AS_REP represent the response from the Ticket Granting Service to the Client in the AS Exchange

When the previous AS_REQ arrives, the Kerberos Authentication Service checks whether PrincipalClient and PrincipalService exist in the KDC database. If at least one of the two does NOT exist an error message is sent to the Client

Otherwise the Authentication Server processes the reply as follows:

The Ticket Granting Ticket thus appears as follows:

TGT = ( PrincipalClient , krbtgt/REALM@REALM , IP_list , Timestamp , Lifetime , SKTGS )

Kerberos Authentication Service generates and sends the reply containing:

  • the ticket created previously, encrypted using the secret key for the service
  • the service principal, timestamp, lifetime and session key all encrypted using the Secret-key for the user requesting the service (let’s call it KUser).
In summary:
AS_REP = { PrincipalService , Timestamp , Lifetime , SKTGS }KUser { TGT }KTGS

Though it may seem that this message contains redundant information (PrincipalService, timestamp, lifetime and session key). But this is not the case: since the information present in the TGT is encrypted using the secret key for the server, it cannot be read by the client and needs to be repeated.

At this point, when the client receives the reply message, it will ask the user to enter the password. The salt is concatenated with the password and then the string2key function is applied: with the resulting key an attempt is made to decrypt the part of the message encrypted by the KDC using the secret key of the user stored in the database. If the user is really who he/she says, and has thus entered the correct password, the decrypting operation will be successful and thus the Session Key can be extracted and with the TGT (which remains encrypted) stored in the user’s credential cache.

More Information#

There might be more information for this subject on one of the following: