In this article a counter variable is considered for each client that represents number of sent messages from the client to servers. Advantage of this variable that host at ticket granting server is aware of repeated message during send it. Also, at servers we used a binary tree structure to store the messages and searching between them. Simulation results show significant improvement in the face of replay attacks by Trudy and response time to service at Kerberos-Based Network. | International Journal of Computer Networks and Communications Security VOL. 2, NO. 12, DECEMBER 2014, 479–484 Available online at: ISSN 2308-9830 An Optimized Approach to Authenticate Users in Kerberos-Based Networks Aliakbar Tajari Siahmarzkooh1, Milad Shahini2 1 2 Student, Department of Computer Sciences, University of Tabriz, Tabriz, Iran MSc Student, Department of Computer Engineering, University of Mirdamad, Gorgan, Iran E-mail: 1tajari1987@, ABSTRACT Authentication is a mechanism by which any entity can check whether its partner is one who claims to be in a relationship or is a disrupting that has been replaced by real party. One of the authentication protocols is Kerberos where timestamp is used to avoid sending repeated and unfeigned messages by Trudy. In this article a counter variable is considered for each client that represents number of sent messages from the client to servers. Advantage of this variable that host at ticket granting server is aware of repeated message during send it. Also, at servers we used a binary tree structure to store the messages and searching between them. Simulation results show significant improvement in the face of replay attacks by Trudy and response time to service at Kerberos-Based Network. Keywords: Authentication, Kerberos Protocol, Replay Attack, Ticket Granting Server, Binary Tree. 1 INTRODUCTION In technology security world, application sender and receiver processes are relating together instead of actual and legal individuals and authentication is a mechanism which processes is applied it to confirm digital identity of users. For example an application program which plays as a financial and credit institute server, can gain its legal identity from its owner and should evidence to institute user that is real representative of that institute [1]. Also, application program in customer situation should evidence that is real customer of who claimed to be a .