authentication
play

Authentication CS461/ECE422 Fall 2009 1 Reading Chapter 12 from - PowerPoint PPT Presentation

Feb 03, 2023 •108 likes •515 views

Authentication CS461/ECE422 Fall 2009 1 Reading Chapter 12 from Computer Security Chapter 10 from Handbook of Applied Cryptography http://www.cacr.math.uwaterloo.ca/hac/abou 2 Overview Basics of an authentication system

  1. Authentication CS461/ECE422 Fall 2009 1

  2. Reading • Chapter 12 from Computer Security • Chapter 10 from Handbook of Applied Cryptography http://www.cacr.math.uwaterloo.ca/hac/abou 2

  3. Overview • Basics of an authentication system • Passwords – Storage – Selection – Breaking them – One time • Challenge Response • Biometrics 3

  4. Ivanhoe, Sir Walter Scott • Paraphrased: (Wamba gains entry to the castle dressed as a friar) Wamba: Take my disguise and escape, I will stay and die in your place. Cedric: I can’t possibly impersonate a friar, I only speak English. Wamba: If anyone says anything to you, just say “ Pax vobiscum .” Cedric: What does that mean? Wamba: I don’t know, but it works like a charm! 4

  5. Basics • Authentication: binding of identity to subject – Identity is that of external entity (my identity, the Illini Union Bookstore, etc .) – Subject is computer entity (process, network connection, etc .) 5

  6. Establishing Identity • One or more of the following – What entity knows ( e.g. password, private key) – What entity has ( e.g. badge, smart card) – What entity is ( e.g. fingerprints, retinal characteristics) – Where entity is ( e.g . In front of a particular terminal) • Example: scene from Ivanhoe • Example: Credit card transaction 6

  7. Authentication System • ( A , C , F , L , S ) – A : information that proves identity – C : information stored on computer and used to validate authentication information – F : set of complementation functions that generates C ; f : A → C – L : set of authentication functions that verify identity; l : A × C → { true , false } – S : functions enabling entity to create, alter information in A or C 7

  8. Authentication System F: Complementation A: identity C: identity proving info S: validating info Update True or L: False Authentication 8

  9. Example • Password system, with passwords stored online in clear text – A set of strings making up passwords – C = A – F singleton set of identity function { I(a) = a } – L single equality test function { eq } – S function to set/change password 9

  10. Storage • Store as cleartext – If password file compromised, all passwords revealed • Encipher file – Need to have decipherment, encipherment keys in memory – Reduces to previous problem • Store one-way hash of password – If file read, attacker must still guess passwords or invert the hash 10

  11. Example • Original UNIX system standard hash function – Hashes password into 13 char string using one of 4096 hash functions • As authentication system: – A = { strings of 8 chars or less } – C = { 2 char hash id || 11 char hash } – F = { 4096 versions of modified DES } – L = { login , su , … } – S = { passwd , nispasswd , passwd+ , … } 11

  12. Dictionary Attacks • Trial-and-error from a list of potential passwords – Off-line (type 1) : know f and c ’s, and repeatedly try different guesses g ∈ A until the list is done or passwords guessed • Examples: crack , john-the-ripper – On-line (type 2) : have access to functions in L and try guesses g until some l ( g,c ) succeeds • Examples: trying to log in by guessing a password 12

  13. Preventing Attacks • How to prevent this: – Hide information so that either a , f , or c cannot be found • Prevents obvious attack from above • Example: UNIX/Linux shadow password files – Hides c ’s – Block access to all l ∈ L or result of l ( a,c ) • Prevents attacker from knowing if guess succeeded • Example: preventing any logins to an account from a network – Prevents knowing results of l (or accessing l ) 13

  14. Using Time Anderson’s formula: • P probability of guessing a password in specified period of time • G number of guesses tested in 1 time unit • T number of time units • N number of possible passwords (| A |) TG • Then P ≥ N 14

  15. Example • Goal – Passwords drawn from a 96-char alphabet – Can test 10 4 guesses per second – Probability of a success to be 0.5 over a 365 day period – What is minimum password length? • Solution – N ≥ TG / P = (365 × 24 × 60 × 60) × 10 4 /0.5 = 6.31 × 10 11 j ≥ ∑ s – Choose s such that = 0 96 N j – So s ≥ 6, meaning passwords must be at least 6 chars long – What exactly does that equation mean? 15

  16. Salting • Have a set of n complementation functions – Randomly select one function when registering new authentication info (function S) – Store ID of complementation function with complementation info • Attacker must try all n complementation functions to see if his guess matches any password • When does this help? When does it not? 16

  17. Approaches: Password Selection • Random selection – Any password from A equally likely to be selected – See previous example – Make sure it’s random! (e.g. period of 2 32 is not enough for (26+10) 8 passwords) • Key crunching ( e.g. hashing) a long key to a sequence of shorter keys • Pronounceable passwords • User selection of passwords 17

  18. Pronounceable Passwords • Generate phonemes randomly – Phoneme is unit of sound, e.g. cv , vc , cvc , vcv – Examples: helgoret, juttelon are; przbqxdfl, zxrptglfn are not • ~ 440 possible phonemes • 440 6 possible keys with 6 phonemes (12-18 characters long), about the same as 96 8 • Used by GNU Mailman mailing list software (?) 18

  19. User Selection • Problem: people pick easy-to-guess passwords – Based on account names, user names, computer names, place names – Dictionary words (also reversed, odd capitalizations, control characters, “l33t-speak”, conjugations or declensions, Torah/Bible/Koran/… words) – Too short, digits only, letters only – License plates, acronyms, social security numbers – Personal characteristics or foibles (pet names, nicknames, etc .) 19

  20. Picking Good Passwords • Examples from textbook – “LlMm*2^Ap” • Names of members of 2 families – “OoHeO/FSK” • Second letter of each word of length 4 or more in third line of third verse of Star-Spangled Banner, followed by “/”, followed by author’s initials • What’s good here may be bad there – “DMC/MHmh” bad at Dartmouth (“Dartmouth Medical Center/Mary Hitchcock memorial hospital”), ok here • Why are these now bad passwords?  20

  21. Proactive Password Checking • Analyze proposed password for “goodness” – Always invoked – Can detect, reject bad passwords for an appropriate definition of “bad” – Discriminate on per-user, per-site basis – Needs to do pattern matching on words – Needs to execute subprograms and use results • Spell checker, for example – Easy to set up and integrate into password selection system 21

  22. Salting • Goal: slow dictionary attacks • Method: perturb hash function so that: – Parameter controls which hash function is used – Parameter differs for each password – So given n password hashes, and therefore n salts, need to hash guess n • Doesn't help against attacking a single user – Does help in bulk attack 22

  23. Examples • Vanilla UNIX method – Use DES to encipher 0 message with password as key; iterate 25 times – Perturb E table in DES in one of 4096 ways • 12 bit salt flips entries 0–11 with entries 24–35 • E Table is per round expansion table • Alternate methods – Use salt as first part of input to hash function 23

  24. Guessing Through L • Cannot prevent these – Otherwise, legitimate users cannot log in • Make them slow – Backoff – Disconnection – Disabling • Be very careful with administrative accounts! – Jailing • Allow in, but restrict activities 24

  25. Leaking Information • User friendly system gives cause of login failure – Bad user vs bad password • Speed of response may give clue 25

  26. Detecting Trojan Login • Trusted path – More in next couple lectures • Recognize last login time stamp • Recognize previously selected picture • Certificate 26

  27. Password Aging • Force users to change passwords after some time has expired – How do you force users not to re-use passwords? • Record previous passwords • Block changes for a period of time – Give users time to think of good passwords • Don’t force them to change before they can log in • Warn them of expiration days in advance 27

  28. Challenge-Response • User, system share a secret function f (in practice, f is a known function with unknown parameters, such as a cryptographic key) request to authenticate system user random message r user system (the challenge) f(r) system user (the response) 28

  29. One-Time Passwords • Password that can be used exactly once – After use, it is immediately invalidated • Challenge-response mechanism – Challenge is one of a number of authentications; response is password for that particular number • Problems – Synchronization of user, system – Generation of good random passwords – Password distribution problem 29

  30. S/Key • One-time password scheme based on idea of Lamport • h one-way hash function (MD5 or SHA-1, for example) • User chooses initial seed k • System calculates: h ( k ) = k 1 , h ( k 1 ) = k 2 , …, h ( k n –1 ) = k n • Passwords are reverse order: p 1 = k n , p 2 = k n –1 , …, p n –1 = k 2 , p n = k 1 30

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication

288 views • 10 slides
Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a precondition How to authenticate: Something you know Password, Secrets Something you have Smart Card, Token Something you are Biometrie

607 views • 4 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

613 views • 27 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

1.66k views • 27 slides
A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization, Sessions Authentication Determining user identity Multiple ways What you know (password) What you have (phone, RSA SecureID, Yubikey)

1.57k views • 28 slides
Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password Token-based authentication Third party authentication Local Authentication How to store and verify password? Clear Data can be hacked

615 views • 14 slides
The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch Security Engineer kbabioch@suse.de New authentication standards ... 2 Some authentication technologies ... 3 - Authentication theory -

1.28k views • 88 slides
Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239 Authentication on a single machine Computer Security Authentication across a network February 21, 2007 Lecture 9 Lecture 9 Page 1 Page 2 CS 236,

302 views • 8 slides
I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform Agenda Authentication Inbound authentication Outbound authentication Single Sign-on Definitions Stage Process Method Physical

781 views • 48 slides
HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been

HOST PUF-Based Authentication ECE 525 PUF-Based Authentication PUF-based protocols have been proposed for applications including: Encryption and authentication For detecting malicious alterations of design components For

645 views • 15 slides
1 Password-Based Authentication Node A has a secret ( password ): e.g., lisa To

1 Password-Based Authentication Node A has a secret ( password ): e.g., lisa To

Authentication Protocols Guevara Noubir College of Computer and Information Science Northeastern University noubir@ccs.neu.edu Outline Overview of Authentication Systems [Chapter 9] Authentication of People [Chapter 10]

396 views • 17 slides
THE STATE OF AUTHENTICATION Chad Spensky Allthenticate OUTLINE Who am I? Authentication

THE STATE OF AUTHENTICATION Chad Spensky Allthenticate OUTLINE Who am I? Authentication

THE STATE OF AUTHENTICATION Chad Spensky Allthenticate OUTLINE Who am I? Authentication overview Current state of Authentication The future of authentication MY JOURNEY 2012-2015 2004-2011 2015-Present 1998-2004 Staff at MIT

453 views • 34 slides
User Authentication Passport Jason Situ Passport What is it? Passport is authentication

User Authentication Passport Jason Situ Passport What is it? Passport is authentication

User Authentication Passport Jason Situ Passport What is it? Passport is authentication middleware for Node. It is designed to serve a singular purpose: authenticate requests. Supports a comprehensive set of authentication mechanisms called

808 views • 16 slides
HOST PUF-Based Authentication Protocols ECE 525 PUF-Based Authentication Protocols The simplest

HOST PUF-Based Authentication Protocols ECE 525 PUF-Based Authentication Protocols The simplest

HOST PUF-Based Authentication Protocols ECE 525 PUF-Based Authentication Protocols The simplest mechanisms called challenge-response entity authentication exchange cleartext bitstrings directly, i.e., no cryptographic primitives are used A PUF

1.08k views • 38 slides
Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and

Authentication, vulnerabilities, exploits, and the secure design principles of Saltzer and Schroeder Authentication in general Bishop: Authentication is the binding of an identity to a principal. Network-based authentication mechanisms

1.6k views • 43 slides
Closure properties of RE, Rec Recall that a language L is - recursively enumerable (RE) if there

Closure properties of RE, Rec Recall that a language L is - recursively enumerable (RE) if there

[Section 10.1] Closure properties of RE, Rec Recall that a language L is - recursively enumerable (RE) if there exists a TM for L, - recursive (Rec) if there exists a TM for L which halts on every input (i.e. also on strings not from L). Is the

496 views • 13 slides
Backward Analysis via Over-Approximate Abstraction and Under-Approximate Subtraction Alexey

Backward Analysis via Over-Approximate Abstraction and Under-Approximate Subtraction Alexey

Backward Analysis via Over-Approximate Abstraction and Under-Approximate Subtraction Alexey Bakhirkin 1 Josh Berdine 2 Nir Piterman 1 1 University of Leicester, Department of Computer Science 2 Microsoft Research Goal A backwards analysis

733 views • 23 slides
The Inclusion Problem for Weighted Automata on Infinite Trees (Slides) Data August 2011

The Inclusion Problem for Weighted Automata on Infinite Trees (Slides) Data August 2011

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/236590870 The Inclusion Problem for Weighted Automata on Infinite Trees (Slides) Data August 2011 CITATIONS READS 0 30 2 authors:

630 views • 45 slides
Complementing Bchi automata via alternating automata Guillaume Sadegh LRDE EPITA Research

Complementing Bchi automata via alternating automata Guillaume Sadegh LRDE EPITA Research

Introduction Overview on -automata The complementation Implementation Conclusion and Perspectives References Complementing Bchi automata via alternating automata Guillaume Sadegh LRDE EPITA Research and Development Laboratory

512 views • 49 slides
Matchings, coverings, and Castelnuovo-Mumford regularity Russ Woodroofe Washington U in St Louis

Matchings, coverings, and Castelnuovo-Mumford regularity Russ Woodroofe Washington U in St Louis

24th Cumberland Conference on Combinatorics, Graph Theory, and Computing Matchings, coverings, and Castelnuovo-Mumford regularity Russ Woodroofe Washington U in St Louis russw@math.wustl.edu 0/ 11 Edge coverings Goal: Relate several edge

1.11k views • 94 slides
Tree automata techniques for the verification of infinite state-systems Summer School VTSA 2011

Tree automata techniques for the verification of infinite state-systems Summer School VTSA 2011

Tree automata techniques for the verification of infinite state-systems Summer School VTSA 2011 Florent Jacquemard INRIA Saclay & LSV (UMR CNRS/ENS Cachan) florent.jacquemard@inria.fr http://www.lsv.ens-cachan.fr/~jacquema TATA book

2.19k views • 200 slides
Summary of topics Sets COMP2111 Week 2 Formal languages Term 1, 2020 Discrete Mathematics

Summary of topics Sets COMP2111 Week 2 Formal languages Term 1, 2020 Discrete Mathematics

Summary of topics Sets COMP2111 Week 2 Formal languages Term 1, 2020 Discrete Mathematics Recap Relations Functions Propositional Logic 1 2 Summary of topics Sets A set is defined by the collection of its elements. Sets are typically

464 views • 31 slides
Timed Automata Rajeev Alur University of Pennsylvania www. cis. upenn. edu/ ~alur/ SFM- RT,

Timed Automata Rajeev Alur University of Pennsylvania www. cis. upenn. edu/ ~alur/ SFM- RT,

Timed Automata Rajeev Alur University of Pennsylvania www. cis. upenn. edu/ ~alur/ SFM- RT, Bertinoro, Sept 2004 model yes Model Checker temporal property error- trace Advant ages Aut omat ed f or mal verif icat ion, Ef f ect ive

736 views • 54 slides

More recommend