Home

KDC

KDC stands for Key Distribution Center, a central component of the Kerberos network authentication protocol. It acts as a trusted authority that issues tickets used to prove identities and authorize access to services within a realm.

Typically, a KDC provides an Authentication Server (AS) and a Ticket Granting Server (TGS) operating with a

When the user wants to access a service, the client presents the TGT to the TGS to

Security and administration: The KDC is a high-value target; compromising it undermines the entire Kerberos domain.

Although KDC can refer to other organizations or concepts in different fields, in computer networking it most

shared
database
of
principals
and
their
secret
keys.
A
user
authenticates
to
the
AS
and
receives
a
Ticket
Granting
Ticket
(TGT)
encrypted
with
the
user's
key.
The
TGT
allows
the
user
to
request
service
tickets
from
the
TGS
without
re-entering
credentials.
obtain
a
service
ticket
for
that
service.
The
TGS
issues
the
service
ticket,
encrypted
with
the
service's
key,
along
with
a
session
key
for
the
client
and
service.
The
client
then
presents
the
service
ticket
to
the
target
service,
which
validates
it
with
its
own
key
and
establishes
a
protected
session.
Security
measures
include
strong
access
controls,
secure
key
storage,
time
synchronization,
and
redundancy.
In
large
deployments,
multiple
KDCs
and
cross-realm
trust
enable
availability
and
scalability.
commonly
denotes
the
Key
Distribution
Center
in
Kerberos.