Kerberos and SSL are protocols used for authentication and encryption in computer networks. The authentication in Kerberos is usually conducted by providing a password while in SSL the authentication is completed through certificates and corresponding keys.
Share
Differences between Kerberos and SSL:
Kerberos
Kerberos was first developed by the Massachusetts Institute of Technology (MIT) for the Project Athena. It is an authentication protocol and mostly used in client-server models.
Kerberos can be used for authentication of clients to multiple servers at a time. The encryption technique for authentication is private key encryption. It is open-source software and offers free services.
Kerberos is dependent on the trusted third party. The secret attack is difficult as Kerberos use passwords which remain in the user’s head. It is mostly used in Windows environments such as Windows XP and Windows 2000.
The three main components of Kerberos include the server, client and KDC (key distribution centre). KDC in Kerberos acts as the trusted third-party authentication service. Kerberos uses the UDP (user datagram protocol), a protocol that works on the transport layer, and it is a connectionless and unreliable protocol. Kerberos is ideal for networking environments.
SSL
SSL (secure socket layer) is the encryption protocol which is used to facilitate the users with secure communication over the non-secure network. TLS (transport layer security) is the modern version of SSL.
SSL provides integrity and non-repudiation to the transferred data. The encryption technique used in SSL is the public key encryption. SSL is mostly patented and not offer freely. SSL depends on certificates, which is why it is independent.
In SSL the key cancellation process is done by the revocation server which controls the records of corrupt certificates. As the certificated in SSL are placed at a user’s hardware share, so it has the probability of being a compromise. SSL is used in various applications, such as email, VoIP, messages, and FTP protocols.
SSL uses the TCP (transmission control protocol), which is used to define the communication process between end-users. SSL is ideal for the WWW (World Wide Web).