A History Lesson

Although Kerberos is new to NT 5.0, it has been around for quite some time. The Massachusetts Institute of Technology (MIT) developed Kerberos in the 1980s as part of the Project Athena Network. The Athena Project attempted to discover how to design, implement, and manage distributed computing environments.

The first three releases of Kerberos were developmental versions, so MIT primarily used them. Kerberos 4 was the first version to leave MIT's confines. After Kerberos 4's release, many UNIX and Internet systems integrated this authentication protocol.

As would be the case with any protocol exposed to different systems and unforeseen demands, new users encountered many limitations with Kerberos 4. For example, Kerberos 4 used DES encryption, but DES is illegal to export outside the United States and some users question whether it is a secure encryption methodology.

Kerberos 4's limitations became productive feedback for Kerberos 5. Kerberos 5 has many improvements, such as the ability to use triple DES or even other encryption algorithms of choice. Request for Comments (RFC) 1510 defines Kerberos 5. Although products with Kerberos 4 are still widely used, most new products, including NT 5.0, will feature only Kerberos 5.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.