Kerberos Server Test Suite Data Sheet
Test Suite:
Kerberos Server Test Suite
Direction:
Server

Kerberos is an authentication protocol used to verify the identities of principals, such as users, hosts and servers, over an unprotected network. A Kerberos KDC (Key Distribution Center) acts as trusted third party, and provides an authentication service based on shared secret cryptography.

Used specifications

Specification
Title
RFC4120

The Kerberos Network Authentication Service (V5)

RFC3961

Encryption and Checksum Specifications for Kerberos 5

RFC3962

Advanced Encryption Standard (AES) Encryption for Kerberos 5

Tool-specific information

Tested messages
Notes
Specifications
KRB_AS_REQ
RFC4120
KRB_TGS_REQ
With embedded KRB_AP_REQ
RFC4120

Supported protocol features
Notes
Specifications
Transport over UDP
RFC4120
DES3-CBC-HMAC-SHA1-KD encryption mode
RFC3961
AES256-CTS-HMAC-SHA1-96 encryption mode
RFC3962
AES128-CTS-HMAC-SHA1-96 encryption mode
RFC3962
MIT Kerberos keytab

Unsupported protocol features
Notes
Specifications
Transport over TCP
RFC4120
KRB_SAFE Exchange
RFC4120
KRB_PRIV Exchange
RFC4120
KRB_CRED Exchange
RFC4120
DES_CBC_MD5 encryption mode
RFC3961
DES_CBC_MD4 encryption mode
RFC3961
DES_CBC_CRC encryption mode
RFC3961
Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis