Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

Skip to main content



Kerberos definition

Kerberos is a computer network authentication protocol that allows users to authenticate themselves to a network securely. After authentication, users can access the network’s resources (e.g., files, printers). Kerberos uses encryption to protect users’ credentials and prevent unauthorized access to a network. This protocol is widely used in organizations for network authentication and access control.

How Kerberos works

  • A user logs in to a Kerberos-protected network using their login credentials (i.e., username and password).
  • The user’s computer sends a request to the Kerberos authentication server.
  • The Kerberos authentication server verifies the user’s credentials and issues a ticket-granting ticket (TGT). The TGT is encrypted with a secret key that only the authentication server and the user’s computer share.
  • The user’s device receives the TGT and stores it securely. When the user needs to access a resource (e.g., a file server), the user’s device sends a request for a service ticket to the Kerberos authentication server.
  • The server verifies the TGT and issues a service ticket. This ticket is also encrypted with a secret key.
  • The user’s device receives the service ticket and sends it to the resource server requesting access to the network resource.
  • The resource server decrypts the ticket using the secret key, and the user gains access to the resource.

History of Kerberos

  • Kerberos was developed at the Massachusetts Institute of Technology (MIT) for Project Athena in 1988.
  • The project’s original goal was to create a distributed computing environment for MIT students that would allow them to access the system and resources anywhere on campus.
  • The name “Kerberos” is from Greek mythology: Kerberos was a three-headed dog who guarded the gates of Hades.
  • The dog’s three heads represent the client/principal, the network resource, and the key distribution center (KDC).

Further reading

Ultimate digital security