Key distribution center
Encyclopedia
In cryptography
, a key distribution center (KDC) is part of a cryptosystem
intended to reduce the risks inherent in exchanging key
s. KDCs often operate in systems within which some users may have permission to use certain services at some times and not at others.
s can control access to the tape facility via a 'system service
'. If that system service further restricts the tape drive to operate on behalf only of users who can submit a service-granting ticket when they wish to use it, there remains only the task of distributing such tickets to the appropriately permitted users. If the ticket consists of (or includes) a key, we can then term the mechanism which distributes it a KDC. Usually, in such situations, the KDC itself also operates as a system service.
KDCs mostly operate with symmetric encryption.
In most (but not all) cases the KDC shares a key
with each of all the other parties.
The KDC produces a ticket
based on a server
key.
The client
receives the ticket and submits it to the appropriate server
.
The server can verify the submitted ticket and grant access to the user submitting it.
Security systems using KDCs include Kerberos.
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
, a key distribution center (KDC) is part of a cryptosystem
Cryptosystem
There are two different meanings of the word cryptosystem. One is used by the cryptographic community, while the other is the meaning understood by the public.- General meaning :...
intended to reduce the risks inherent in exchanging key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
s. KDCs often operate in systems within which some users may have permission to use certain services at some times and not at others.
Security overview
For instance, an administrator may have established a policy that only certain users may use the tape backup facility. (Perhaps the administrator has concerns that unrestricted use might result in someone smuggling out a tape containing important information; but the precise reason does not matter for the purpose of explaining the functioning of the key distribution center.) Many operating systemOperating system
An operating system is a set of programs that manage computer hardware resources and provide common services for application software. The operating system is the most important type of system software in a computer system...
s can control access to the tape facility via a 'system service
Daemon (computer software)
In Unix and other multitasking computer operating systems, a daemon is a computer program that runs as a background process, rather than being under the direct control of an interactive user...
'. If that system service further restricts the tape drive to operate on behalf only of users who can submit a service-granting ticket when they wish to use it, there remains only the task of distributing such tickets to the appropriately permitted users. If the ticket consists of (or includes) a key, we can then term the mechanism which distributes it a KDC. Usually, in such situations, the KDC itself also operates as a system service.
Operation
A typical operation with a KDC involves a request from a user to use some service. The KDC will use cryptographic techniques to authenticate requesting users as themselves. It will also check whether an individual user has the right to access the service requested. If the authenticated user meets all prescribed conditions, the KDC can issue a ticket permitting access.KDCs mostly operate with symmetric encryption.
In most (but not all) cases the KDC shares a key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
with each of all the other parties.
The KDC produces a ticket
Ticket (IT security)
In IT Security, a ticket is a number generated by a network server for a client, which can be delivered to itself, or a different server as a means of authentication or proof of authorization, and cannot easily be forged. This usage of the word originated with MIT's Kerberos protocol in the 1980s...
based on a server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
key.
The client
Client (computing)
A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....
receives the ticket and submits it to the appropriate server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
.
The server can verify the submitted ticket and grant access to the user submitting it.
Security systems using KDCs include Kerberos.
Drawbacks
- A KDC can become a single point of failureSingle point of failureA single point of failure is a part of a system that, if it fails, will stop the entire system from working. They are undesirable in any system with a goal of high availability or reliability, be it a business practice, software application, or other industrial system.-Overview:Systems can be made...
- Everybody must trust the KDC
- Vulnerable to replay attackReplay attackA replay attack is a form of network attack in which a valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary who intercepts the data and retransmits it, possibly as part of a masquerade attack by IP packet...