Notes 2

spotlessstareΑσφάλεια

29 Νοε 2013 (πριν από 3 χρόνια και 4 μήνες)

78 εμφανίσεις

Identification

Authentication


2

Authentication


Allows an entity (a user or a system) to prove
its identity to another entity


Typically, the entity whose identity is verified
reveals knowledge of some secret S to the
verifier


Strong authentication
: the entity reveals
knowledge of S

to the verifier
without

revealing S to the verifier

3

Authentication Information

Must be securely maintained by the

system.

4

Elements of Authentication


Person/group/code/system
: to be authenticated


Distinguishing characteristic
: differentiates the
entities to be authenticated


Proprietor/system owner/administrator
: responsible
for the system


Authentication mechanism
: verify the distinguishing
characteristic


Access control mechanism
: grant privileges upon
successful authentication

5

Authentication Requirements


Network must ensure


Data exchange is established with addressed peer entity not
with an entity that masquerades or replays previous
messages


Network must ensure data source is the one claimed


Authentication generally follows identification


Establish validity of claimed identity


Provide protection against fraudulent transactions

6

User Authentication


What the user knows


Password, personal information


What the user possesses


Physical key, ticket, passport, token, smart card


What the user is (biometrics)


Fingerprints, voiceprint, signature dynamics

7

Passwords


Commonly used method


For each user, system stores (user name,
F(password)), where F is some transformation (e.g.,
one
-
way hash) in a password file


F(password) is easy to compute


From F(password), password is difficult to compute


Password is not stored in the system


When user enters the password, system computes
F(password); match provides proof of identity

8

Vulnerabilities of Passwords


Inherent vulnerabilities


Easy to guess or snoop


No control on sharing


Practical vulnerabilities


Visible if unencrypted in distributed and network
environment


Susceptible for replay attacks if encrypted naively


Password advantage


Easy to modify compromised password.

9

Weak Passwords


Bell Labs study (Morris and Thompson, 1979), 3289
passwords were examined


15 single ASCII characters, 72 two ASCII characters, 464
three ASCII characters, 477 four ASCII characters, 706
five letters (all lower case or all upper case), 605 six letters,
all lower case, 492 week passwords (name, dictionary
words, etc.)


Summary: 2831 passwords (86% of the sample) were
weak, i.e., either too easy to predict or too short

10

Attacks on Password


Guessing attack/dictionary attack


Social Engineering


Sniffing


Trojan login


Van Eck sniffing

11

Guessing Attack


Exploits human nature to use easy to
remember passwords


Trial
-
and
-
error attack


Easy to detect (failed logins) and block


Need audit mechanism

12

Social Engineering


Attacker asks for password by masquerading
as somebody else (not necessarily an
authenticated user)


May be difficult to detect


Protection against social engineering: strict
security policy and users’ education

13

Dictionary Attacks on Passwords


Attack 1:


Create dictionary of common words and names and their
simple transformations


Use these to guess password


Attack 2:


Usually F is public and so is the password file (encrypted)


Compute F(word) for each word in dictionary


Find match


Attack 3:


Pre
-
compute dictionary


Look up matches


14

Password Salt


Used to make dictionary attack more difficult


Salt is a 12 bit number between 0 and 4095


It is derived from the system clock and the process identifier


Compute F(password+salt); both salt and F(password+salt) are
stored in the password table


User: gives password, system finds salt and computes
F(password+salt) and check for match


Note: with salt, the same password is computed in 4096 ways


15

Password Management Policy


Educate users to make better choices


Define rules for good password selection and
ask users to follow them


Ask or force users to change their password
periodically


Actively attempt to break user’s passwords and
force users to change broken ones


Screen password choices

16

One
-
time Password



Use the password exactly once!

17

Lamport’s scheme


Doesn’t require any special hardware


System computes F(x),F
2
(x),…, F
100
(x) (this allows
100 logins before password change)


System stores user’s name and F
100
(x)


User supplies F
99
(x) the first time


If the login is correct, system replaces F
100
(x) with
F
99
(x)


Next login: user supplies F
98
(x) … and so on


User calculates F
n
(x) using a hand
-
held calculator, a
workstation, or other devices

18

Time Synchronized


There is a hand
-
held authenticator


It contains an internal clock, a secret key, and a display


Display outputs a function of the current time and the key


It changes about once per minute


User supplies the user id and the display value


Host uses the secret key, the function and its clock to
calculate the expected output


Login is valid if the values match


19

Time Synchronized

Secret key

Time

One Time Password

DES

20

Challenge Response

Work

station

Host

Network



Non
-
repeating challenges from the host is used



The device requires a keypad

User ID

Challenge

Response

21

Challenge Response

Secret key

Challenge

One Time Password

DES

22

Devices with Personal
Identification Number (PIN)


Devices are subject to theft, some devices
require PIN (something the user knows)


PIN is used by the device to authenticate the
user


Problems with challenge/response schemes


Key database is extremely sensitive


This can be avoided if public key algorithms are
used

23

Smart Cards


Portable devices with a CPU, I/O ports, and
some nonvolatile memory


Can carry out computation required by public
key algorithms and transmit directly to the host


Some use biometrics data about the user
instead of the PIN

24

Biometrics


Fingerprint


Retina scan


Voice pattern


Signature


Typing style

25

Problems with Biometrics


Expensive


Retina scan (min. cost) about $ 2,200


Voice (min. cost) about $ 1,500


Signature (min. cost) about $ 1,000


False readings


Retina scan 1/10,000,000+


Signature 1/50


Fingerprint 1/500


Can’t be modified when compromised