Kerberos and NTLM Security Vulnerabilities

  1. Kerberos Protocol Fundamentals
    1. Kerberos Architecture Components
      1. Key Distribution Center (KDC)
        1. Authentication Service (AS)
          1. Ticket Granting Service (TGS)
            1. KDC Database
            2. Kerberos Realms
              1. Realm Naming Conventions
                1. Cross-Realm Authentication
                  1. Trust Relationships
                  2. Service Principal Names (SPNs)
                    1. SPN Format and Structure
                      1. SPN Registration Process
                        1. Duplicate SPN Issues
                          1. SPN Discovery Methods
                        2. Kerberos Tickets and Keys
                          1. Ticket-Granting Ticket (TGT)
                            1. TGT Structure
                              1. Encryption with KRBTGT Key
                                1. TGT Lifetime and Renewal
                                2. Service Tickets
                                  1. Service Ticket Structure
                                    1. Encryption with Service Key
                                      1. Ticket Lifetime
                                      2. Session Keys
                                        1. Session Key Generation
                                          1. Key Distribution
                                            1. Key Usage
                                            2. Long-term Keys
                                              1. User Keys
                                                1. Service Keys
                                                  1. KRBTGT Key
                                                2. Kerberos Authentication Flow
                                                  1. Initial Authentication (AS Exchange)
                                                    1. AS-REQ Message
                                                      1. Pre-authentication Data
                                                        1. AS-REP Message
                                                          1. TGT Issuance
                                                          2. Service Authentication (TGS Exchange)
                                                            1. TGS-REQ Message
                                                              1. TGT Presentation
                                                                1. TGS-REP Message
                                                                  1. Service Ticket Issuance
                                                                  2. Client-Server Authentication (AP Exchange)
                                                                    1. AP-REQ Message
                                                                      1. Service Ticket Presentation
                                                                        1. AP-REP Message
                                                                          1. Mutual Authentication
                                                                        2. Kerberos Encryption and Security
                                                                          1. Supported Encryption Types
                                                                            1. DES (Deprecated)
                                                                              1. RC4-HMAC
                                                                                1. AES128-CTS-HMAC-SHA1-96
                                                                                  1. AES256-CTS-HMAC-SHA1-96
                                                                                  2. Key Derivation
                                                                                    1. Password-based Key Derivation
                                                                                      1. Salt Usage
                                                                                        1. Iteration Counts
                                                                                        2. Message Integrity
                                                                                          1. Checksums and MACs
                                                                                            1. Replay Protection
                                                                                              1. Timestamp Validation

                                                                                          Previous

                                                                                          3. NTLM Security Vulnerabilities

                                                                                          Go to top

                                                                                          Next

                                                                                          5. Kerberos Security Vulnerabilities