Presentation is loading. Please wait.

Presentation is loading. Please wait.

A. Steffen, 10.4.2000, KSy_Auth.ppt 1 Zürcher Hochschule Winterthur Kommunikationssysteme (KSy) - Block 9 Secure Network Communication Part III Authentication.

Similar presentations


Presentation on theme: "A. Steffen, 10.4.2000, KSy_Auth.ppt 1 Zürcher Hochschule Winterthur Kommunikationssysteme (KSy) - Block 9 Secure Network Communication Part III Authentication."— Presentation transcript:

1 A. Steffen, , KSy_Auth.ppt 1 Zürcher Hochschule Winterthur Kommunikationssysteme (KSy) - Block 9 Secure Network Communication Part III Authentication and Integrity Secure Network Communication Part III Authentication and Integrity Dr. Andreas Steffen 2000 Zürcher Hochschule Winterthur

2 A. Steffen, , KSy_Auth.ppt 2 Zürcher Hochschule Winterthur Secure Network Communication – Part III Integrity Authentication Certificates

3 A. Steffen, , KSy_Auth.ppt 3 Zürcher Hochschule Winterthur Integrity of Documents and Messages Detection of corrupted documents and messages Detection of bit errors caused by unreliable transmission links or faulty storage media. Solution: Message Digest acting as a unique fingerprint for the document (similar function as CRC). Protection against unauthorized modification Without protection a forger could create both an alternative document and its corresponding correct message digest. Symmetric Key Solution: Message Authentication Code (MAC) formed by using a keyed message digest function. Asymmetric Key Solution: Digital Signature formed by encrypting the message digest with the document authors private key.

4 A. Steffen, , KSy_Auth.ppt 4 Zürcher Hochschule Winterthur Message Digests based on One-Way Hash Functions A single bit change in a document should cause about 50% of the bits in the digest to change their value ! Document or message of arbitrary size Message Digest of fixed size Hash Function One-Way Function Hash Function

5 A. Steffen, , KSy_Auth.ppt 5 Zürcher Hochschule Winterthur Popular Hash Functions SHA - Secure Hash Algorithm, NIST / NSA Document or Message Message Digest or Hash or Fingerprint bits MD5 Hash Function bits SHA MD5 - Message Digest #5, Ron Rivest, RSA

6 A. Steffen, , KSy_Auth.ppt 6 Zürcher Hochschule Winterthur Basic Structure of the MD5 / SHA One-Way Hash Functions N x 512 bits IV 128/160 bit Initialization Vector Hash 128/160 bit Hash Value Document Pad L L Pad Padding L 64 bit Document Length MD5/SHA Hash Function HashHash HashHash IVIV IVIV HashHash HashHash HashHash HashHash Block N 512 bits Block N 512 bits Block bits Block bits Block bits Block bits

7 A. Steffen, , KSy_Auth.ppt 7 Zürcher Hochschule Winterthur Message Authentication Codes based on Keyed One-Way Hash Functions Genuine if equal MAC Key Author Keyed Hash Function Recipient MAC Transmission Channel MAC Key Keyed Hash Function

8 A. Steffen, , KSy_Auth.ppt 8 Zürcher Hochschule Winterthur Inner Key 512 bits Basic Structure of a Keyed One-Way Hash Function (RFC 2104) MD5 / SHA Hash Function Hash MD5 / SHA Hash Function Hash Document Key 0x36..0x36 XOR Outer Key 512 bits 0x5C..0x5C XOR Pad 512 bits Key Length Hash Length MAC Truncate to 96 bits

9 A. Steffen, , KSy_Auth.ppt 9 Zürcher Hochschule Winterthur Digital Signatures based on Public Key Cryptosystems Author Decryption with Public Key Hash Value Genuine if equal Transmission Channel Recipient Signature Hash Value Hash Function Encryption with Private Key Signature

10 A. Steffen, , KSy_Auth.ppt 10 Zürcher Hochschule Winterthur Forging Documents On average 2 m trials are required to find a document having the same hash value as a given one ! Original Document Hash Value of m bits Hash Function Pay 100 $ to the bearer AQ Hash Function Pay $ to the bearer XX - XXXXXXX Forged Document Random Text

11 A. Steffen, , KSy_Auth.ppt 11 Zürcher Hochschule Winterthur The Birthday Paradox What is the probability of another person having the same birthday as you ? Probability p = 1/365 How many people must be a in a room so that the probability of at least another person having the same birthday as you is greater than 0.5 ? n = 253 people How many people must be in a room so that the probability of at least two of them having the same birthday is greater than 0.5 ? n = 23 people

12 A. Steffen, , KSy_Auth.ppt 12 Zürcher Hochschule Winterthur Birthday Attacks against Hash Functions Looking for Collisions ! Only about 2 m/2 trials are required to find two documents having the same hash value MD5 might be insecure ! Original Document Z Z Z Hash Value of m bits Hash Function Pay 100 $ to the bearer YY - YYYYYYY Hash Function Z Z Z Pay $ to the bearer XX - XXXXXXX Forged Document Random Text

13 A. Steffen, , KSy_Auth.ppt 13 Zürcher Hochschule Winterthur Secure Network Communication – Part III Integrity Authentication Certificates

14 A. Steffen, , KSy_Auth.ppt 14 Zürcher Hochschule Winterthur Server Password File ID Password Insecure Authentication based on Passwords Password Salt Hash Function Hash Hash Function Secret password transmitted over insecure channel ID Password Remote User ID Password Salt helps against dictionary attacks. UNIX uses 12 bits of salts, resulting in 4096 hashed password variants

15 A. Steffen, , KSy_Auth.ppt 15 Zürcher Hochschule Winterthur Secure Authentication based on Challenge/Response Protocols Insecure ChannelUserServer Keyed Hash Function MAC ID U RURU RURU Key RURU RURU ID U RURU RURU Response MAC No secrets are openly transmitted The random values R S and R U should never be repeated ! RSRS RSRS Key Keyed Hash Function MAC RSRS RSRS RSRS RSRS Challenge random value (Nonce)

16 A. Steffen, , KSy_Auth.ppt 16 Zürcher Hochschule Winterthur Challenge/Response Protocol based on Digital Signatures Insecure ChannelUserServer RSRS RSRS RSRS RSRS Challenge random value (Nonce) ID U RURU RURU Hash Sig Encryption with Private Key RSRS RSRS Hash ID U RURU RURU Response Sig ID U RURU RURU Decryption with Public Key Hash

17 A. Steffen, , KSy_Auth.ppt 17 Zürcher Hochschule Winterthur Secure Network Communication – Part III Integrity Authentication Certificates

18 A. Steffen, , KSy_Auth.ppt 18 Zürcher Hochschule Winterthur Trust Models I PGP Web of Trust Alice Bob Carol Dave Signed by Dave Signed by Bob Signed by Dave Signed by Carol Signed by Alice Signed by Bob Can Carol trust Alice ? Trust Certificate

19 A. Steffen, , KSy_Auth.ppt 19 Zürcher Hochschule Winterthur Trust Models II Trust Hierarchy with Certification Authorities Verisign Swisskey Amazon Carol Self Signed Verisign Self Signed Swisskey Alice Amazon Bob Amazon Root CA Intermediate CA Client Certificates Trust

20 A. Steffen, , KSy_Auth.ppt 20 Zürcher Hochschule Winterthur General Structure of an X.509 Certificate * specifies algorithm used to sign certificate, e.g. md5RSA signatureAlgorithm* Hash Function* Hash / Fingerprint Encryption with Issuers Private Key* signature version serialNumber signature* issuer validity subject subjectPublicKeyInfo issuerUniqueID OPTIONAL subjectUniqueID OPTIONAL extensions OPTIONAL

21 A. Steffen, , KSy_Auth.ppt 21 Zürcher Hochschule Winterthur General Structure of an X.509 Certificate ASN.1 using Distinct Encoding Rules (DER) TBSCertificate ::= SEQUENCE { version [0] Version DEFAULT v1(0), serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer Name, validity Validity, subject Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueID [1] Unique Identifier OPTIONAL, subjectUniqueID [2] Unique Identifier OPTIONAL, extensions [3] Extensions OPTIONAL } Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signature BIT STRING }

22 A. Steffen, , KSy_Auth.ppt 22 Zürcher Hochschule Winterthur X.509 Certificate Handling Netscape 4.7 Browser Netscape Menu: Communicator / Tools / Security Info

23 A. Steffen, , KSy_Auth.ppt 23 Zürcher Hochschule Winterthur X.509 Certificate Handling - Netscape Certification Path

24 A. Steffen, , KSy_Auth.ppt 24 Zürcher Hochschule Winterthur X.509 Certificate Handling - Netscape Encrypted and Signed (S/MIME)

25 A. Steffen, , KSy_Auth.ppt 25 Zürcher Hochschule Winterthur X.509 Certificate Handling Microsoft Internet Explorer 5.0 Explorer Menu: Tools / Internet Options

26 A. Steffen, , KSy_Auth.ppt 26 Zürcher Hochschule Winterthur X.509 Certificate Handling – Internet Explorer Certification Path

27 A. Steffen, , KSy_Auth.ppt 27 Zürcher Hochschule Winterthur X.509 Certificate Structure V1 Fields and V3 Extensions

28 A. Steffen, , KSy_Auth.ppt 28 Zürcher Hochschule Winterthur Public Key Infrastructure (PKI) Certification Authority Governed by a Certificate Practice Statement (CPS) Issues and signs Client and Server Certificates Maintains a Certificate Revocation List (CRL) Offers LDAP / WWW based Directory Services Private Key Management Secure Generation and/or Distribution of Private Keys Browser or Java Applet generated Keys Hardware generated Keys (Intel 810/820 Chipset, Smart Cards) Secure Storage of Private Keys Smart Cards, USB Modules, SIM Cards (Sonera) Key Recovery of lost private keys


Download ppt "A. Steffen, 10.4.2000, KSy_Auth.ppt 1 Zürcher Hochschule Winterthur Kommunikationssysteme (KSy) - Block 9 Secure Network Communication Part III Authentication."

Similar presentations


Ads by Google