Suppose we use symmetric keys for authentication and each of N users must be able to authenticate any of the other N — 1 users. Evidently, such a system requires one symmetric key for each pair of users, or on the order of N2keys. On the other hand, if we use public keys, only N key pairs are required, but we must then deal with PKI issues.
a. Kerberos authentication uses symmetric keys, yet only N keys are required for N users. How is this accomplished?
b. In Kerberos, no PKI is required. But, in security, there is no free lunch, so what's the tradeoff?
Already registered? Login
Not Account? Sign up
Enter your email address to reset your password
Back to Login? Click here