The Kerberos authentication process involves 6 steps: 1. The client requests a ticket-granting ticket (TGT) from the authentication server (AS). 2. The AS issues the client a TGT encrypted with the ticket-granting service (TGS) key. 3. The client uses the TGT to request a service ticket from the TGS for a particular service. 4. The TGS returns a service ticket encrypted with the service's key and the client/TGS session key to the client. 5. The client presents the service ticket to the service to request access. 6. Upon verification, the service provides access to the client.

1. KERBEROS AUTHENTICATION PROCESSBYAjinkyaPatil

2. Authentication Process1. Request TGTAS2. TGT Key distribution centerTGS3. Request Service Ticket4. Service Ticket Sent5. Service Ticket PresentedCLIENT MACHINESERVICE SERVER6. Telnet Communication Channel

3. Step I (Request TGT)Client enters the credentials User ID and Password

4. Client Machine performs a Hash Function on PASSWORD.

5. Client sends User ID to the AS (Authentication Server) in clear-text.Step II (TGT sent)AS creates the Hash of PASSWORD (SECRET KEY).

6. AS sends 2 messages to client machine:

7. Message A:

8. Message B:Step II continuedTGT encrypted using TGS secret key.

9. TGS sends Message A & B to Client.

10. Client Machine is able to decrypt the Messages A only if SECRET KEY (password) is correct.

11. Client machine has Client/ TGS session Key.

12. Client cannot decrypt the Message B.Step III (Service Ticket Request)Message C: (Message B & service ID)

13. Message D: