View
243
Download
0
Category
Tags:
Preview:
Citation preview
Authentication
What you know?
What you have?
What you are?
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 2
Authentication Allows an entity (a user or a system) to
prove its identity to another entity Typically, the entity whose identity is
verified reveals knowledge of some secret S to the verifier
Strong authentication: the entity reveals knowledge of S to the verifier without revealing S to the verifier
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 3
Authentication Information
Must be securely maintained by the
system.
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 4
Elements of AuthenticationPerson/group/code/systemDistinguishing characteristicProprietor/system
owner/administratorAuthentication mechanismAccess control mechanism
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 5
Authentication RequirementsSystem must ensure
Data exchange is established with addressed peer entity and not with an entity that masquerades or replays previous messages
Data source is the one claimed
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 6
Authentication vs. IdentificationIdentification – Who are you?Authentication – Why should we
believe you?Authentication generally follows
identification
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 7
User AuthenticationWhat the user knows
Password, personal informationWhat the user possesses
Physical key, ticket, passport, token, smart card
What the user is (biometrics) Fingerprints, voiceprint, signature
dynamics
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 8
PasswordsFor each user, system stores (user
name, F(password)), where F is some transformation (e.g., one-way hash) in a password file
When user enters the password, system computes F(password); match provides proof of identity
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 9
F(password)Password F(password): easy F(password) password: hardPassword is not stored in the
system
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 10
Vulnerabilities of PasswordsEasy to guess or snoopNo control on sharingVisible if unencrypted in networksSusceptible for replay attacks if
encrypted naively
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 11
Advantages of PasswordsEasy to modify compromised
passwordSystem well understood by most
usersSpecialized hardware not needed
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 12
Weak PasswordsBell Labs study (Morris and
Thompson, 1979), 3289 passwords were examined
Summary: 2831 passwords (86% of the sample) were weak, i.e., either too easy to predict or too short
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 13
Study Details 15 single ASCII characters 72 two ASCII characters 464 three ASCII characters 477 four ASCII characters 706 five letters (all lower case or all upper case) 605 six letters, all lower case 492 weak passwords (name, dictionary words,
etc.)
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 14
Password AttacksGuessing attackDictionary attackSocial engineeringSpoofing attackOther attacks (covered later)
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 15
Guessing AttackExploits human tendency to use
easy to remember passwordsTrial-and-error attackEasy to detect and block (failed
logins)Need audit mechanism
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 16
Dictionary Attack Attack 1:
Create dictionary of common words and names and their simple transformations
Use these to guess password Attack 2:
Usually F is public and so is the password file (encrypted)
Compute F(word) for each word in dictionary Find match
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 17
Social EngineeringAttacker asks for password by
masquerading as somebody else (not necessarily an authenticated user)
May be difficult to detectProtection against social engineering:
strict security policy and user education
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 18
Login SpoofingCreate a fake login screenCapture login and password when user
attempts to log inPresent a fake failed login screenUser may not even notice there is a
problem
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 19
Password DefensesPassword saltPassword management policiesLamport’s schemeOne time passwordsTime synchronizationChallenge response
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 20
Password Salt Used to make dictionary attack more difficult Salt is a 12 bit number between 0 and 4095 Derived from system clock and the process ID Compute F(password+salt); both salt and
F(password+salt) are stored in the password table User: gives password, system finds salt and
computes F(password+salt) and checks for match Note: with salt, the same password is computed in
4096 ways
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 21
Password Management Policies Educate users to make better choices Define rules for good password selection
and ask users to follow them Ask or force users to change their password
periodically Actively attempt to break user’s passwords
and force users to change broken ones Screen password choices
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 22
Lamport’s scheme Doesn’t require any special hardware System computes F(x),F2(x),…, F100(x) (this
allows 100 logins before password change) System stores user’s name and F100(x) User supplies F99(x) the first time If the login is correct, system replaces F100(x) with
F99(x) Next login: user supplies F98(x) … and so on User calculates Fn(x) using a hand-held calculator,
a workstation, or other devices
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 23
One-time Password Use the password exactly once! Often done for initial assigned
passwords User must change password before
doing anything else
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 24
Time Synchronized There is a hand-held authenticator
It contains an internal clock, a secret key, and a display Display outputs a function of the current time and the
key It changes about once per minute
User supplies the user id and the display value Host uses the secret key, the function and its clock
to calculate the expected output Login is valid if the values match
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 25
Challenge/Response
Work station Host
Network
Non-repeating challenges from the host The device requires a keypad
User ID
Challenge
Response
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 26
Challenge/Response Problems
Key database is extremely sensitiveThis can be avoided if public key
algorithms are used
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 27
Devices with Personal Identification Number (PIN)Devices are subject to theft Some devices require PIN (something
the user knows)PIN is used by the device to
authenticate the user
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 28
Smart CardsPortable devices with a CPU, I/O ports,
and some nonvolatile memoryCan carry out computation required by
public key algorithms and transmit directly to the host
Some use biometrics data about the user instead of the PIN
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 29
BiometricsFingerprintRetina scanVoice patternSignatureTyping styleHand geometry
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 30
Problems with BiometricsExpensive
Retina scan (min. cost) about $ 2,200 Voice (min. cost) about $ 1,500 Signature (min. cost) about $ 1,000
False readings Retina scan 1/10,000,000+ Signature 1/50 Fingerprint 1/500
Can’t be modified when compromised
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 31
Errors in BiometricsFalse rejection rate (FRR)
Authorized subject is rejectedFalse acceptance rate (FAR)
Unauthorized subject is acceptedCrossover error rate (CER)
FRR = FAR
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 32
Two-factor AuthenticationRequire two forms of
authenticationPassword + smart cardPIN + hand geometry
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 33
Wellness CenterIdentification – SSNAuthorization – hand geometryHigh change of random hands
matchingLow chance of your friend’s
hand matching yours
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 34
Single Sign-On (SSO)Provide identification and
authorization once for a set of related systems
VIP limited SSOKerberos (ker-ber-OUS)
Symmetric key cryptosystem Trusted third party (Key Distribution Center
(KDC) – a trusted third party
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 35
Responsibility for DataData owner (data administrator)
Sets policies
Data custodian (database administrator) Implements policies
Data user (database user) Follows policies
Authentication CSCE 522 - Farkas/Eastman -- Fall 2005 36
Chapter Topic ReviewAccess controlIdentification and
authenticationPossible threatsMiscellaneous examples
Recommended