An Improved Kerberos Scheme Based on Dynamic Password
When the authors communicate in a distributed network, there are some security threats: If a user accesses a certain specific workstation, he can impersonate another user to operate the workstation. A user can change the workstation network addresses to make its issued request seemingly come from a disguise workstation. A user can wiretap the message exchange process, and use the replay attack to access the server or interrupt the communication. By studying the Kerberos authentication scheme, an improved authentication scheme is raised, which is based on dynamic password method. In the improved scheme, user's password can be effectively protected, and the authentication is double between users and severs. Also, the scheme can resist jacking connection attack.