Delve into Kerberos fundamentals, exploring network security, authentication, authorization, and auditing. Gain hands-on practice in creating principals, requesting tickets, and mitigating protocol-specific attacks.

data.tar.gz

Kerberos is an essential part of any tech stack. It helps mitigate cyber attacks by providing strong authentication for client/server applications by using secret-key cryptography.

In this course, you will cover the basics of network security including: authentication, authorization, and auditing. You will also learn the fundamental concepts of Kerberos such as Key Distribution Center (KDC), Principals, and Ticketing.

Towards the end of this course, you will explore common attacks that are specific to the protocol and how Kerberos works to triage them. Lastly, you will get some hands-on practice with Kerberos where you’ll work to create a principal and request a Ticket-Granting Ticket from an Authentication Server.

By the time you’re done, you will have picked up a new in-demand skill that will allow you to better protect your data.

Kerberos for Beginners: Intro to Network Authentication Protocol

Kerberos adds privacy (confidentiality) and integrity in communication between entities using the protocol through encryption and checksums. Let’s look at each a little closer.

## Encryption
Casually speaking, encryption is a way to conceal information by altering it so that it appears to just be random data. In computing, unencrypted data is known as **plaintext**, and encrypted data is known as **ciphertext**. The methods used to encode and decode messages are called **encryption algorithms** or **ciphers**. Encryption takes readable data and alters it so that it appears random. Although encrypted data appears random, encryption proceeds in a logical, predictable way so that a party receiving the encrypted data, and in possession of the *key* used to encrypt the data, can decrypt the data and turn it back into plaintext. The hope is that if the encryption scheme is complex enough, then malicious third-parties will be highly unlikely to decrypt the ciphertext by brute force. Data can be encrypted either at rest, i.e., when it is encrypted and then held in any form of storage like memory or hard disk, or when data is in transit, i.e., when it is encrypted and transmitted across a network. In Kerberos, we are only concerned with data encryption in transit.




Kerberos adds privacy (confidentiality) and integrity in communication between entities using the protocol through encryption and checksums. Let’s look at each a little closer.

# Encryption
Casually speaking, encryption is a way to conceal information by altering it so that it appears to just be random data. In computing, unencrypted data is known as **plaintext**, and encrypted data is known as **ciphertext**. The methods used to encode and decode messages are called **encryption algorithms** or **ciphers**. Encryption takes readable data and alters it so that it appears random. Although encrypted data appears random, encryption proceeds in a logical, predictable way so that a party receiving the encrypted data, and in possession of the *key* used to encrypt the data, can decrypt the data and turn it back into plaintext. The hope is that if the encryption scheme is complex enough, then malicious third-parties will be highly unlikely to decrypt the ciphertext by brute force. Data can be encrypted either at rest, i.e., when it is encrypted and then held in any form of storage like memory or hard disk, or when data is in transit, i.e., when it is encrypted and transmitted across a network. In Kerberos, we are only concerned with data encryption in transit.




This lesson gives a brief introduction to encryption and the cryptographic key.

Theory

Practice

Quiz

Encryption

Encryption