AS-REP: authentication server reply (KDC to User)
KDC decrypts timestamp (pre-authentication) and issues encrypted TGT
- KDC verifies timestamp
- KDC decrypts timestamp with client password
- A timestamp within 2 minutes of the request is fine
- If AS cannot find the timestamp in its cache, the request is valid (not a replay) and timestamp is added to the cache
- KDC generates client secret key for later use
- can be generated by both the server and the client
client_secret = hash(password + salt (user_name@realm_name) + kvno (key version #; useful for long-lived keys))
- Message 1 to client: encrypted with client secret key
- TGS name / ID
- Timestamp of message
- Lifetime (same as TGT’s)
- TGS session key
- Message 2 to client: TGT; encrypted with TGS secret key to prevent tampering by user
- Username / ID
- TGS name / ID
- Timestamp of TGT
- User IP address
- Lifetime of TGT
- TGS session key