CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa...


Citation preview

CS 736

A methodology for Analyzing the Performance of Authentication Protocol


Laseinde Olaoluwa Peter

Department of Computer ScienceWest Virginia Universityolaseind@mix.wvu.edu


What is an authentication protocol?

Password Authentication Scheme

Token Based Authentication (Smart card)

Biometric Authentication Protocol

Multiple Authentication System

What are authentication protocols?

The different schemes used to grant or decline access to a place/location.

Establish the identity of a person.

Establish a communication securely


What is an authentication protocol?

Password Authentication Scheme

Token Based Authentication (Smart card)

Biometric Authentication Protocol

Multiple Authentication System

Password Authentication scheme

Most widely used authentication protocol

Encryption and decryption of password are done using algorithms

Symmetric and Asymmetric encrypting techniques

Performance of some algorithms

Advantages Least expensive authentication method to use. No need to carry hardware device. User IDs and passwords can be changed at the user's


Disadvantages Not fully reliable when used for making financial

transactions remotely, such as fund transfers and bill payments through an Internet banking channel.

Security depends on the users' ability to maintain the user ID and password secret.


What is an authentication protocol?

Password Authentication Scheme

Token Based Authentication (Smart card)

Biometric Authentication Protocol

Multiple Authentication System

Token based Authentication (smart card)

Takes the form of ID cards e.g. student card, debit/credit cards, insurance cards gives access to Laboratories and other facilities on campus, ATMs and Library.

Comes with single or multiple processors.

Advantages More secure to use than the normal user ID or

password. Difficult for non-authorized users to extract the private

key when stored on a smart card.

Disadvantages Requires users to carry a smart card. Need for regular renewals

Some brands of smart cards


What is an authentication protocol?

Password Authentication Scheme

Token Based Authentication (Smart card)

Biometric Authentication Protocol

Multiple Authentication System

Biometric Authentication

Defines “who you are”

not “what you have”

or “what you can remember”

Biological and behavioral characteristics Finger prints

Ridges and valleys



Hand/finger geometry



Definitions False Acceptance Rate (FAR): Probability that a

biometric system falsely recognizes different characteristics as identical, thus failing to reject, for example, a potential intruder.

False Rejection Rate (FRR): Probability that a biometric system falsely recognizes identical characteristics as being different, thus, for example refusing to accept an authorized person.

False Match Rate (FMR): This indicates the proportion of persons who, when comparing characteristics, were falsely accepted.

Definitions continued…

False Non-Match Rate (FNMR): This indicates the proportion of persons who, when comparing characteristics, were falsely not accepted.

Failure to Acquire (FTA): This is the attempts that were previously rejected due to a low quality of the image, this is also the proportion of times the biometric device fails to capture a sample when the biometric characteristic is presented to it.

Failure to Enroll (FTE): This is a measure of the proportion of users that cannot be successfully enrolled in a biometric system

Performance of biometric systems

Efficiency in image capturing process.

Performance in terms of effectiveness

Relationship between the False match rate and False non-match

Performance in terms of effectiveness

A comparison of the false accept rate and the false reject rate

Advantages Can be used for accessing high-security systems and

sites Different options are available, finger print, iris, voice,

hand geometry, face. You do not need to carry any physical item.

Disadvantages It could be expensive e.g cost of scanners, support and

maintenance High deployment cost May not be suitable for mass-consumer deployment Performance is not 100%


What is an authentication protocol?

Password Authentication Scheme

Token Based Authentication (Smart card)

Biometric Authentication Protocol

Multiple Authentication System

Multiple authentication System

Having a combination of two or more authentication protocols

ATM machine which makes use of both the smart card and also a pin for authentication.

