Scribd
Upload
19 views

Public Key Authentication Protocols

Uploaded by

jsrinithi2005
Copyright
© © All Rights Reserved
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
19 views

Public Key Authentication Protocols

Uploaded by

jsrinithi2005
Copyright
© © All Rights Reserved
Available Formats
Download as DOC, PDF, TXT or read online on Scribd
You are on page 1/ 3

Public Key Authentication Protocols:

Several authentication protocols exist. None are 100 percent foolproof. Choose your
method carefully, however, and you will reduce the risk of hacking and data theft.

What are authentication protocols?


An authentication protocol allows the receiving party (such as a server) to verify the
identity of another party (such as a person using a mobile device to log in). Almost every
single computer system uses some kind of network authentication to verify users.

As more critical information is stored electronically, and as hackers become more and
more adept at theft, authentication becomes more important. Without it, losses can be
significant. For example, Deloitte experienced a data breach in 2017 that exposed client
email (including some tied to government agencies). Authentication may never keep
your information perfectly secure. But it can make theft harder to accomplish. Hackers
may move to a different target if your servers are too difficult to penetrate.

Types of authentication protocol


IT administrators have plenty of options available to them. We'll list a few here, but
know there are many more.

The five most common authentication methods companies use include the following:

1. Kerberos: If you work within the Windows environment, you've used this
protocol. The system leans on symmetric keys pulled from a centralized key
distribution center. While the protections are significant, Kerberos isn't perfect. In
2020, Kerberos stopped working after a system update.
2. LDAP: As we explained in a recent blog post, companies store usernames,
passwords, email addresses, printer connections, and other static data within
directories. LDAP is an open, vendor-neutral application protocol for accessing
and maintaining that data.

3. OAuth 2.0: If you've ever used a login from another site (like Facebook) to get
into a new site (like The New York Times), you've used OAuth 2.0. An application
pulls resources on your behalf, and you don't have to share credentials. This
system can also be hacked, as GitHub discovered in 2020.

4. Remote authentication dial-in user service (RADIUS): You provide a username


and password, and the RADIUS system verifies the information by comparing it to
data in a database.

5. SAML: This XML-based protocol exchanges authentication data between IdPs


and service providers.

These are five other types of authentication protocols to know:

 Challenge-Handshake Authentication Protocol (CHAP): This system


reauthenticates users periodically, even within the same session. Each challenge is
different from the last version.
 DIAMETER: This protocol provides a framework for authentication and
accounting messages. It's derived from RADIUS, and it's considered an
improvement upon that protocol.

 Extensible authentication protocol (EAP): Wireless networks and point-to-point


connections often lean on EAP.

 Password authentication protocol (PAP): A user submits a username and


password, which the system compares to a database.

 TACACS: Accomplish IP-based authentication via this system. Later versions of


this protocol include encryption.

How to choose among authentication protocols


With so many options, how can you choose the version that's right for you?

Consider your:

 Application needs. What systems and resources require access? How significant or
private are they?
 Infrastructure. What protocols can you launch without overhauling your existing
system?

 Effort. How much training or programming will you need before you can get
started?
 Future. Can the system grow and change with your company?

You might also like