📜  Kerberos和NTLM之间的区别

📅  最后修改于: 2021-08-27 18:08:28             🧑  作者: Mango

1. Kerberos:
Kerberos是基于票证的身份验证系统,用于在登录系统时对用户信息进行身份验证。 Kerberos基于对称密钥加密技术,并且依赖于可靠的第三方,并且在身份验证阶段使用私有密钥加密。开发了不同版本的Kerberos,以增强身份验证的安全性。 Kerberos通常在Microsoft产品(例如Windows 2000,Windows XP和更高版本的Windows)中实现。

2. NTLM:
NTLM(新技术LAN管理器)是专有的Microsoft身份验证协议。 NTLM也基于对称密钥加密技术,并且需要资源服务器为用户提供身份验证,完整性和机密性。 NTLM不支持身份验证和两因素身份验证。 NTLM通常在较早的Windows版本中实现,例如Windows 95,Windows 98,Windows ME,NT 4.0。

Kerberos和NTLM之间的区别:

S.No. Kerberos NTLM
1. Kerberos is an open source software and offers free services. NTLM is the proprietary Microsoft authentication protocol.
2. Kerberos supports delegation of authentication in multi-tier application. NTLM does not support delegation of authentication.
3. Kerberos supports two factor authentication such as smart card logon. NTLM does not provide smart card logon.
4. Kerberos has the feature of mutual authentication. NTLM does not have the feature of mutual authentication.
5. Kerberos provides high security. While NTLM is less secured as compared to kerberos.
6. Kerobos is supported in Microsoft Windows 2000, Windows XP and later windows versions. NTLM is also supported in earlier windows versions such as Windows 95, Windows 98, Windows ME, NT 4.0.