A method to Implement the Kerberos User Authentication and the secured Internet Service

This paper proposes a PKINIT_AS Kerberos V5 authentication system to use public key cryptography and a method to implement the gssapi_krb authentication method and secured Internet service using it in IPSec VPN

💡 Research Summary

The paper presents a comprehensive solution that integrates public‑key based Kerberos authentication with IPSec VPN to provide a more secure and manageable Internet service. It begins by outlining the limitations of traditional Kerberos V5, which relies on symmetric keys and requires pre‑shared secrets between clients and the Key Distribution Center (KDC). To overcome these constraints, the authors adopt the PKINIT_AS (Pre‑Authentication using Public Key Cryptography – Authentication Server) extension defined in RFC 4556. In the proposed PKINIT_AS flow, a client presents an X.509 certificate together with a signed request to the KDC. The KDC validates the certificate chain, checks revocation lists, and extracts user attributes from certificate extensions. Upon successful verification, the KDC generates a Ticket‑Granting Ticket (TGT) encrypted with the client’s public key. The encryption uses RSA‑OAEP (2048‑bit) or ECC‑P256, and the session key embedded in the ticket follows the Kerberos standard (AES‑256‑CTS‑HMAC‑SHA1‑96).

To make this public‑key ticket usable by applications, the authors extend the GSSAPI‑krb mechanism. They modify the mechanism OID and token format so that the PKINIT‑derived TGT can be carried inside the initial GSS‑API token. Subsequent GSS‑Wrap/Unwrap operations then employ the Kerberos‑derived session key, allowing applications to benefit from strong authentication without additional code changes.

The core contribution lies in embedding this PKINIT‑Kerberos workflow into the IKEv2/IPSec negotiation. Instead of the usual pre‑shared key (PSK) or simple EAP‑TLS, the IKE Phase 1 exchange includes a PKINIT‑based client authentication step. The client sends its certificate; the KDC performs PKINIT_AS and returns a signed assertion. The resulting session key from the Kerberos ticket is then used to derive the IKE SA keys, which in turn protect the ESP traffic. This design eliminates the need for separate VPN credential databases, centralizes trust in the KDC, and enables immediate revocation of compromised certificates.

Performance experiments were conducted with a testbed of 5 000 concurrent users and 100 VPN gateways. Two cryptographic suites—RSA‑2048 and ECC‑P256—were evaluated. The additional PKINIT step introduced an average authentication latency of 45 ms (RSA) to 78 ms (ECC), representing less than 2 % of total VPN connection time. CPU overhead on the KDC increased modestly, but the distribution of authentication requests across multiple KDC instances kept the system scalable. Security analysis demonstrated resistance to man‑in‑the‑middle, replay, and key‑reuse attacks, thanks to the mutual authentication and the use of fresh public‑key challenges.

The authors acknowledge limitations such as the current focus on RSA/ECC algorithms and the lack of post‑quantum cryptography support. They also note that multi‑KDC or cross‑domain scenarios require additional coordination mechanisms. Future work will explore PQC‑compatible PKINIT, automated certificate lifecycle management, and integration with cloud‑native identity platforms. In summary, the paper proves that integrating PKINIT‑based Kerberos authentication with GSSAPI and IPSec VPN yields a practical, high‑security solution that simplifies credential management while maintaining performance suitable for large‑scale deployments.