strong authentication without tamper resistant hardware
play

Strong Authentication without Tamper-Resistant Hardware and - PowerPoint PPT Presentation

Apr 25, 2023 •594 likes •869 views

Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities Zhenfeng Zhang , Yuchen Wang , Kang Yang Institute of Software, Chinese Academy of Sciences; The Joint Academy of Blockchain

  1. Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities Zhenfeng Zhang ♰⚛ , Yuchen Wang ♰ , Kang Yang ✧ ♰ Institute of Software, Chinese Academy of Sciences; ⚛ The Joint Academy of Blockchain Innovation; ✧ State Key Laboratory of Cryptology Presenter: Long Chen (New Jersey Institute of Technology)

  2. Shared Credential Authentication � Mechanism has dominated the realm of authentication for decades ❖ e.g., password (weak authentication) ❖ User’s credentials stored in centralized repositories at servers ❖ Explicitly transferred from user to server � The shared credentials can be stolen in batches or captured ❖ From breached centralized repositories ❖ Through phishing attacks

  3. Strong Authentication � Strong authentication — cryptographic identification protocol ❖ A claimant proves its identity to a verifier via challenge-response ❖ The claimant demonstrates the knowledge of secret keys with crypto ❖ Secret keys are not transferred over the channels, eliminate the risks � Mechanisms can be built with symmetric-key/public-key cryptos ❖ The claimant generates a MAC value on a challenge with a secret-key ❖ The claimant digitally signs a challenge message with a private-key ❖ e.g., HMAC and ECDSA algorithms

  4. How to Store Secret-keys for Strong Authentication? � Tamper-resistant hardware modules ❖ Highly recommended by FIDO and W3C ❖ FIDO Universal Authentication Framework ❖ W3C Web Authentication Specification � The issues with a tamper-resistant hardware module ❖ The module becomes another thing to be remembered to carry ❖ The secret would lost if the module/device is broken or lost ❖ Decrease usability of the strong authentication scheme

  5. How to Store Secret-keys for Strong Authentication? � Model for strong-auth without tamper-resistant hardware modules � The adversary’s capabilities ❖ Obtain PW-wrapped credentials ❖ Capture authentication tokens � The security goals ❖ Off-line dictionary attacks are infeasible ❖ Existential forgery of an authentication token is infeasible

  6. How to Store Secret-keys for Strong Authentication? � Off-line attacks under the model against strong authentication with symmetric-key crypto (MAC) / public-key crypto (DSA)

  7. Strong Authentication with Password-based Credentials � The Registration Phase � The Authentication Phase � The Secure Construction of Password-based Credential

  8. Password-based Credentials � Setup algorithm � Key Generation algorithm � Issue algorithm � The Sign Algorithm � The Verify Algorithm

  9. Password-based Credentials � Setup algorithm � Key Generation algorithm � Issue algorithm � The Sign Algorithm ❖ randomize-then-prove ❖ SPK can be standardized signature algorithms [ISO/IEC 14888-3:2018] � The Verify Algorithm

  10. Password-based Credentials � Setup algorithm � Key Generation algorithm � Issue algorithm � The Sign Algorithm ❖ randomize-then-prove ❖ SPK can be standardized signature algorithms [ISO/IEC 14888-3:2018] � The Verify Algorithm

  11. Password-based Credentials � Setup algorithm � Key Generation algorithm � Issue algorithm � The Sign Algorithm � The Verify Algorithm

  12. Password-based Credentials � Setup algorithm � Key Generation algorithm � Issue algorithm � The Sign Algorithm � The Verify Algorithm

  13. Password-based Credentials � Security Model of PBC and Provable Security

  14. Strong Authentication with Password-based Credentials � Implementation of PBC-based strong authentication ❖ Common cryptographic libraries • Standardized elliptic curves, not require pairing-friendly curves • OpenSSL, Bouncy Castle, sjcl,… ❖ Mainstream programming language, e.g., C/C++, Java, JavaScript,… ❖ Across devices, e.g., mobile and desktop ❖ PBC-backup for devices broken or lost • Cross device backup • Cloud server backup

  15. Strong Authentication with Password-based Credentials � Deployment of PBC-based authenticator and AUTH ❖ PBC authenticators deployed with • OS API (e.g., Android’s Keystore) • Browser API (e.g., W3C’s AuthAPIs) ❖ PBC-AUTH for both C/S and B/S architecture • Server (Protect key with hardware) • Client (i.e., Application) • Browser Extension

  16. Federated Identities with Password-based Credentials � Identity federation: SAML 2, OAUTH 2.0, OpenID Connect ❖ FAL-3: holder-of-key assertion (HoKA), a reference to a key held by a user, RP requires the user to prove possession of the key (PoPK) � Holder-of-key assertion mechanisms via certificates ❖ Require tamper-resistant hardwares to protect the private keys ❖ IdP cannot both preserve the privacy of users and support HoKA � Holder-of-key assertion mechanisms via PBCs ❖ Without requirement of tamper-resistant hardware for users ❖ Support privacy-preserving HoKA and PoPK

  17. Federated Identities with Password-based Credentials � Holder-of-Key Assertion & Proof-of-Possession of Key with PBCs

  18. Federated Identities with Password-based Credentials � Holder-of-Key Assertion & Proof-of-Possession of Key with PBCs

  19. Federated Identities with Password-based Credentials � Holder-of-Key Assertion & Proof-of-Possession of Key with PBCs

  20. Federated Identities with Password-based Credentials � Privacy-Preserving Holder-of-Key Assertion & PoPK with PBCs

  21. Federated Identities with Password-based Credentials � Privacy-Preserving Holder-of-Key Assertion & PoPK with PBCs

  22. Federated Identities with Password-based Credentials � Privacy-Preserving Holder-of-Key Assertion & PoPK with PBCs

  23. Performance Evaluation � AUTH-x strong authentication, x-ECDSA/PBC with/without tamper- resistant hardware at user-end

  24. Conclusions and Take-aways � Strong authentication without tamper-resistant hardware modules ❖ Highly practical construction from PBCs ❖ Resistant against offline attacks & token-forgery attacks � Federated identity system from PBCs ❖ User-IdP strong authentication ❖ (Privacy-preserving) holder-of-key assertion � User-friendly and easy-to-implement ❖ On general-purpose devices, via common programming languages ❖ Authenticator backup in case of devices broken/lost

  25. Thanks for the attention ! Strong Authentication without Tamper-Resistant Hardware and Application to Federated Identities Zhenfeng Zhang ♰⚛ , Yuchen Wang ♰ and Kang Yang ✧ ♰ Institute of Software, Chinese Academy of Sciences; ⚛ The Joint Academy of Blockchain Innovation; ✧ State Key Laboratory of Cryptology Contact: zhenfeng@iscas.ac.cn, yuchenwang@tca.iscas.ac.cn

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine

AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, Srinivas Devadas Massachusetts Institute of Technology L C S Cases for Physical Security Applications

519 views • 23 slides
True2F: Backdoor-resistant authentication tokens Emma Dauterman , Henry Corrigan-Gibbs, David

True2F: Backdoor-resistant authentication tokens Emma Dauterman , Henry Corrigan-Gibbs, David

True2F: Backdoor-resistant authentication tokens Emma Dauterman , Henry Corrigan-Gibbs, David Mazires, Dan Boneh, Dominic Rizzo Stanford and Google IEEE Security & Privacy 2019 U2F: Effective hardware 2FA 2 U2F: Effective hardware 2FA

781 views • 65 slides
Anomaly Detection Algorithms for Malware Traffic Analysis using Tamper Resistant Features Dr.

Anomaly Detection Algorithms for Malware Traffic Analysis using Tamper Resistant Features Dr.

Anomaly Detection Algorithms for Malware Traffic Analysis using Tamper Resistant Features Dr. Patrick McDaniel Berkay Celik Fall 2015 Introduction Motivation Related Work Data Approach Experimental Results Comparison

391 views • 25 slides
Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical

Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Tamper-resistant creation of integrity tokens for trustworthy communication in cyber-physical systems Intermediate talk for the Masters

740 views • 25 slides
5/24/10 Modern Hardware is Complex Modern systems built on layers of hardware Tamper Evident

5/24/10 Modern Hardware is Complex Modern systems built on layers of hardware Tamper Evident

5/24/10 Modern Hardware is Complex Modern systems built on layers of hardware Tamper Evident Microprocessors Applications OS Hypervisor Motherboard/ Slave Chips Adam Waksman CPU Simha Sethumadhavan Complexity increases risk of

340 views • 4 slides
Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin

Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin

Publius: A robust, tamper-evident, censorship-resistant web publishing system M Waldman, A Rubin and L Cranor Ranjit Randhawa Department of Computer Science Virginia Tech Outline Overview of Publius Anonymity tools Publius in

414 views • 13 slides
http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules

http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules

Design Principles for Tamper-Resistant Smartcard Processors Oliver Kmmerling Markus G. Kuhn ADSR Computer Laboratory http://www.cl.cam.ac.uk/~mgk25/sc99-tamper[-slides].pdf Classes of Attacks on Security Modules Microprobing Open the

465 views • 22 slides
Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge

Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge

Tamper Resistance - a Cautionary Note Ross Anderson Markus Kuhn University of Cambridge University of Erlangen/ Computer Laboratory Purdue University Applications of Tamper Resistant Modules Security of cryptographic applications is based

149 views • 12 slides
Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer

Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer

Hardware Security Smartcards and other TamperResistant Modules Markus G. Kuhn Computer Laboratory http://www.cl.cam.ac.uk/~mgk25/ Applications of Tamper Resistant Modules Security of cryptographic applications is based on secure

564 views • 23 slides
CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security

CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security

CrypTech October 2018 Barcelona Hardware Security Module From Wikipedia: A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing. These

977 views • 34 slides
Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice

Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice

Efficient Data Structures for Tamper-Evident Logging Scott A. Crosby Dan S. Wallach Rice University Everyone has logs Tamper evident solutions Current commercial solutions Write only hardware appliances Security depends on

1.32k views • 82 slides
Client puzzles for denial-of-service resistant authentication Joint work with Juan Gonzalez,

Client puzzles for denial-of-service resistant authentication Joint work with Juan Gonzalez,

Client puzzles for denial-of-service resistant authentication Joint work with Juan Gonzalez, Lakshmi Kuppusamy, Jothi Rangasamy, Douglas Stebila, Suriadi Suriadi Colin Boyd Information Security Institute Queensland University of Technology

560 views • 32 slides
New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent

New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent

New Insights to Key Derivation for Tamper-Evident Physical Unclonable Functions (PUFs) Vincent Immler, Karthik Uppund Conference on Cryptographic Hardware and Embedded Systems, Atlanta, Aug 26, 2019 PUF in a Nutshell: Biometrics of Objects PUF

403 views • 21 slides
Forgery-Resistant Touch-based Authentication on Mobile Devices Neil Zhenqiang Gong, Iowa State

Forgery-Resistant Touch-based Authentication on Mobile Devices Neil Zhenqiang Gong, Iowa State

Forgery-Resistant Touch-based Authentication on Mobile Devices Neil Zhenqiang Gong, Iowa State University Mathias Payer*, Purdue University Reza Moazzezi, UC Berkeley Mario Frank, UC Berkeley * @gannimo, http://hexhive.github.io Mobile

671 views • 26 slides
Secure Physical Enclosures from Covers with Tamper-Resistance Vincent Immler, Johannes Obermaier,

Secure Physical Enclosures from Covers with Tamper-Resistance Vincent Immler, Johannes Obermaier,

Secure Physical Enclosures from Covers with Tamper-Resistance Vincent Immler, Johannes Obermaier, Kuan Kuan Ng, Fei Xiang Ke, JinYu Lee, Yak Peng Lim, Wei Koon Oh, Keng Hoong Wee, Georg Sigl Conference on Cryptographic Hardware and Embedded

410 views • 29 slides
AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
Data Structures CSSE 221 Fundamentals of Software Development Honors Rose-Hulman Institute of

Data Structures CSSE 221 Fundamentals of Software Development Honors Rose-Hulman Institute of

Data Structures CSSE 221 Fundamentals of Software Development Honors Rose-Hulman Institute of Technology The gem cannot be polished without friction, nor man perfected without trials. -- Chinese Proverb This week: VectorGraphics Tuesday:

393 views • 14 slides
RSA the Key Generation Example 1. Randomly choose two prime numbers p and q . We choose p =

RSA the Key Generation Example 1. Randomly choose two prime numbers p and q . We choose p =

RSA the Key Generation Example 1. Randomly choose two prime numbers p and q . We choose p = 11 and q = 13. 2. Compute n = pq . We compute n = pq = 11 13 = 143. Tutorial on Public Key Cryptography RSA 3. Randomly choose an odd number

178 views • 3 slides
Introduction to Cryptography 2 Definition process data into unintelligible form, reversibly,

Introduction to Cryptography 2 Definition process data into unintelligible form, reversibly,

1 Introduction to Cryptography 2 Definition process data into unintelligible form, reversibly, without data loss typically digitally usually one-to-one in size $ compression analog cryptography: voice changers, shredder other

483 views • 19 slides
RSA Reference : Rivest, Shamir, Adleman, A Method for Obtaining Digital Sig- natures and Public Key

RSA Reference : Rivest, Shamir, Adleman, A Method for Obtaining Digital Sig- natures and Public Key

RSA Reference : Rivest, Shamir, Adleman, A Method for Obtaining Digital Sig- natures and Public Key Cryptosystems , CACM, Vol. 21, No. 2, pp. 120126, February 1978. RSA is a public key cryptosystem based on number theory. The security of RSA is

179 views • 7 slides
with Tunable Encrypted Deduplication Jingwei Li * , Zuoru Yang # , Yanjing Ren * , Patrick P. C.

with Tunable Encrypted Deduplication Jingwei Li * , Zuoru Yang # , Yanjing Ren * , Patrick P. C.

Balancing Storage Efficiency and Data Confidentiality with Tunable Encrypted Deduplication Jingwei Li * , Zuoru Yang # , Yanjing Ren * , Patrick P. C. Lee # , Xiaosong Zhang * * University of Electronic Science and Technology of China (UESTC) # The

451 views • 15 slides
Public Key Cryptography Diffie-Hellman Others CSS441: Security and Cryptography Sirindhorn

Public Key Cryptography Diffie-Hellman Others CSS441: Security and Cryptography Sirindhorn

CSS441 Public Key Crypto Principles RSA Public Key Cryptography Diffie-Hellman Others CSS441: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015

461 views • 29 slides
Cryptography and Network RSA Security Every Egyptian received two names, which were known Chapter

Cryptography and Network RSA Security Every Egyptian received two names, which were known Chapter

4/19/2010 Chapter 9 Public Key Cryptography and Cryptography and Network RSA Security Every Egyptian received two names, which were known Chapter 9 respectively as the true name and the good name, or the great name and the little name; and

410 views • 6 slides
Multi-key Analysis of Tweakable Even-Mansour with Applications to Minalpher and OPP Zhiyuan Guo 1

Multi-key Analysis of Tweakable Even-Mansour with Applications to Minalpher and OPP Zhiyuan Guo 1

Multi-key Analysis of Tweakable Even-Mansour with Applications to Minalpher and OPP Zhiyuan Guo 1 , 3 Wenling Wu 1 , 3 Renzhang Liu 2 Liting Zhang 1 1 TCA Laboratory, Institute of Software, Chinese Academy of Sciences, China 2 Institute of

653 views • 43 slides

More recommend