Security Memo

Search (Ctrl+K)

SearchSearch

Recent Notes

See 1423 more sorted by tag →

TGS-REQ

created Jan 08, 2024updated Apr 16, 20241 min read

TGS-REQ: Ticket Granting Server Request (User to KDC)

User requests KDC for a service ticket using TGT. The service ticket is also called a TGS ticket, though TGS is also the name of the service which is confusing.

  • Message 1 to TGS; cleartext
    • Service name / ID
    • Requested lifetime for service ticket
  • Message 2 to TGS: User Authenticator; encrypted with TGS session key
    • Username / ID
    • Timestamp
  • Message 3 to TGS: forwarded TGT

Graph View

Backlinks