Which of the following is true about Kerberos?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Kerberos depends on secret keys (symmetric ciphers).Kerberos is a third party authentication protocol.
It was designed and developed in the mid 1980's by MIT.
It is considered open source but is copyrighted and owned by MIT.
It relies on the user's secret keys.
The password is used to encrypt and decrypt the keys.
The following answers are incorrect: It utilizes public key cryptography.
Is incorrect because Kerberos depends on secret keys (symmetric ciphers)
It encrypts data after a ticket is granted, but passwords are exchanged in plain text.
Is incorrect because the passwords are not exchanged but used for encryption and decryption of the keys.
It is a second party authentication system.
Is incorrect because Kerberos is a third party authentication system, you authenticate to the third party (Kerberos) and not the system you are accessing.
References: MIT http://web.mit.edu/kerberos/ Wikipedi http://en.wikipedia.org/wiki/Kerberos_%28protocol%29 OIG CBK Access Control (pages 181 - 184) AIOv3 Access Control (pages 151 - 155)
Kerberos is a network authentication protocol that provides secure authentication for client/server applications. It was developed by MIT in the 1980s and has since become the most widely used authentication protocol in enterprise environments.
Regarding the given options, the correct answer is C. It depends upon symmetric ciphers.
Here is a brief explanation of each option:
A. Kerberos does not utilize public key cryptography. Instead, it relies on symmetric key cryptography for secure communication between the client and server.
B. Kerberos uses encryption to protect the communication between the client and server, including the exchange of passwords. The passwords are never sent in plain text. Instead, they are hashed and used as part of the ticket-granting process.
C. This is the correct answer. Kerberos relies on symmetric ciphers to secure its communication. The Kerberos protocol uses a shared secret key between the client and server to encrypt and decrypt messages. This shared secret key is established during the initial authentication process and is used throughout the communication between the client and server.
D. Kerberos is a third-party authentication system, not a second-party authentication system. In Kerberos, a trusted third-party authentication server (AS) is used to verify the identity of clients and servers, which eliminates the need for direct communication between the two parties.
In summary, Kerberos is an authentication protocol that relies on symmetric ciphers for secure communication between the client and server. It uses a trusted third-party authentication server to verify the identities of clients and servers and does not send passwords in plain text.