How is the shared key used by Kerberos distributed?
The previous FAQ explained that two machines (a client and a server) can
communicate via a shared symmetric key used to encrypt data however the problem
is how they can distribute that shared key between them.
This is where the Key Distribution Center is used and it consists of a
service which runs on all Windows 2000 domain controllers and generates the
shared key for the client and server and sends it in an encrypted form to the
The KDC responds to the client's request to talk to a server by sending both
copies of the session key to the client (one for the client, one for the server
but it is the same key just packaged differently). The client's copy of the
session key is encrypted with the key that the KDC shares with the client. The
server's copy of the session key is embedded, along with authorization data for
the client, in a data structure called a session ticket. The entire structure is
then encrypted with the key that the KDC shares with the server. The session
ticket - with the server's copy of the session key safely inside - becomes the
client's responsibility to manage until it contacts the server.
The client extracts the Session Key using its key shared with the KDC. It
extracts the servers session ticket (it canít decrypt as it does not know the
key shared between the server and the KDC). This information is stored in a
secure cache on the client in memory (never written to disk). When it wants to
communicate it sends it name and time encrypted in the shared key (which it
extracted) to the server along with the servers session ticket. The server then
decrypts the session ticket using the key shared with the KDC, extracts the
session key and decrypts the client authenticator replying back with the
workstations time encrypted with the session key.
All of this means the server does not have to store session keys for clients,
its the clients responsibility to send the servers session ticket to the server
as part of communication.
Also session tickets are good for a defined amount of time based on the Kerberos
policy. This is normally 8 hours (a normal logon time) so the KDC is not
contacted every time the client wants to talk to a server, it has the session
ticket cached which is good for the day.
What about the server-KDC and client-KDC long-term key, how is that distributed,
the next faq!
Windows Privacy Tools - http//www.privacywindows.com