Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 12: Authentication

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 12: Authentication"— Presentation transcript:

1 Chapter 12: Authentication
Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt Bishop

2 Approaches: Password Selection
Random selection Any password from A equally likely to be selected The expected time to find the password is highest when the selection of any set of possible passwords is equi-probable. Removal of short passwords Quality of pseudo-random number generator Short passwords possible – easy to find. Remove short passwords – reduce password-space! Computer Security: Art and Science © Matt Bishop

3 Example of randomly generated passwords gone wrong
A = { 8-bit composed of lower case alphabets and digits} Password space = ( )8 If it takes seconds per encryption(at that time), time to try all possible passwords is 140 years. A pseudo-random number generator is used to pick a random password. The total output of the PRN generator = 215 The total number of unique passwords is 215 It takes only 102 seconds to try all 215 passwords Password Security: A Case History Encryption Computing by Robert Morris and Ken Thompson PDP-11 processor – 16-bit Computer Security: Art and Science © Matt Bishop

4 Human factors Can remember and repeat up to eight meaningful items
One 8-char password Can remember Two 8-char passwords Write it down! On the monitor, on the keyboard, in the wallet Solution: Apply a transformation t to the written down password X to generate A i.e t: X->A e.g. “Capitalize the third letter in the word and append a 2 at the end” t is easy to remember Computer Security: Art and Science © Matt Bishop

5 Pronounceable Passwords
Compromise between random, un-memorizable passwords and writing passwords Generate phonemes randomly Phoneme is unit of sound, eg. cv, vc, cvc, vcv Examples: helgoret, juttelon are; przbqxdfl, zxrptglfn are not Problem: too few Solution: key crunching Use long keys(passwords) – sentence or phrase that has some meaning Run long key through hash function and convert to acceptable password sequence See paper: DES key crunching for safer cypher keys Use for systems where security is very important but where passwords cannot be changed often. Computer Security: Art and Science © Matt Bishop

6 Key crunching DES key crunching for safer cypher keys by Lynn Grant
MAC- Message Authentication Code Use password crunching, where logins are infrequent, but the consequences of data being compromised is high. Under normal circumstances, having to type long passwords would be irritating.

7 User Selection Problem: people pick easy to guess passwords
Based on account names, user names, computer names, place names Dictionary words (also reversed, odd capitalizations, control characters, “elite-speak”, conjugations or declensions, swear words, Torah/Bible/Koran/… words) Too short, digits only, letters only License plates, acronyms, social security numbers Personal characteristics or foibles (pet names, nicknames, job characteristics, etc. Computer Security: Art and Science © Matt Bishop

8 Computer Security: Art and Science
© Matt Bishop

9 Computer Security: Art and Science
© Matt Bishop

10 Picking Good Passwords
“LlMm*2^Ap” Names of members of 2 families “OoHeO/FSK” Second letter of each word of length 4 or more in third line of third verse of Star-Spangled Banner, followed by “/”, followed by author’s initials What’s good here may be bad there “DMC/MHmh” bad at Dartmouth (“Dartmouth Medical Center/Mary Hitchcock memorial hospital”), ok here Why are these now bad passwords?  Francis scott key Computer Security: Art and Science © Matt Bishop

11 Proactive Password Checking
Analyze proposed password for “goodness” Always invoked Can detect, reject bad passwords for an appropriate definition of “bad” Discriminate on per-user, per-site basis Needs to do pattern matching on words Needs to execute subprograms and use results Spell checker, for example Easy to set up and integrate into password selection system Pattern: aaaaaaa Dictionary may not have waters – spell checker will catch it. Computer Security: Art and Science © Matt Bishop

12 Example: 4.3 BSD UNIX “passwd”
Advise users that passwords must be at least 5 characters long, or at least 6 if the consist of monocase letters. Error message asks user to use a longer password If the user enters the password 3 times, requirements are waived Fails almost all requirements Newer UNIX versions do require password aging, but other requirements are still not met. Computer Security: Art and Science © Matt Bishop

13 Example: OPUS Goal: check passwords against large dictionaries quickly
Run each word of dictionary through k different hash functions h1, …, hk producing values less than n Set bits h1, …, hk in OPUS dictionary To check new proposed word, generate bit vector and see if all corresponding bits set If so, word is in one of the dictionaries to some degree of probability If not, it is not in the dictionaries Vector of size n. Produce h1,…hk. Set bits h1,h2,..hk of the vector n. Does not satisfy 3, Computer Security: Art and Science © Matt Bishop

14 Example: passwd+ Provides a “little language” to describe proactive checking test length(“$p”) < 6 If password under 6 characters, reject it test infile(“/usr/dict/words”, “$p”) If password in file /usr/dict/words, reject it test !inprog(“spell”, “$p”, “$p”) If password not in the output from program spell, given the password as input, reject it (because it’s a properly spelled word) Spell outputs any incorrectly spelled words. So, if the input word is not output, then it is correctly spelled and should therefore be rejected. Computer Security: Art and Science © Matt Bishop

15 Computer Security: Art and Science
© Matt Bishop

16 Salting Goal: slow dictionary attacks
Method: perturb hash function so that: Parameter controls which hash function is used Parameter differs for each password So given n password hashes, and therefore n salts, need to hash guess n All the methods seen previously, the goal was to thwart attempt to find one specific password. But, if the goal is to any password, then it is easier. Use “salting” to make it more difficult. Computer Security: Art and Science © Matt Bishop

17 Guessing Through L Cannot prevent these Make them slow
Otherwise, legitimate users cannot log in Make them slow Backoff eg. Exponential backoff (xn), arithmetic series (x, 2x, 3x …., nx) Disconnection After x number of attempts, the system will get disconnected and must reconnect Disabling After n unsuccessful attempts (security manager) Alerts security manager of potential threat Be very careful with administrative accounts! Jailing Allow in, but restrict activities Use of honeypots EB – wait for x^n seconds before displaying the login screen after the (n-1)th failure. Disconnection works well if the connection procedure is slow – like over a telephone network. Jailing – used in AT&T Bell labs Honeypots – bogus data – user will try to download – was used to capture someone who was hacking into Lawrence Berkely Lab. Lawrence invented the cyclotron! Computer Security: Art and Science © Matt Bishop

18 Password Aging Hide F, A, and C.
Or change before attacker discovers the correct value If a password can be determined in 180 days, then change password more frequently than every 180 days. Force users to change passwords after some time has expired How do you force users not to re-use passwords? Record (and disallow) previous n passwords Block changes for a period of time Give users time to think of good passwords Don’t force them to change before they can log in Warn them of expiration days in advance Record previous n passwords and not allow it – people will quickly change passwords n times and then revert to old password. So, force password not changing for some time – however, if password compromised cant change it either. Computer Security: Art and Science © Matt Bishop

19 Authentication with password
Alice says “I am Alice” and sends her secret password to “prove” it. “I’m Alice” Alice’s IP addr password Failure scenario?? OK Alice’s IP addr 8: Network Security

20 Authentication with password
Alice says “I am Alice” and sends her secret password to “prove” it. Alice’s IP addr Alice’s password “I’m Alice” playback attack: Trudy records Alice’s packet and later plays it back to Bob OK Alice’s IP addr “I’m Alice” Alice’s IP addr password 8: Network Security

21 Challenge-Response Reusable passwords can be “replay” attacked.
User, system share a secret function f (in practice, f is a known function with unknown parameters, such as a cryptographic key) request to authenticate user system random message r (the challenge) user IFF in military – ID friend or foe system f(r) (the response) system Compute f(r) for comparison with received response user Computer Security: Art and Science © Matt Bishop

22 Pass Algorithms Challenge-response with the function f itself a secret
Example: Use in combination with a standard password scheme User enters password Display second login screen Challenge is a random string of characters such as “abcdefg”, “ageksido” Response is some function of that string such as “bdf”, “gkip” Only authorized users know how to respond to the challenge Can alter algorithm based on ancillary information Network connection is as above, dial-up might require “aceg”, “aesd” Computer Security: Art and Science © Matt Bishop

23 One-Time Passwords Password that can be used exactly once
After use, it is immediately invalidated Challenge-response mechanism Challenge is number of the authentication attempt; response is password for that particular number Problems Synchronization of user, system Generation of good random passwords Password distribution problem Computer Security: Art and Science © Matt Bishop

24 h(k) = k1, h(k1) = k2, …, h(kn–1) = kn
S/Key One-time password scheme based on idea of Lamport h one-way hash function (MD5 or SHA-1, for example) User chooses initial seed k System calculates: h(k) = k1, h(k1) = k2, …, h(kn–1) = kn Passwords are reverse order: p1 = kn, p2 = kn–1, …, pn–1 = k2, pn = k1 Computer Security: Art and Science © Matt Bishop

25 S/Key Protocol System stores maximum number of authentications n, number of next authentication i, last correctly supplied password pi–1. { name } user system { i } user system If I = 2, then user will send p2. h(p2) = h(kn-1) = kn (which was sent previously). { pi } user system System computes h(pi) = h(kn–i+1) = kn–i = pi–1. If match with what is stored, system replaces pi–1 with pi and increments i. Computer Security: Art and Science © Matt Bishop

Download ppt "Chapter 12: Authentication"

Similar presentations

Lecture 5: Cryptographic Hashes

Lecture 5: Cryptographic Hashes
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.

CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.

Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.
CSC 474 Information Systems Security

CSC 474 Information Systems Security
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science ©2002-2004 Matt.

Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel:03-5742968, Fax : 886-3-572-3694.

1 Chapter 5 Hashes and Message Digests Instructor: 孫宏民 Room: EECS 6402, Tel: , Fax :
CSE331: Introduction to Networks and Security Lecture 23 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 23 Fall 2002.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
1 Authentication CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 11, 2004.

1 Authentication CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute March 11, 2004.
November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #11-1 Chapter 11: Authentication Basics Passwords Challenge-Response Biometrics.

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #11-1 Chapter 11: Authentication Basics Passwords Challenge-Response Biometrics.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)

Csci5233 Computer Security & Integrity 1 Cryptography: Basics (2)
CS 5950/6030 Network Security Class 22 (F, 10/21/05) Leszek Lilien Department of Computer Science Western Michigan University Based on Security in Computing.

CS 5950/6030 Network Security Class 22 (F, 10/21/05) Leszek Lilien Department of Computer Science Western Michigan University Based on Security in Computing.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 10 Authenticating Users By Whitman, Mattord, & Austin© 2008 Course Technology.

Similar presentations

Ads by Google