ALERT

[WEBINAR] See the Whole Story: The Case for a Visualization Platform

Digest Authentication

Definition - What does Digest Authentication mean?

Digest authentication is a method in which all requests for access from client devices are received by a network server and then sent to a domain controller.

It is one of the standard methods used by a Web server to authenticate the credentials of a user agent or Web browser. Credentials are hashed or encrypted before being sent, ensuring they are never transmitted in clear text form.

Techopedia explains Digest Authentication

Digest authentication uses Hypertext Transfer Protocol (HTTP) and was originally specified in RFC 2069, which states that a scheme’s security be maintained by a nonce code generated by a server.

Before credentials are transmitted, they are encrypted through the MD5 cryptographic hash function and used with nonce values to prevent replay attacks, as nonce values are used only once.

The digest authentication process is as follows:

  1. A client requests access to a website with a username and a password.

  2. The server responds with a digest session key, a nonce and 401 authentication request.

  3. The client answers with a response array with a composition of (username:realm:password), which is encrypted using MD5.

  4. The server employs the username and realm to look up the password in the database, then uses that password to create a MD5 key using (username:realm:password_from_database).

  5. Then, the server compares its generated MD5 key to the client's submitted MD5 key. If it matches, the client is authenticated. If not, the client is denied access.

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
Tweat cdn.techopedia.com
"Techopedia" on Twitter


'@Techopedia'
Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Resources
Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.