To search, Click below search items.


All Published Papers Search Service


A Network Authentication Protocol Based on Kerberos


Eman El-Emam, Magdy Koutb, Hamdy Kelash, Osama Farag Allah


Vol. 9  No. 8  pp. 17-26


We will focus on cryptographic protocols intended to achieve authentication over the networks. We aim to design a user authentication protocol that is not susceptible to password guessing attacks. We will present an authentication protocol based on the widely deployed Kerberos protocol with a little modification in the Kerberos database. The proposed protocol will be independent of the user password. The KDC will generate the realm principle secret key based on a saved profile in its database. The KDC will save a profile for every instance in the realm that it mange. This profile will be hashed and then, the output digest will be encrypted to generate the secret key. The lifetime of the secret key will be controlled using the system lifetime. By this way, we will overcome the weak passwords chosen by the network principal that are susceptible to password guessing attacks, the main drawback of the Kerberos protocol. In our implementation, we will use Triple-Des as an encryption algorithm, SHA-256 as a hashing algorithm, and Blum Blum Shub as a random number generator algorithm.


Access control, authentication, authorization, computer network security, Kerberos, protocols