Limitations of the Kerberos Authentication System
The Kerberos authentication system, a part of MIT's Project Athena, has been adopted by other organizations. Despite Kerberos's many strengths, it has a number of limitations and some weaknesses. Some are due to specifics of the MIT environment; others represent deficiencies in the protocol design. We discuss a number of such problems, and present solutions to some of them. We also demonstrate how special-purpose cryptographic hardware may be needed in some cases.
- kerblimit.usenix.pdf application/pdf 77.6 KB Download File
- Academic Units
- Computer Science
Proceedings of the Winter 1991 USENIX Conference: January 21-January 25, 1991, Dallas, Tex., USA (Berkeley, CA: USENIX Association, 1991), pp. 253-267.