Cisco CloudCenter: Get the Hybrid IT Advantage

Digest Authentication

Definition - What does Digest Authentication mean?

Digest authentication is a method in which all requests for access from client devices are received by a network server and then sent to a domain controller.

It is one of the standard methods used by a Web server to authenticate the credentials of a user agent or Web browser. Credentials are hashed or encrypted before being sent, ensuring they are never transmitted in clear text form.

Techopedia explains Digest Authentication

Digest authentication uses Hypertext Transfer Protocol (HTTP) and was originally specified in RFC 2069, which states that a scheme’s security be maintained by a nonce code generated by a server.

Before credentials are transmitted, they are encrypted through the MD5 cryptographic hash function and used with nonce values to prevent replay attacks, as nonce values are used only once.

The digest authentication process is as follows:

  1. A client requests access to a website with a username and a password.

  2. The server responds with a digest session key, a nonce and 401 authentication request.

  3. The client answers with a response array with a composition of (username:realm:password), which is encrypted using MD5.

  4. The server employs the username and realm to look up the password in the database, then uses that password to create a MD5 key using (username:realm:password_from_database).

  5. Then, the server compares its generated MD5 key to the client's submitted MD5 key. If it matches, the client is authenticated. If not, the client is denied access.

Share this:

Connect with us

Email Newsletter

Join thousands of others with our weekly newsletter

The 4th Era of IT Infrastructure: Superconverged Systems
The 4th Era of IT Infrastructure: Superconverged Systems:
Learn the benefits and limitations of the 3 generations of IT infrastructure – siloed, converged and hyperconverged – and discover how the 4th...
Approaches and Benefits of Network Virtualization
Approaches and Benefits of Network Virtualization:
Businesses today aspire to achieve a software-defined datacenter (SDDC) to enhance business agility and reduce operational complexity. However, the...
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.