Presentation is loading. Please wait.

Presentation is loading. Please wait.

Wireless Authentication Using Remote Passwords Authors: Andrew Harding, Timothy W. van der Horst, and Kent E. Seamons Source: Proceedings of the first.

Published byShanon Rose Modified over 8 years ago

Similar presentations

Presentation on theme: "Wireless Authentication Using Remote Passwords Authors: Andrew Harding, Timothy W. van der Horst, and Kent E. Seamons Source: Proceedings of the first."— Presentation transcript:

1 Wireless Authentication Using Remote Passwords Authors: Andrew Harding, Timothy W. van der Horst, and Kent E. Seamons Source: Proceedings of the first ACM conference on Wireless network security, 2008, pp. 24-29 Presenter: Jung-wen Lo ( 駱榮問 )

2 2 Outline Introduction  Simple Authentication for the Web, 2007  Secure Remote Password, 1998  Surrogate SRP (sSRP) Wireless Authentication Using Remote Passwords (WARP) Threat analysis Conclusion & Comment

3 3 Introduction Current wireless authentication mechanisms  User-specific certificates (PKI)  Global passphrases e.g. WPA-PSK (Wi-Fi Protected Access-Pre-Shared Key)  Username/password pairs => Too heavy or inflexible Simple Authentication for the Web (SAW) Simple Authentication for the Web  Decentralized authentication of globally unique personal messaging identifiers  Three principle 1. Reuse existing identifiers and authenticators 2. Tightly couple identifiers and identity providers 3. Authentication requires that users obtain two tokens known to the relying party 1st token is given to the initiator of an authentication 2nd token is only obtained after a successful authentication to the identity provider SAW, SRP(Secure Remote Password)  WARP

4 4 Secure Remote Password Password-based mutual authentication ID,Salt,Verifier s: Salt B: Ephemeral session parameter K: Session key P U,P H : Proof of K

5 5 Surrogate SRP (sSRP) KS: Random value; =KS IDP +KS U P KS =H(I||G||N||s||B||A||P U ||P IDP ||KS)

6 6 WARP Incarnation of sSRP for wireless authentication U ← Wireless supplicant S RP ← Authentication server AS EAP-WARP Wireless supplicant (S) Authentication server (AS) EAP-success message 6. EAP master session key (MSK)  KS

7 7 Threat analysis Attack KS=KS IDP +KS U One-time impersonation resistant sSRP D: PK of IDP

8 8 Conclusion & Comment Conclusion  SRP enable to authenticate using existing identifier  sSRP replace the use of email in the original SAW protocol for website logins  WARP is a convenient and secure wireless authentication mechanism Comment  Eliminate the PKI-based approaches

9 9 Simple Authentication for the Web Authors: Timothy W. van der Horst and Kent E. Seamons Src: Proceedings of the 16th international conference on World Wide Web, 2007, pp. 1217-1218 Protocol

10 10 Secure Remote Password Protocol,1998 Initiation Protocol CarolSteve Salt s x=H(s,P) v=g x C,s,v s: salt v: Verifier P: password a,b,u: Random #

Download ppt "Wireless Authentication Using Remote Passwords Authors: Andrew Harding, Timothy W. van der Horst, and Kent E. Seamons Source: Proceedings of the first."

Similar presentations

AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
SCSC 455 Computer Security

SCSC 455 Computer Security
1 P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains Authors: P. Dewan and P. Dasgupta Source: IEEE Transactions.

1 P2P Reputation Management Using Distributed Identities and Decentralized Recommendation Chains Authors: P. Dewan and P. Dasgupta Source: IEEE Transactions.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.
An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.

An Improvement on Authenticated Key Agreement Scheme Authors: Chin-Chen Chang and Shih-Yi Lin Source: 2007 International Conference on Intelligent Pervasive.
Mutual Authentication and Key Exchange Protocol (MAKEP) Reporter: Jung-Wen Lo ( 駱榮問 ) Date: 2008/4/18.

Mutual Authentication and Key Exchange Protocol (MAKEP) Reporter: Jung-Wen Lo ( 駱榮問 ) Date: 2008/4/18.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
10/20/2011Pomcor 1 Deployment and Usability of Cryptographic Credentials Francisco Corella Karen Lewison Pomcor.

10/20/2011Pomcor 1 Deployment and Usability of Cryptographic Credentials Francisco Corella Karen Lewison Pomcor.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.

Polytechnic University of Tirana Faculty of Information Technology Computer Engineering Department Identification of on-line users and Digital Signature.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
The Design and Implementation of an OpenID-Enabled PKI Kevin Bauer University of Colorado Supervisor: Dhiva Muruganantham.

The Design and Implementation of an OpenID-Enabled PKI Kevin Bauer University of Colorado Supervisor: Dhiva Muruganantham.
802.1x EAP Authentication Protocols

802.1x EAP Authentication Protocols
An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Introduction to PKI Mark Franklin September 10, 2003 Dartmouth College PKI Lab.

Similar presentations

Ads by Google