Limitations of the Kerberos Authentication System

Bellovin, Steven Michael; Merritt, Michael

The Kerberos authentication system, a part of MIT's Project Athena, has been adopted by other organizations. Despite Kerberos's many strengths, it has a number of limitations and some weaknesses. Some are due to specifics of the MIT environment; others represent deficiencies in the protocol design. We discuss a number of such problems, and present solutions to some of them. We also demonstrate how special-purpose cryptographic hardware may be needed in some cases.



More About This Work

Academic Units
Computer Science
Published Here
June 28, 2010


Proceedings of the Winter 1991 USENIX Conference: January 21-January 25, 1991, Dallas, Tex., USA (Berkeley, CA: USENIX Association, 1991), pp. 253-267.