CS406: Information Security

Researchers Roger Needham and Michael Schroeder invent a protocol based on symmetric keys. This protocol aims to securely establish session keys between two parties to protect further communication. The Needham–Schroeder symmetric key protocol forms the basis for Kerberos

At MIT, Project Athena is launched with the goal of creating a distributed computing environment for educational purposes. The idea is to have thin clients and let servers do the demanding computations. As part of this project, Kerberos is invented for authentication and single sign-on.

At the Usenex conference, the Kerberos v4 protocol is described for the first time. This makes Kerberos one of the oldest authentication protocols since many others come years later: SAML (2002), WS-Federation (2003), OAuth2 (2010) and OpenID Connect (2014). Versions 1-3 of the protocol remained internal to MIT.

Kerberos v4 is released. It uses DES for encryption. Due to export restrictions, Kerberos can't be used outside the U.S. An alternative implementation from Sweden called KTH-KRB is released years later for non-U.S. markets. However, v4 has limitations: weak DES encryption, misuse of PCBC mode of DES, ticket lifetime can't be longer than about 21 hours, delegation not supported.

Kerberos v5 is released and standardized by IETF as RFC 1510. It overcomes many limitations of v4. It uses ASN.1 syntax. It adds new modes for DES. AES encryption is supported. Ticket lifetimes are much longer. Delegation is supported. It allows for unkeyed checksums (CRC, MD5, SHA-1) and keyed checksums (HMAC with MD5 or SHA-1). This is also the year when Microsoft decides to adopt Kerberos in its products.

Microsoft releases Windows Server 2000 with Kerberos as the default authentication protocol, thus replacing NTLM. There's no separate KDC database. Instead, information comes from Active Directory (AD). With the subsequent growth of AD and AD-enabled apps, use of Kerberos grows.

RFC 4120 clarifies many aspects of the v5 protocol and obsoletes the earlier RFC 1510 of 1993. GSS-API specification is also released as RFC 4121.

MIT Kerberos Consortium is formed for the continued development and promotion of Kerberos in a more open manner rather than being internal to MIT. For some time, this is renamed to MIT Kerberos & Internet Trust Consortium or MIT-KIT, but later this name is retired.