The Kerberos Network Authentication Service (V5

This document gives an overview and specification of Version 5 of the protocol for the Kerberos network authentication system. Version 4, described elsewhere [1,2], is presently in production use at MIT's Project Athena, and at other Internet sites.

[1]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[2]  Giovanni Maria Sacco,et al.  Timestamps in key distribution protocols , 1981, CACM.

[3]  Paul V. Mockapetris,et al.  Domain names - implementation and specification , 1987, RFC.

[4]  Ralph Howard,et al.  Data encryption standard , 1987 .

[5]  B. Clifford Neuman,et al.  Kerberos: An Authentication Service for Open Network Systems , 1988, USENIX Winter.

[6]  Jerome H. Saltzer,et al.  Section E.2.1 Kerberos Authentication and Authorization System , 1988 .

[7]  Ralph R. Swick,et al.  Workstation Services and Kerberos Authentication at Project Athena , 1989 .

[8]  Steven M. Bellovin,et al.  Limitations of the Kerberos authentication system , 1990, CCRV.

[9]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[10]  Ronald L. Rivest,et al.  The MD4 Message-Digest Algorithm , 1990, RFC.

[11]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[12]  Virgil D. Gligor,et al.  On message integrity in cryptographic protocols , 1992, Proceedings 1992 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  John T. Kohl,et al.  The Evolution of the Kerberos Authentication Service , 1992 .

[14]  P. T. Barry,et al.  Abstract syntax notation-one (ASN.1) , 1992 .

[15]  B. Clifford Neuman,et al.  Proxy-based authorization and accounting for distributed systems , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[16]  Theodore Y. Ts'o,et al.  Kerberos: an authentication service for computer networks , 1994, IEEE Communications Magazine.