Articles

Limitations of the Kerberos Authentication System

Bellovin, Steven Michael; Merritt, Michael

The Kerberos authentication system, a part of MIT's Project Athena, has been adopted by other organizations. Despite Kerberos's many strengths, it has a number of limitations and some weaknesses. Some are due to specifics of the MIT environment; others represent deficiencies in the protocol design. We discuss a number of such problems, and present solutions to some of them. We also demonstrate how special-purpose cryptographic hardware may be needed in some cases.

Subjects

Files

More About This Work

Academic Units
Computer Science
Published Here
June 28, 2010

Notes

Proceedings of the Winter 1991 USENIX Conference: January 21-January 25, 1991, Dallas, Tex., USA (Berkeley, CA: USENIX Association, 1991), pp. 253-267.