Kerberos is a network authentication protocol widely used in Microsoft enterprises that uses tickets for both verifying a user$$s identity and specifying what a user is authorized to do on the network. The three components of a Kerberos transaction are:

Key Distribution Center $($KDC$)($Typically$,$ the domain controller$)$

Requesting Client $($For example, a user entity$)$

Service $($resource to which the client is attempting to gain access$)$

Created as a byproduct of Project Athena Links to an external site.at Massachusetts Institute of Technology $($MIT$)$ in the $1980$s$,$ the developers gave away licenses for use of this technology to encourage widespread implementation. Kerberos was rapidly adopted, as it is superior to earlier authentication protocols, such as NTLM $($Windows NT LAN Manager$)$ because it is not vulnerable to replay attacks. In addition, it uses shared secrets for authentication, not passing the plaintext password across the network $($Frederick$,2018).$

Sean Metcalf, in his AD Security blog Links to an external site., provides a simple overview of the Kerberos authentication as well as details many of the vulnerabilities that exist in this protocol $($Metcalf$,2015).$ The below authentication process is based on Metcalf$$s walk$-$through, following Bob, a junior security analyst, as he attempts to log in to his workstation with his domain username and password.