Bene prima questo è un protocollo generale Kerberos v4
(1) C - > AS: IDc || IDtgs
(2) AS - > C: Ekc [Kc, tgs || TGT]
(3) C - > TGS: TGT || Authenticator
(4) TGS - > C: Ekc, tgs [Kc, v || Ticketv]
(5) C - > V: Ticketv || Authenticator'c
Notazione:
C = Client
AS = authentication server
V = server
IDc = identifier of user on C
IDv = identifier of V
Kc = secret key derived from the user’s password on C
Kv= secret encryption key shared by AS an V
TS = timestamp
|| = concatenation
TGT = Ticket Granting Ticket
TGS = Ticket Granting Server
Authenticator simply includes ID of user on client and also a timestamp.
Domanda: perché il messaggio (1) non contiene l'autenticatore? Cheers!