Difference Between Kerberos Version 4 and Version 5 in Tabular Form
- Kerberos is a web-based software that is used for providing authentication to user identities and user requests. Kerberos v4 and Kerberos v5 are updates of the Kerberos software.
- The internet can be a very insecure place. It often involves the exchange of some sensitive information related to users such as their usernames, passwords, financial details, etc. Such information once exchanged can be subject to a wide range of scrutiny by hackers and malfeasants. At times, a website may experience heavy user traffic. In such a scenario, it becomes easy for the hackers and other offenders to sniff out details from the users and use them to their (hacker’s) advantage.
|Kerberos Version 4||Kerberos Version 5|
|Kerberos version 4 was released prior to version 5 in the late 1980s||Version 5 was published in 1993, years after the appearance of version 5.|
|Ticket support is Satisfactory in this version.||Ticket support is well extended. Facilitates forwarding, renewing, and postdating tickets.|
|It uses the “receiver-makes-right”
|It uses the ASN. I coding system.|
|Since the same key is used repeatedly to gain a service from particular server, there is a risk that an attacker can replay messages from an old session to the client or server.||In V5 this is avoided by requiring a sub-session key which is used only for one connection.|
|Kerberos V4 uses DES encryption techniques.||In Kerberos V5 the ciphertext is tagged with an encryption type identifier hence any type of encryption can be used.|
|Kerberos uses IP addressing.||Kerberos V5 can use any address since the address is now tagged with type and length.|
|In V4 the ticket lifetime has to be specified in units of 5 minutes.||In V5 ticket lifetime, one can specify explicit start and finish times allowing arbitrary lifetimes.|
|It contains only a few IP addresses and other addresses for types of network protocols.||It contains only multiple IP addresses and other addresses for types of network protocols.|