As we know the kerberos authentication method is the most secure network authentication method ever build. In normal method the password is sent accross the network, which is vulnerable but in kerberos method no password is sent accross the network.
The Steps included in kerberos authentication
users enters his user name and password to login program, in kerberos each user have his own principal. Login program converts the username to his principal and request the KDC (key distrubtion centre) for TGT (ticket granding ticket) for this principal. KDC then check his database if the principal is there KDC create two secret keys. One key is encrypted with the password for the principal stored in his database and is sent back to the login program.
Login program tries to decrypt the packet received from KDC using the password entered by the user, if is possible to decrypt the user is authenticated.
User (username + password) —> Login Program
Login program ( principal for the username ) —> KDC
KDC (create two secret keys ) ———–> S1 & S2
KDC (encrypt the S1 with password associated with principal ) ———–> Login program
Login Program ( tries to decrypt it with the password entered by the user) ——> user is authenticated
