Difference Between Kerberos And SSL

SHARE

What Is Kerberos?

Kerberos is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. It uses secrete-key cryptography and a trusted third party for authenticating client-server applications and verifying user’s identities.

Users, machines and services using Kerberos need only trust the Key Distribution Center (KDC), which runs as a single process and provides two services: an authentication service and a ticket granting service. Kerberos is built in to all major operating systems, including Microsoft windows, Apple OS X, FreeBSD and Linux.

What You Need To Know About Kerberos

  • Kerberos works on a private key encryption.
  • Kerberos depends on a reliable third party.
  • Kerberos is an open source software and offers free services.
  • In Kerberos, key cancellation is achieved by disabling any user on authentication server.
  • Kerberos is generally implemented in Microsoft products like Windows 2000, Windows XP and later windows.
  • Kerberos is best suited for WWW.
  • Password resides in user’s minds where they are usually not subjected to secrete attack.

What Is SSL?

SSL is an encryption-based internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication and data integrity in internet communications.

SSL is an acronym for Secure Sockets Layer which is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing hackers from getting access and modifying any information transferred including potential personal details. The two systems can be a server and a client (shopping website and browser) or server to server (an application with personal identifiable information).

In order to provide a high degree of privacy, SSL encrypts data that is transmitted across the web. SSL initiates an authentication process referred to as handshake between two communicating devices. SSL also digitally signs data in order to provide data integrity, verifying that the data is not tampered with before reaching its intended recipient.

What You Need To Know About SSL

  • SSL works on public encryption.
  • SSL is asynchronous as it depends on the certificate.
  • SSL does not offer free service as it is patented.
  • In SSL, revocation server control records of bad certificate for key cancellation.
  • SSL is implemented in web browsing, messaging and other protocols like FTP.
  • SSL is most suited and effective for the networked environments.
  • Certificates sit on a user hard drive where they can be subjected to being hacked.

Also Read: Difference Between IPsec And SSL

Difference Between Kerberos And SSL In Tabular Form

BASIS OF COMPARISON KERBEROS SSL
Working Kerberos works on a private key encryption. SSL works on public encryption.
Dependence Kerberos depends on a reliable third party. SSL is asynchronous as it depends on the certificate.
Nature Kerberos is an open source software and offers free services. SSL does not offer free service as it is patented.
Revocation In Kerberos, key cancellation is achieved by disabling any user on authentication server. In SSL, revocation server control records of bad certificate for key cancellation.
Implementation Kerberos is generally implemented in Microsoft products like Windows 2000, Windows XP and later windows. SSL is implemented in web browsing, messaging and other protocols like FTP.
Suitability Kerberos is best suited for WWW. SSL is most suited and effective for the networked environments.
Password/Certificate Password resides in user’s minds where they are usually not subjected to secrete attack. Certificates sit on a user hard drive where they can be subjected to being hacked.