News

Kerberos 1.8 Goes Alpha

• By John K. Waters
• January 12, 2010

The latest version of MIT Kerberos, the free and open source implementation of the widely deployed network authentication protocol for client-server applications, goes alpha this week.

Version 1.8 comes with several much-anticipated new features, including password lockout, anonymous PKINIT and cryptographic modularity for native FIPS compliance. A general-availability release is expected on March 1.

 The Massachusetts Institute of Technology developed the Kerberos protocol to solve a range of network security problems, explained Stephen Buckley, executive director of the MIT Kerberos Consortium. Buckley calls the 20-year-old protocol "the granddaddy of authentication mechanisms."

Although MIT released the Kerberos source code in 1987, it was mostly used in academic environments until around 1990, when Microsoft began looking for an authentication mechanism, Buckley said. Microsoft decided to implement its own version of Kerberos, and that version is now the primary authentication mechanism for virtually all of Microsoft products -- everything from Active Directory to the Xbox game system. MIT's implementation is now part of many other operating systems, including Enterprise Linux, Ubuntu Linux, Debian Linux, Sun Solaris, Red Hat and the Mac OS. Google is also an MIT Kerberos user.

"Basically, if you're not Microsoft, then you're using our implementation," Buckley said. Because the protocol is a standard, different implementations interoperate, he added.

The Kerberos protocol defines how clients interact with a network authentication service. It employs symmetric key cryptography, which requires a client to prove its identity to a server and vice versa, across an insecure network connection. "Once you authenticate yourself, you get a shared ticket," Buckley said, "which you can use to access any other application you are authorized to access. Developers who 'kerberize' their applications make it possible for users who have to use 10 different applications during the day only have to log on once to use them security."

Buckley's favorite new feature in the 1.8 release is pretty pedestrian, he admitted. "It's just a basic password lockout," he said. "It's something that our users have been asking for. People have been using their own, home-grown, n-strikes-and-you're-out lockout mechanisms. Many of the things we're doing now are almost funny in that we didn't get around to doing them earlier, but we really didn't have a feedback mechanism that allowed us to hear from users until we formed the Consortium [in 2007]."

The password lockout feature, which is functionality similar to something you see in Active Directory, was included because of popular demand from the higher education community, he said.

Crypto-modularity is another new feature of MIT Kerberos 1.8. This feature allows users to replace MIT's implementation of the cryptographic library with another one -- say, Open SSL, NFS or PKCS-11. This allows MIT Kerberos users, such as the U.S. government, to comply with requirements for a certified crypto-library.

This release also comes with two new extensions to the Kerberos protocol: S4U2Self, or "protocol transition," which is designed to enable a service to acquire a ticket from an arbitrary principal to itself; and S4U2Proxy, or "constrained delegation," which enables a service to use a client's ticket to itself to request another ticket for delegation.

In version 1.8, MIT has also enhanced its Flexible Authentication Secure Tunneling (FAST) pre-authentication framework. Kerberos FAST is designed to provide increased resistance to passive password guessing attacks, Buckley said. The new FAST enhancement includes a mechanism for tunneling pre-authentication exchanges using armored Key Distribution Center (KDC) messages.

Kerberos 1.8 also comes with anonymous PKInit, which allows users to obtain Kerberos tickets, even if they have no principal registered in a realm. Use cases for PKInit, Buckley explained, include things like hiding the identity of a user for privacy, using FAST without registering a host, and automated registration of hosts.

"Our friends at Google would say, we add 200 people a week and I have to send the system administrator around to set up every new machine," Buckley said. "Wouldn't it be great if we could find a way of doing that without wasting all that manpower? PKInit solves this problem. It allows sort of a 'leap of faith' for a new machine to join a Kerberos realm."

The Kerberos Consortium also announced the addition of Red Hat to its executive advisory board. The board also includes MIT, Sun Microsystems and Microsoft, which signed on in 2008.

The Consortium is seeking feedback on the 1.8 release, and expects to release MIT Kerberos 1.9 in December.