August 2000
Intermediate to advanced
800 pages
21h 5m
English
Content preview from Microsoft® Windows® 2000 Security HandbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Concepts of Kerberos
With that little background of Kerberos security, look at the two main concepts of Kerberos, shared secrets and multiple authentication.
Shared Secrets
The Kerberos protocol relies on an authentication technique called shared secrets. What this means is that I know a secret and I tell only you what the secret is. The secret is then only known between you and me, unlike the secrets you shared with your school buddies. An analogy of this would be if I were to tell you a secret and so that you could be sure it is me when you receive communications referencing the secret, I include a password. By telling you what the password is beforehand, we have a shared secret. However, this method can be compromised. What if someone overheard ...