TLS-KDH: Combining TLS with Kerberos

Presented at Still Hacking Anyway (SHA2017), Aug. 5, 2017, 10 a.m. (60 minutes)

This talk is about TLS-KDH. An initiative of ARPA2 that combines the TLS protocol with the Kerberos protocol. It enables Kerberos authentication for TLS and enforces Perfect Forward Secrecy by requiring a Diffie-Hellman key exchange for every session. During the talk the design, implementation and pros and cons of TLS-KDH will be discussed. #DeviceSecurity #NetworkSecurity #Privacy Kerberos authentication forms a welcomed alternative to traditional Public-Key Infrastructure-based authentication that is currently standard within the TLS protocol. The TLS-KDH project defines an Internet-Draft for integrating Kerberos with TLS. Furthermore, a reference implementation has been built into GnuTLS.

Presenters:

• Tom Vrancken
  

Links:

• https://program.sha2017.org/events/115.html

Similar Presentations:

• DeepSec 2016 „Ten“ / Systematic Fuzzing and Testing of TLS Libraries
• DeepSec 2014 „Do you want to know more?“ / Introduction to and survey of TLS Security
• DeepSec 2016 „Ten“ / Deploying Secure Applications with TLS (closed)