Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Explain Kerberos like I'm 5

3,169 views

Published on

Slides are meant to be paired with the blog post: http://www.roguelynn.com/words/explain-like-im-5-kerberos

Published in: Technology
  • Be the first to comment

Explain Kerberos like I'm 5

  1. 1. KDC Clients Key Distribution Center Authentication You Server HTTP Ticket Granting Server service Kerberos RealmMonday, April 1, 13
  2. 2. Authentication You Server plaintext request your ID, Ticket Granting Server ID, IP address, lifetimeMonday, April 1, 13
  3. 3. Authentication You Server user ID lookup in KDCMonday, April 1, 13
  4. 4. Authentication You Server Ticket Granting Server Session Key HTTP service’s ID, timestamp, lifetime, TGS Session Key Ticket Granting Ticket your ID, HTTP service ID, IP address, timestamp, lifetime, and the TGS Session KeyMonday, April 1, 13
  5. 5. Authentication You Server Ticket Granting Server Session Key Your Secret Key Ticket Granting Ticket Ticket Granting Server Secret KeyMonday, April 1, 13
  6. 6. plaintext request HTTP Service ID and lifetime Ticket Granting You Server Authenticator your ID and timestamp Ticket Granting Ticket your ID, HTTP service ID, IP address, timestamp, lifetime, and the TGS Session KeyMonday, April 1, 13
  7. 7. Ticket Granting You Server user ID lookup in KDCMonday, April 1, 13
  8. 8. plaintext request Ticket Granting You Server Authenticator Ticket Granting Server Session Key Ticket Granting Ticket Ticket Granting Server Secret KeyMonday, April 1, 13
  9. 9. Ticket Granting You Server HTTP Service Session Key your client ID and timestamp Ticket for HTTP Service your ID, HTTP service ID, IP address, timestamp, lifetime, and the TGS Session KeyMonday, April 1, 13
  10. 10. Ticket Granting You Server HTTP Service Session Key Ticket Granting Server Session Key Ticket for HTTP Service HTTP Service Secret KeyMonday, April 1, 13
  11. 11. Ticket for HTTP Service your ID, HTTP service ID, IP address, You timestamp, lifetime, and the TGS Session Key HTTP service Authenticator your client ID and timestampMonday, April 1, 13
  12. 12. Ticket for HTTP Service HTTP Service Secret Key You HTTP service Authenticator HTTP Service Session KeyMonday, April 1, 13
  13. 13. You Authenticator HTTP HTTP service ID and timestamp serviceMonday, April 1, 13
  14. 14. You Authenticator HTTP HTTP Service Session Key serviceMonday, April 1, 13
  15. 15. You HTTP serviceMonday, April 1, 13

×