&sq=Envato&lang=en&file=File:Kerberos_protocol_logo.png){kind=logo} | |
| Developer(s) | Massachusetts Institute of Technology |
|---|---|
| Stable release | Version 5, Release 1.21
/ 5 June 2023[1] |
| Written in | C |
| Operating system | Cross-platform |
| Type | Authentication protocol |
| Website | web |
Kerberos (/ˈkɜːrbərɒs/) is a computer-network authentication protocol that works on the basis of tickets to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed it primarily at a client–server model, and it provides mutual authentication—both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
Kerberos builds on symmetric-key cryptography and requires a trusted third party, and optionally may use public-key cryptography during certain phases of authentication.[2] Kerberos uses UDP port 88 by default.
The protocol was named after the character Kerberos (or Cerberus) from Greek mythology, the ferocious three-headed guard dog of Hades.[3]
- ^ "Kerberos 5 Release 1.21".
- ^ RFC 4556, abstract.
- ^ "Kerberos authentication". IONOS Digitalguide. Retrieved 2022-08-25.