Which of the following statements pertaining to Kerberos is false?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Kerberos is a trusted, credential-based, third-party authentication protocol that uses symmetric (secret) key cryptography to provide robust authentication to clients accessing services on a network.
One weakness of Kerberos is its Key Distribution Center (KDC), which represents a single point of failure.
The KDC contains a database that holds a copy of all of the symmetric/secret keys for the principals.
Reference(s) used for this question: KRUTZ, Ronald L.
& VINES, Russel.
D., The CISSP Prep Guide: Mastering the Ten Domains of Computer Security, John Wiley & Sons, 2001, Chapter 2: Access control systems (page40).
Kerberos is a widely used network authentication protocol that provides secure authentication for network services. It is designed to be a trusted third-party authentication system and uses symmetric key cryptography to authenticate users and provide access control to network resources.
Now, let's go through each statement and determine if it is true or false:
A. The Key Distribution Center represents a single point of failure. This statement is true. The Key Distribution Center (KDC) is a critical component of the Kerberos protocol that acts as a central authentication server. It is responsible for issuing tickets that grant access to network services and is therefore a single point of failure in the Kerberos system. If the KDC is compromised or unavailable, users may not be able to authenticate and access network resources.
B. Kerberos manages access permissions. This statement is true. Kerberos is an access control system that manages permissions to network resources. It authenticates users and issues tickets that grant access to specific network services, based on the permissions assigned to that user.
C. Kerberos uses a database to keep a copy of all users' public keys. This statement is false. Kerberos uses a database to store user credentials, but these credentials do not include public keys. Instead, Kerberos uses a symmetric key cryptography scheme to authenticate users and provide secure communication between network services.
D. Kerberos uses symmetric key cryptography. This statement is true. Kerberos uses a symmetric key cryptography scheme to provide secure authentication and communication between network services. This involves the use of a shared secret key, known only to the KDC and the client, to encrypt and decrypt authentication messages.
In summary, the false statement pertaining to Kerberos is C - Kerberos does not use a database to keep a copy of all users' public keys.