Difference between Kerberos Version 4 and Kerberos Version 5

1. Kerberos Version 4 : 

Kerberos version 4 is an update of the Kerberos software that is a computer-network authentication system. Kerberos version 4 is a web-based authentication software which is used for authentication of users information while logging into the system by DES technique for encryption. It was launched in late 1980s.

Features of Kerberos V4:

  • Authentication: Kerberos V4 provides authentication and encryption services to network clients and servers.
  • Encryption: Kerberos V4 uses a simple encryption algorithm that is less secure than the encryption used in Kerberos V5.
  • Ticket-granting service (TGS): Kerberos V4 uses a single TGS for all network services, which means that the TGS has to handle a large number of requests.
  • No support for timestamps: Kerberos V4 does not support timestamps, which makes it vulnerable to replay attacks.

 2. Kerberos Version 5 : 

Kerberos version 5 is a later version of the Kerberos software came after Kerberos version 4, developed for enhancing security in the authentication. Kerberos version 5 provides a single authentication service in a network which is distributed over an enterprise. It was launched in the year 1993. 

Features of Kerberos V5:

  • Authentication: Kerberos V5 provides authentication, encryption, and authorization services to network clients and servers.
  • Encryption: Kerberos V5 uses a more secure encryption algorithm than Kerberos V4, which makes it less vulnerable to attacks.
  • Ticket-granting service (TGS): Kerberos V5 uses multiple TGS servers to handle requests for different network services. This improves scalability and reduces the load on individual TGS servers.
  • Support for timestamps: Kerberos V5 supports timestamps, which makes it less vulnerable to replay attacks.
  • Support for renewable tickets: Kerberos V5 supports renewable tickets, which allows users to extend their authentication without having to re-enter their passwords.

 Similarities between the two versions of Kerberos:

  • Authentication process: Both Kerberos V4 and V5 use a similar authentication process that involves a client, a server, and a trusted third-party authentication server (TAS) that issues tickets to the client.
  • Encryption: Both Kerberos V4 and V5 use encryption to protect sensitive data and prevent eavesdropping.
  • Password-based authentication: Both Kerberos V4 and V5 use password-based authentication, which requires users to enter their passwords to access network resources.
  • Ticket-based authentication: Both Kerberos V4 and V5 use ticket-based authentication, which enables users to authenticate to multiple network resources without having to enter their passwords multiple times.
  • Key distribution: Both Kerberos V4 and V5 use a key distribution center (KDC) to distribute secret keys to network clients and servers.
  • Network interoperability: Both Kerberos V4 and V5 are designed to be compatible with a wide range of network operating systems and protocols, which makes them suitable for use in heterogeneous network environments.

Difference between Kerberos Version 4 and Kerberos Version 5 :

S.No. Kerberos Version 4 Kerberos Version 5
1. Kerberos version 4 was launched in late 1980s. Kerberos version 5 was launched in 1993.
2. It provides ticket support. It provides ticket support with extra facilities for forwarding, renewing and postdating tickets.
3. Kerberos version 4 works on the Receiver-makes-Right encoding system. Kerberos version 5 works on the ASN.1 encoding system.
4. It does not support transitive cross-realm authentication. It supports transitive cross-realm authentication.
5. It uses Data Encryption Standard technique for encryption. It uses any encryption techniques as the cipher text is tagged with an encryption identifier.
6. In Kerberos version 4, the ticket lifetime has to be specified in units for a lifetime of 5 minutes. In Kerberos version 5, the ticket lifetime is specified with the freedom of arbitrary time.

Contact Us