Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication System

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Authentication System"— Presentation transcript:

1 Authentication System

2 Bob can not “see” Alice, so Trudy simply declares
Introduction Authentication is the process of reliably verifying the identity of someone (or something). in a network, Bob can not “see” Alice, so Trudy simply declares herself to be Alice “I am Alice”

3 Kinds of Authentication
Password-Based Authentication Symmetric key Based Authentication Public-Key Based Authentication

4 Password-Based Authentication
Attaining the benefits of cryptographic authentication with the user being able to remember passwords only Problems of password protocols: Eavesdropping Password guessing attack On-line password guessing Off-line password guessing

5

6 Encrypted Key Exchange (EKE)
Key establishment as well as authentication One of the W{.} may possibly be removed. In that case, the non-encrypting side should not issue the first challenge. (Why not?) Alice Bob “Alice”, W{EA} W{EA{KAB}} KAB{CA} KAB{CA, CB} KAB{CB}

7 EKE with Diffie-Hellman
Why are ga, gb encrypted? (authentication) Alice Bob “Alice”, W{ga mod p} (KAB = gab mod p) KAB{CA, CB} KAB{CA} W{gb mod p}, CB

8 Augmented EKE EKE vulnerable to database disclosure (since server has to store W) Augmented EKE: defense against this threat Client has to know the password. Server stores a one-way derivation of it.

9 Augmented EKE with Diffie-Hellman
Server stores gW mod p How does this protocol protect against database disclosure? Why is this protocol not secure? Alice Bob “ Alice”, ga mod p gb mod p, H(gab mod p, gbW mod p) H’(gab mod p, gbW mod p)

10 Secure Remote Password (SRP)
Secure Remote Password Protocol Thomas Wu Notation

11 Protocol To establish a password P with Steve, Carol picks a random salt s, and computes . Carol Steve

12 Off- vs. On-Line Password Guessing
On-line password guessing attack: Type passwords at the system that is going to verify the password. The system can make it impossible to guess too many passwords in this manner. Ex: ATM. The system can be designed to be slow, so as not to allow very many guesses per unit time.

13 Off-line password guessing attack:
Dictionary attack An attacker guesses a password and verifies his guess off-line. If his guess fails the attacker tries again with another password, until he finds the proper one.

14 Symmetric key based Authentication
Both Entity using a secret key k, |k|>64 Not need CA. Compare with PASSWORD BASE user need not to input password More faster Must store KEY More security in theory In 1994, Bellare, Rogaway present Entity Authencation and Key Distribution The MAP1, and AKEP1 are more important. MAP1 has Matural Authentcation AKEP1 add the part of Key Exchange

15 MAP1 Suppose the entities Alice and Bob share a secret key . Alice
RA [B, A, RA, RB] [A, RB] 

16 AKEP1

17 we assume the entities A and B share secret keys  and .
 is the session agreed after the protocol. Alice Bob RA [B, A, RA, RB, {} ] [A, RB] 

Download ppt "Authentication System"

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Password-based Credentials Download Protocols Radia Perlman

Password-based Credentials Download Protocols Radia Perlman
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,

1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Similar presentations

Ads by Google