The Kerberos authentication system, a part of MITÒs Project Athena, has been adopted by other organizations. Despite KerberosÒs many strengths, it has a number of limitations and some weaknesses. Some are due to specifics of the MIT environment; others represent deficiencies in the protocol design. We discuss a number of such problems, and present solutions to some of them. We also demonstrate how special purpose cryptographic hardware may be needed in some cases.
Click Here to download this article