Academic Commons

Articles

Limitations of the Kerberos Authentication System

Bellovin, Steven Michael; Merritt, Michael

The Kerberos authentication system, a part of MIT's Project Athena, has been adopted by other organizations. Despite Kerberos's many strengths, it has a number of limitations and some weaknesses. Some are due to specifics of the MIT environment; others represent deficiencies in the protocol design. We discuss a number of such problems, and present solutions to some of them. We also demonstrate how special-purpose cryptographic hardware may be needed in some cases.

Subjects

Files

More Information

Academic Units
Computer Science

Notes

Proceedings of the Winter 1991 USENIX Conference: January 21-January 25, 1991, Dallas, Tex., USA (Berkeley, CA: USENIX Association, 1991), pp. 253-267.

Academic Commons provides global access to research and scholarship produced at Columbia University, Barnard College, Teachers College, Union Theological Seminary and Jewish Theological Seminary. Academic Commons is managed by the Columbia University Libraries.