What Is Kerberos?
Kerberos is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. It uses secrete-key cryptography and a trusted third party for authenticating client-server applications and verifying user’s identities.
Users, machines and services using Kerberos need only trust the Key Distribution Center (KDC), which runs as a single process and provides two services: an authentication service and a ticket granting service. Kerberos is built in to all major operating systems, including Microsoft windows, Apple OS X, FreeBSD and Linux.
What You Need To Know About Kerberos
- Kerberos works on a private key encryption.
- Kerberos depends on a reliable third party.
- Kerberos is an open source software and offers free services.
- In Kerberos, key cancellation is achieved by disabling any user on authentication server.
- Kerberos is generally implemented in Microsoft products like Windows 2000, Windows XP and later windows.
- Kerberos is best suited for WWW.
- Password resides in user’s minds where they are usually not subjected to secrete attack.
What Is SSL?
SSL is an encryption-based internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication and data integrity in internet communications.
SSL is an acronym for Secure Sockets Layer which is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing hackers from getting access and modifying any information transferred including potential personal details. The two systems can be a server and a client (shopping website and browser) or server to server (an application with personal identifiable information).
In order to provide a high degree of privacy, SSL encrypts data that is transmitted across the web. SSL initiates an authentication process referred to as handshake between two communicating devices. SSL also digitally signs data in order to provide data integrity, verifying that the data is not tampered with before reaching its intended recipient.
What You Need To Know About SSL
- SSL works on public encryption.
- SSL is asynchronous as it depends on the certificate.
- SSL does not offer free service as it is patented.
- In SSL, revocation server control records of bad certificate for key cancellation.
- SSL is implemented in web browsing, messaging and other protocols like FTP.
- SSL is most suited and effective for the networked environments.
- Certificates sit on a user hard drive where they can be subjected to being hacked.
Also Read: Difference Between IPsec And SSL
Difference Between Kerberos And SSL In Tabular Form
Aspect | Kerberos | SSL |
---|---|---|
Purpose | Authentication and single sign-on | Secure communication over a network |
Authentication | Ticket-based authentication | Certificate-based authentication |
Key Exchange | Session keys exchanged via KDC | Public-private key exchange during handshake |
Encryption | Typically symmetric key encryption | Asymmetric key (public-private key) encryption |
Usage | Primarily used for authentication within a network | Used for securing data transmission over the internet |
Typical Port | Port 88 (TCP and UDP) for Kerberos protocol | Port 443 (TCP) for HTTPS (SSL/TLS) |
Key Distribution | Centralized key distribution through KDC | Decentralized key distribution through certificates |
Ticket-based System | Uses tickets for authentication and session management | No ticket-based system; relies on certificates for authentication |
Session Management | Kerberos creates a session ticket for user sessions | SSL uses session IDs and session tickets for session management |
Supported Applications | Commonly used in enterprise environments, especially with Windows systems | Widely used for securing web applications and online transactions |
Implementation | Integrated into various operating systems like Windows Active Directory | Implemented as a protocol for securing communication in applications and services |