第十章 1 Chapter 10 Authentication of People
第十章 2 Introduction This chapter deals with password-related issues like how to force users to choose unguessable passwords, how to store password information securely at the system being logged into and how to avoid divulging information to eavesdroppers. The two most important capabilities are the ability to store a high-quality cryptographic key and the ability to perform cryptographic operations.
第十章 3 Introduction (cont.) For user authentication, three kinds of approaches exist: Knowledge-based authentication What you know (passwords, PINs) Token-based authentication What you have (ID cards, Smart Cards) Biometric authentication What you are (voiceprint identification, retinal scanners).
第十章 Passwords There are a lot of problems with using passwords for authentication: 1. An eavesdropper might see the password when Alice is using it to login in. 2. An intruder might read the file where the computer stores password information. 3. Alice’s password might be easy to guess by someone making direct login attempts to the computer.
第十章 Passwords 4. Alice’s password may be crackable by an off-line computer search, given information such as a recognizable quantity encrypted with the password. 5. In attempting to force users to choose unguessable passwords, the system might become so inconvenient that it becomes unusable, or users might resort to writing password down.
第十章 On-line password guessing Type passwords at the system that is going to verify the password. One attractive mechanism for preventing password guessing is to keep track of the number of consecutive incorrect passwords for an account and when the number exceeds a threshold, “lock” the account and refuse access. Another approach to slow down a guesser is to only allow a limited number of account/password guesses per connection attempt.
第十章 On-line password guessing By auditing invalid password attempts, a system manager can be alerted to the fact that an attempt is being made to penetrate the system. A method for distributing the detective work is for systems to report to users when they log in the time of their previous login and the number of unsuccessful password attempts since the last successful login.
第十章 On-line password guessing A better approach is to let users choose “good” password. Password complexity criteria (Microsoft ® Windows ® Server 2003 family) Is at least 7 characters long. Does not contain your User Name, Real Name, or Company Name. Does not contain a complete dictionary word. Is significantly different from previous passwords. Contains characters from each of the following groups: uppercase letters lowercase letters numerals symbols found on the keyboard.
第十章 Off-line password guessing Password file The system simply stores passwords insecure The system stores cryptographic hash of the password Attacker guesses a password and verify whether you got it right by hashing it and comparing it to the stolen password file. An attacker with a file full of hashed passwords might hash all the words in a dictionary and check to see whether any of the passwords match any of the stored hashed values.
第十章 Off-line password guessing When disclosure of whole files full of hashed passwords is a concern, another useful technique is to apply salt. When a user chooses a password, the system chooses a random number (the salt). It then stores both the salt and a hash of the combination of the salt and the password. Hash(salt | password )
第十章 Off-line password guessing Another technique is to encrypt the password file. This does not eliminate the problem of keeping passwords secret; it just reduces it to the problem of protecting the key that decrypts the password file.
第十章 How big should a secret be? How big a space must a secret be chosen in order to be secure? To thwart an on-line attack: The secret does not have to be chosen from a large space, because the intruder is detected after a small number of guesses. To thwart an off-line attack: The secret must be chosen from a much larger space.
第十章 Eavesdropping The lowest-tech form of eavesdropping is to watch as someone types a password. Of course, it’s easier to watch the screen than fingers. Most systems have the sophistication to not display passwords. A more high-tech method is to place a wiretap on the communications line and watch all the password go by Software-based keystroke logs Can be covertly installed on PC Hardware logging Can be embedded in keyboards or cables.
第十章 Eavesdropping One-time passwords: The user and the system have a list of valid passwords, but each one is only valid once. Periodically, the user must get a new list from the from the system administrator. This mechanism is nearly impervious to eavesdropping.
第十章 Passwords and careless users Passwords are particularly easy to abuse. The solutions is to educate users on the importance of security.
第十章 Using a password in multiple places One of the tough trade-offs: users use the same password in multiple places keep their passwords different for different system Using different passwords is more secure because if one password is compromised it only gives away the user’s rights on a single system. However, users sometimes need to write passwords down in order to remember more than one password.
第十章 Requiring frequent password changes The idea behind frequent password changes is that if someone does learn your password, it will only be useful until it next changes. This protection may not be worth much if a lot of damage can be done in a short time. User sometimes write passwords down and less likely to give much thought or creativity to choosing them.
第十章 A login Trojan Horse to Capture passwords The Trojan horse program logs the name and password to a file before the program terminates in some way designed to minimize suspicion. One most systems, there is some way to interrupt running programs. Training users to enter the interrupt key sequence before logging in would then thwart such Trojan horses. For example, in newer Windows systems require the user to type Ctrl-Alt-Delete as part of the login sequence.
第十章 A login Trojan Horse to Capture passwords Even if the Trojan horse program can do the login prompt exactly, it might not be able to exactly duplicate the way the system behaves after a user logs in. This will make an alert user suspicious. Having a message displayed at login telling users the number of unsuccessful login attempts to the account since the last successful attempt
第十章 Non-Login use of passwords Some systems permit password protection on individual files. A user could specially protect certain files so that someone learning the user’s login password still couldn't get at those files. Applications could require their own authentication of a user before permitting access to certain databases.
第十章 Initial password distribution A secure method for the initial distribution of passwords is for the user to appear at the terminal of the system administrator and authentication by whatever means humans use to authenticate (driver’s license, student ID…). The system administrator then sets up all the particulars of the account for the user except the password and then lets the user choose a password.
第十章 Initial password distribution This method has two drawbacks: It may be inconvenient for the user to meet the system administrator. It’s a little scary to let this new user type to this highly privileged terminal session while the system administrator discreetly looks away. A skilled user could probably do substantial damage in a short time.
第十章 Initial password distribution Another variant on this theme is for the system administrator to create the account and an initial strong password, give it to the user, and instruct the user to use the password only for an initial login and then change it to something more easily remembered.
第十章 Authentication token Authentication token: A physical device that a person carries around and uses in authenticating. There are several forms of authentication token in use today.
第十章 Authentication token Magnetic strip card advantages: Passwords are not trivial to reproduce Easy to hold a larger secret disadvantages: Use of these tokens requires custom hardware on every access device. Token can be lost or stolen.
第十章 Authentication token Smart card: about the size of a credit card but with an embedded CPU and memory. When inserted in a smart card reader, the card carries on a conversation with the device. There are various forms of smart cards: Pin protected memory card Cryptographic challenge/response cards Cryptographic calculator
第十章 Authentication token PIN protected memory card There is information in the memory of the card that can only be read after a PIN is input to the card. Usually, after some number of wrong PIN guesses, the card “locks” itself and will not give the information to anyone. The stolen card is useless without the PIN.
第十章 Authentication token Cryptographic challenge/response cards There is a cryptographic key in memory. The card is willing to encrypt and decrypt using the key but will not reveal the key even after the PIN is entered. A computer that knows the key in the card can authenticate the user by creating a random challenge and “challenging” the card to encrypt or decrypt it.
第十章 Authentication token Cryptographic calculator (readerless smart card) It performs cryptographic calculations using a key that it will not disclose. It requires no electrical connection to the terminal. It has a display and usually a keyboard. Advantage: they can be sued from ordinary terminals with no special hardware.
第十章 Physical access A low-tech way of performing user authentication is to have human guards do it “at the door”. For example, many bank transactions can only be initialed at tellers’ terminals inside the bank.
第十章 Biometric Technology available today includes: Retinal scanner Fingerprint readers Face recognition Iris scanner Handprint readers Voiceprints Keystroke timing Signatures