CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Slides:



Advertisements
Similar presentations
Lecture 6 User Authentication (cont)
Advertisements

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 3 “User Authentication”.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
Cryptography and Network Security Chapter 20 Intruders
7-1 Last time Protection in General-Purpose Operating Systems History Separation vs. Sharing Segmentation and Paging Access Control Matrix Access Control.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
第十章 1 Chapter 10 Authentication of People. 第十章 2 Introduction This chapter deals with password-related issues like how to force users to choose unguessable.
95752:3-1 Access Control :3-2 Access Control Two methods of information control: –control access –control use or comprehension Access Control Methods.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 24 Jonathan Katz.
Authentication System
NS-H /11041 System Security. NS-H /11042 Authentication Verifying the identity of another entity Two interesting cases (for this class): –Computer.
CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
BUSINESS B1 Information Security.
CIS 450 – Network Security Chapter 8 – Password Security.
CSCE 201 Identification and Authentication Microsoft support Fall 2010.
COEN 250 Authentication. Between human and machine Between machine and machine.
10/8/20151 Computer Security Authentication. 10/8/20152 Entity Authentication Entity Authentication is the process of verifying a claimed identity It.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 3 – User Authentication.
Lecture 19 Page 1 CS 111 Online Authentication for Operating Systems What is authentication? How does the problem apply to operating systems? Techniques.
1 Lecture 8: Authentication of People what you know (password schemes) what you have (keys, smart cards, etc.) what you are (voice recognition, fingerprints,
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Lecture 5 User Authentication modified from slides of Lawrie Brown.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
G53SEC 1 Authentication and Identification Who? What? Where?
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
CSCE 522 Identification and Authentication. CSCE Farkas2Reading Reading for this lecture: Required: – Pfleeger: Ch. 4.5, Ch. 4.3 Kerberos – An Introduction.
1 Lect. 20. Identification. 2  Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
Chapter 6 Authenticating People. FIGURE 6.0.F01: Authentication to protect computer resources.
G53SEC 1 Authentication and Identification Who? What? Where?
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Authentication Lesson Introduction ●Understand the importance of authentication ●Learn how authentication can be implemented ●Understand threats to authentication.
Authentication What you know? What you have? What you are?
Securing Online Banking By Ben White CS 591. Who Federal Financial Institutions Examination Council What To authenticate the identity of retail and commercial.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
1 Authentication Protocols Rocky K. C. Chang 9 March 2007.
CSCE 201 Identification and Authentication Fall 2015.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.
Chapter 3 User Authentication 1. RFC 4949 RFC 4949 defines user authentication as: “The process of verifying an identity claimed by or for a system entity.”
Chapter 3 User Authentication
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Chapter Six: Authentication 2013 Term 2 Access Control Two parts to access control Authentication: Are you who you say you are?  Determine whether access.
CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.
7/10/20161 Computer Security Protection in general purpose Operating Systems.
CSCE 522 Identification and Authentication
Challenge/Response Authentication
Outline The basic authentication problem
Challenge/Response Authentication
Authentication CSE 465 – Information Assurance Fall 2017 Adam Doupé
Authentication CSE 365 – Information Assurance Fall 2018 Adam Doupé
Module 2 OBJECTIVE 14: Compare various security mechanisms.
Computer Security Authentication
Computer Security Protection in general purpose Operating Systems
COEN 351 Authentication.
Authentication CSE 365 – Information Assurance Fall 2019 Adam Doupé
Presentation transcript:

CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk

CS470, A.SelcukAuthentication Systems2 Entity Authentication Authentication of people, processes, etc. Non-cryptographic –Address-based ( , IP, etc.) –Passwords –Biometrics Cryptographic –Symmetric key –Public key

CS470, A.SelcukAuthentication Systems3 Authentication Tokens What you know (password schemes) What you have (keys, smart cards, etc.) What you are (fingerprints, retinal scans, etc.)

CS470, A.SelcukAuthentication Systems4 Password Problems Eavesdropping Stealing password files On-line password guessing Off-line guessing attacks –Dictionary attacks –Exhaustive search Careless users writing down passwords

CS470, A.SelcukAuthentication Systems5 On-line Password Guessing Careless choices (first names, initials, etc.); poor initial passwords Defenses: After wrong guesses, Lock the account –Not desirable, can be used for DoS Slow down Alert users about unsuccessful login attempts Don’t allow short or guessable passwords

CS470, A.SelcukAuthentication Systems6 Off-line Password Guessing Stealing & using password files Passwords should not be stored in clear. Typically, they’re hashed and stored. Attacks: –Exhaustive search –Dictionary attacks Defenses: –Don’t allow short/guessable passwords –Don’t make password files readable –Salting: Mix a random number to each hash

CS470, A.SelcukAuthentication Systems7 Eavesdropping Watching the screen Watching the keyboard Login Trojan horses –Different appearance –Interrupt command for login Keyboard sniffers –Good system administration Network sniffers –Cryptographic protection –One-time passwords

CS470, A.SelcukAuthentication Systems8 Initial Password Distribution Initial off-line authentication Passwords can be chosen on site by users An initial password can be issued by the system administrator. Pre-expired passwords: Has to be changed at the first login

CS470, A.SelcukAuthentication Systems9 Authentication Tokens Keys (physical) ATM, credit cards Smart cards: On-card processor for cryptographic authentication. –PIN-protected cards: Memory protected by PIN –Challenge-response cards: Performs challenge- response authentication through SC reader New technology: Tokens working through USB ports. –Cryptographic calculator Current time encrypted, displayed to user, entered to terminal Adv: Access through standard terminals

CS470, A.SelcukAuthentication Systems10 Biometrics Authentication by inherent physical characteristics E.g., fingerprint readers, retina/iris scanners, face recognition, voice recognition Problems: –Expensive –Not fault tolerant –Can be replayed in remote authentication

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.