SlideShare a Scribd company logo

Gunaspresentation1

Download as PPT, PDF
A
anchalaguna
Technology
1 of 21
By A.GUNA SEKHAR
Context 1  Introduction 2  Aims 3  Definition of components and terms   3.1  Realm     3.2  Principal     3.3  Ticket     3.4  Encryption     3.5  Key Distribution Center (KDC) 4  Kerberos Operation    5  How does Kerberos Work 5.1 TGT (Ticket Granting Ticket) 5.2 TGS (Ticket Granting Service) 5.3 AS (Application Server) 6. Applications 7. Weakness and Solutions
Introduction • Network authentication protocol • Developed at MIT in the mid 1980s • Available as open source or in supported commercial software • Kerberos means dogs in Greek Mythology • This is standard for
Why Kerberos • Sending usernames and passwords in the clear security problem may raise • Each time a password is sent in the clear, there is a chance for interception. • Server stores the password • Client stores the password and name
Aims of Kerberos • Password must never travel over network • Password never stored in the client in any format. It will discarded Immediately • Password never stored in server in an unencrypted format • User id and password may enter only once per session • When a user changes its password, it is changed for all services at the same time
Firewall vs. Kerberos? • Firewalls make a risky assumption: that attackers are coming from the outside. In reality, attacks frequently come from within. • Kerberos assumes that network connections (rather than servers and work stations) are the weak link in network
Terminology we have to know before knowing working of Kerberos
Realm • It indicates Authentication Administrative Domain • It is used to provide trust relation ship Between client and server and domain and sub domain •  a user/service belongs to a realm if and only if he/it shares a secret (password/key) with the authentication server of that realm.
Principal • The name is used to give entries in the authentication server data base • Principle in Kerberos V will be like this component1/component2/.../componentN@REALM • The instance is optional and is normally used to better qualify
Tickets • Tickets are issued by the authentication server • these are encrypted using the secret key of the service they are intended for •  this key is a secret shared only between the authentication server and the server providing the service, not even the client which requested the ticket can know it or change its contents
Ticket • The requesting user's principal(username); • The principal of the service it is intended; • The IP address of the client machine from which the ticket can be used. • The date and time (in timestamp format) when the
Encryption • Kerberos needs to encrypt and decrypt the messages (tickets and authenticators) passing between the various participants in the authentication •  Kerberos uses only symmetrical key encryption 
 Key Distribution Center (KDC) • The authentication server in a Kerberos environment, based on its ticket distribution function for access to the services, is called Key Distribution Center • KDC Contains the following : Database Authentication Server Time granting server 
Kerberos Operation
How does Kerberos work?: Ticket Granting Tickets
How does Kerberos Work?: The Ticket Granting Service
How does Kerberos work?: The Application Server
plications • Authentication • Authorization • Confidentiality • Within networks and small sets of networks
Weaknesses and Solutions If TGT stolen, can be Only a problem used to access until ticket network services. expires in a few hours. Subject to dictionary Timestamps attack. require hacker to guess in 5 minutes. Very bad if Physical Authentication Server protection for the compromised. server.
Questions?
THANK YOU

Recommended

Kerberos
KerberosKerberos
Kerberos
Prafull Johri
 
Kerberos explained
Kerberos explainedKerberos explained
Kerberos explained
Dotan Patrich
 
Kerberos
KerberosKerberos
Kerberos
Mohanasundaram Nattudurai
 
Kerberos
KerberosKerberos
Kerberos
Sutanu Paul
 
Kerberos authentication
Kerberos authenticationKerberos authentication
Kerberos authentication
Suraj Singh
 
Kerberos ppt
Kerberos pptKerberos ppt
Kerberos ppt
OECLIB Odisha Electronics Control Library
 
Kerberos presentation
Kerberos presentationKerberos presentation
Kerberos presentation
Chris Geier
 
Kerberos protocol
Kerberos protocolKerberos protocol
Kerberos protocol
Ajit Dadresa
 

Recommended

Kerberos
KerberosKerberos
Kerberos
Prafull Johri
 
Kerberos explained
Kerberos explainedKerberos explained
Kerberos explained
Dotan Patrich
 
Kerberos
KerberosKerberos
Kerberos
Mohanasundaram Nattudurai
 
Kerberos
KerberosKerberos
Kerberos
Sutanu Paul
 
Kerberos authentication
Kerberos authenticationKerberos authentication
Kerberos authentication
Suraj Singh
 
Kerberos ppt
Kerberos pptKerberos ppt
Kerberos ppt
OECLIB Odisha Electronics Control Library
 
Kerberos presentation
Kerberos presentationKerberos presentation
Kerberos presentation
Chris Geier
 
Kerberos protocol
Kerberos protocolKerberos protocol
Kerberos protocol
Ajit Dadresa
 
Using Kerberos
Using KerberosUsing Kerberos
Using Kerberos
anusachu .
 
Kerberos
KerberosKerberos
Kerberos
Sparkbit
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case study
Mayuri Patil
 
Kerberos Authentication Protocol
Kerberos Authentication ProtocolKerberos Authentication Protocol
Kerberos Authentication Protocol
Bibek Subedi
 
Deep Dive In To Kerberos
Deep Dive In To KerberosDeep Dive In To Kerberos
Deep Dive In To Kerberos
Ishan A B Ambanwela
 
Kerberos Authentication Process In Windows
Kerberos Authentication Process In WindowsKerberos Authentication Process In Windows
Kerberos Authentication Process In Windows
niteshitimpulse
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
Vidulatiwari
 
SSO with kerberos
SSO with kerberosSSO with kerberos
SSO with kerberos
Claudia Rosu
 
An Introduction to Kerberos
An Introduction to KerberosAn Introduction to Kerberos
An Introduction to Kerberos
Shumon Huque
 
Kerberos (1)
Kerberos (1)Kerberos (1)
Kerberos (1)
Ana Salas Elizondo
 
Kerberos
KerberosKerberos
Kerberos
Rahul Pundir
 
Kerberos
KerberosKerberos
Kerberos
Sudeep Shouche
 
Kerberos part 1
Kerberos part 1Kerberos part 1
Kerberos part 1
Spencer Harbar
 
Rakesh raj
Rakesh rajRakesh raj
Rakesh raj
DBNCOET
 
Kerberos
KerberosKerberos
Kerberos
IAM IAM
 
Kerberos
KerberosKerberos
Kerberos
RafatSamreen
 
Kerberos and its application in cross realm operations
Kerberos and its application in cross realm operationsKerberos and its application in cross realm operations
Kerberos and its application in cross realm operations
Arunangshu Bhakta
 
SPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival GuideSPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival Guide
J.D. Wade
 
kerberos
kerberoskerberos
kerberos
sameer farooq
 
Kerberos
KerberosKerberos
Kerberos
AJINKYA PATIL
 
Why is email security important?
Why is email security important?Why is email security important?
Why is email security important?
NeoCertified
 
Email Security and Awareness
Email Security and AwarenessEmail Security and Awareness
Email Security and Awareness
Sanjiv Arora
 

More Related Content

What's hot

Kerberos Authentication Protocol
Kerberos Authentication ProtocolKerberos Authentication Protocol
Kerberos Authentication Protocol
Bibek Subedi
 
Kerberos Authentication Process In Windows
Kerberos Authentication Process In WindowsKerberos Authentication Process In Windows
Kerberos Authentication Process In Windows
niteshitimpulse
 
Kerberos
KerberosKerberos
Kerberos
IAM IAM
 
Kerberos and its application in cross realm operations
Kerberos and its application in cross realm operationsKerberos and its application in cross realm operations
Kerberos and its application in cross realm operations
Arunangshu Bhakta
 
SPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival GuideSPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival Guide
J.D. Wade
 

What's hot (20)

Using Kerberos
Using KerberosUsing Kerberos
Using Kerberos
 
Kerberos
KerberosKerberos
Kerberos
 
Kerberos case study
Kerberos case studyKerberos case study
Kerberos case study
 
Kerberos Authentication Protocol
Kerberos Authentication ProtocolKerberos Authentication Protocol
Kerberos Authentication Protocol
 
Deep Dive In To Kerberos
Deep Dive In To KerberosDeep Dive In To Kerberos
Deep Dive In To Kerberos
 
Kerberos Authentication Process In Windows
Kerberos Authentication Process In WindowsKerberos Authentication Process In Windows
Kerberos Authentication Process In Windows
 
Kerberos : An Authentication Application
Kerberos : An Authentication ApplicationKerberos : An Authentication Application
Kerberos : An Authentication Application
 
SSO with kerberos
SSO with kerberosSSO with kerberos
SSO with kerberos
 
An Introduction to Kerberos
An Introduction to KerberosAn Introduction to Kerberos
An Introduction to Kerberos
 
Kerberos (1)
Kerberos (1)Kerberos (1)
Kerberos (1)
 
Kerberos
KerberosKerberos
Kerberos
 
Kerberos
KerberosKerberos
Kerberos
 
Kerberos part 1
Kerberos part 1Kerberos part 1
Kerberos part 1
 
Rakesh raj
Rakesh rajRakesh raj
Rakesh raj
 
Kerberos
KerberosKerberos
Kerberos
 
Kerberos
KerberosKerberos
Kerberos
 
Kerberos and its application in cross realm operations
Kerberos and its application in cross realm operationsKerberos and its application in cross realm operations
Kerberos and its application in cross realm operations
 
SPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival GuideSPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival Guide
 
kerberos
kerberoskerberos
kerberos
 
Kerberos
KerberosKerberos
Kerberos
 

Viewers also liked

Why is email security important?
Why is email security important?Why is email security important?
Why is email security important?
NeoCertified
 
E-mail Security in Network Security NS5
E-mail Security in Network Security NS5E-mail Security in Network Security NS5
E-mail Security in Network Security NS5
koolkampus
 
FireWall
FireWallFireWall
FireWall
rubal_9
 

Viewers also liked (11)

Why is email security important?
Why is email security important?Why is email security important?
Why is email security important?
 
Email Security and Awareness
Email Security and AwarenessEmail Security and Awareness
Email Security and Awareness
 
Transport layer security (tls)
Transport layer security (tls)Transport layer security (tls)
Transport layer security (tls)
 
E-mail Security in Network Security NS5
E-mail Security in Network Security NS5E-mail Security in Network Security NS5
E-mail Security in Network Security NS5
 
Pgp pretty good privacy
Pgp pretty good privacyPgp pretty good privacy
Pgp pretty good privacy
 
Secure electronic transaction (set)
Secure electronic transaction (set)Secure electronic transaction (set)
Secure electronic transaction (set)
 
CRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITYCRYPTOGRAPHY AND NETWORK SECURITY
CRYPTOGRAPHY AND NETWORK SECURITY
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Simulation and Modeling
Simulation and ModelingSimulation and Modeling
Simulation and Modeling
 
Modelling and simulation
Modelling and simulationModelling and simulation
Modelling and simulation
 
FireWall
FireWallFireWall
FireWall
 

Similar to Gunaspresentation1

BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3
limsh
 
Kerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .NetKerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .Net
J.D. Wade
 
Kerberos survival guide
Kerberos survival guideKerberos survival guide
Kerberos survival guide
J.D. Wade
 
Kerberos Architecture.pptx
Kerberos Architecture.pptxKerberos Architecture.pptx
Kerberos Architecture.pptx
Shashwat Shriparv
 

Similar to Gunaspresentation1 (20)

BAIT1103 Chapter 3
BAIT1103 Chapter 3BAIT1103 Chapter 3
BAIT1103 Chapter 3
 
Kerberos survival guide-STL 2015
Kerberos survival guide-STL 2015Kerberos survival guide-STL 2015
Kerberos survival guide-STL 2015
 
Kerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .NetKerberos Survival Guide - St. Louis Day of .Net
Kerberos Survival Guide - St. Louis Day of .Net
 
Kerberos survival guide
Kerberos survival guideKerberos survival guide
Kerberos survival guide
 
Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication Lecture 9 key distribution and user authentication
Lecture 9 key distribution and user authentication
 
Kerberos Survival Guide: SharePoint Saturday Nashville 2015
Kerberos Survival Guide: SharePoint Saturday Nashville 2015Kerberos Survival Guide: SharePoint Saturday Nashville 2015
Kerberos Survival Guide: SharePoint Saturday Nashville 2015
 
SharePoint Saturday Kansas City - Kerberos Survival Guide
SharePoint Saturday Kansas City - Kerberos Survival GuideSharePoint Saturday Kansas City - Kerberos Survival Guide
SharePoint Saturday Kansas City - Kerberos Survival Guide
 
Kerberos Architecture.pptx
Kerberos Architecture.pptxKerberos Architecture.pptx
Kerberos Architecture.pptx
 
6. Kerberos.ppt
6. Kerberos.ppt6. Kerberos.ppt
6. Kerberos.ppt
 
Kerberos Survival Guide: Columbus 2015
Kerberos Survival Guide: Columbus 2015Kerberos Survival Guide: Columbus 2015
Kerberos Survival Guide: Columbus 2015
 
Kerberos Survival Guide: SharePointalooza
Kerberos Survival Guide: SharePointaloozaKerberos Survival Guide: SharePointalooza
Kerberos Survival Guide: SharePointalooza
 
Null talk
Null talkNull talk
Null talk
 
Kerberos Architecture.pptx
Kerberos Architecture.pptxKerberos Architecture.pptx
Kerberos Architecture.pptx
 
KMS at Okta - Intermediate Level
KMS at Okta - Intermediate LevelKMS at Okta - Intermediate Level
KMS at Okta - Intermediate Level
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
kerb.ppt
kerb.pptkerb.ppt
kerb.ppt
 
In the Wake of Kerberoast
In the Wake of KerberoastIn the Wake of Kerberoast
In the Wake of Kerberoast
 
Elliptic curve cryptography
Elliptic curve cryptographyElliptic curve cryptography
Elliptic curve cryptography
 
CT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocolCT UNIT 5 Session 3.ppt User authentication and kerberos protocol
CT UNIT 5 Session 3.ppt User authentication and kerberos protocol
 
Walking the Bifrost: An Operator's Guide to Heimdal & Kerberos on macOS
Walking the Bifrost: An Operator's Guide to Heimdal & Kerberos on macOSWalking the Bifrost: An Operator's Guide to Heimdal & Kerberos on macOS
Walking the Bifrost: An Operator's Guide to Heimdal & Kerberos on macOS
 

Recently uploaded

Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
UXDXConf
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
Femke de Vroome
 

Recently uploaded (20)

Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
ASRock Industrial FDO Solutions in Action for Industrial Edge AI _ Kenny at A...
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdfHow Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
How Red Hat Uses FDO in Device Lifecycle _ Costin and Vitaliy at Red Hat.pdf
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Strategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering TeamsStrategic AI Integration in Engineering Teams
Strategic AI Integration in Engineering Teams
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Top 10 Symfony Development Companies 2024
Top 10 Symfony Development Companies 2024Top 10 Symfony Development Companies 2024
Top 10 Symfony Development Companies 2024
 
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdfAgentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdfIntroduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
Introduction to FDO and How It works Applications _ Richard at FIDO Alliance.pdf
 

Gunaspresentation1

  • 1. By A.GUNA SEKHAR
  • 2. Context 1  Introduction 2  Aims 3  Definition of components and terms   3.1  Realm     3.2  Principal     3.3  Ticket     3.4  Encryption     3.5  Key Distribution Center (KDC) 4  Kerberos Operation    5  How does Kerberos Work 5.1 TGT (Ticket Granting Ticket) 5.2 TGS (Ticket Granting Service) 5.3 AS (Application Server) 6. Applications 7. Weakness and Solutions
  • 3. Introduction • Network authentication protocol • Developed at MIT in the mid 1980s • Available as open source or in supported commercial software • Kerberos means dogs in Greek Mythology • This is standard for
  • 4. Why Kerberos • Sending usernames and passwords in the clear security problem may raise • Each time a password is sent in the clear, there is a chance for interception. • Server stores the password • Client stores the password and name
  • 5. Aims of Kerberos • Password must never travel over network • Password never stored in the client in any format. It will discarded Immediately • Password never stored in server in an unencrypted format • User id and password may enter only once per session • When a user changes its password, it is changed for all services at the same time
  • 6. Firewall vs. Kerberos? • Firewalls make a risky assumption: that attackers are coming from the outside. In reality, attacks frequently come from within. • Kerberos assumes that network connections (rather than servers and work stations) are the weak link in network
  • 7. Terminology we have to know before knowing working of Kerberos
  • 8. Realm • It indicates Authentication Administrative Domain • It is used to provide trust relation ship Between client and server and domain and sub domain •  a user/service belongs to a realm if and only if he/it shares a secret (password/key) with the authentication server of that realm.
  • 9. Principal • The name is used to give entries in the authentication server data base • Principle in Kerberos V will be like this component1/component2/.../componentN@REALM • The instance is optional and is normally used to better qualify
  • 10. Tickets • Tickets are issued by the authentication server • these are encrypted using the secret key of the service they are intended for •  this key is a secret shared only between the authentication server and the server providing the service, not even the client which requested the ticket can know it or change its contents
  • 11. Ticket • The requesting user's principal(username); • The principal of the service it is intended; • The IP address of the client machine from which the ticket can be used. • The date and time (in timestamp format) when the
  • 12. Encryption • Kerberos needs to encrypt and decrypt the messages (tickets and authenticators) passing between the various participants in the authentication •  Kerberos uses only symmetrical key encryption 
  • 13.  Key Distribution Center (KDC) • The authentication server in a Kerberos environment, based on its ticket distribution function for access to the services, is called Key Distribution Center • KDC Contains the following : Database Authentication Server Time granting server 
  • 15. How does Kerberos work?: Ticket Granting Tickets
  • 16. How does Kerberos Work?: The Ticket Granting Service
  • 17. How does Kerberos work?: The Application Server
  • 18. plications • Authentication • Authorization • Confidentiality • Within networks and small sets of networks
  • 19. Weaknesses and Solutions If TGT stolen, can be Only a problem used to access until ticket network services. expires in a few hours. Subject to dictionary Timestamps attack. require hacker to guess in 5 minutes. Very bad if Physical Authentication Server protection for the compromised. server.