: 2147483647
Year: 2004
Pages: 211
Authors: Cyrus Peikari, Anton Chuvakin
BUY ON AMAZON
CISSP Exam Cram 2
Metrics and Models in Software Quality Engineering (2nd Edition)
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More
101 Microsoft Visual Basic .NET Applications
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy