Authentication System

Slides:



Advertisements
Similar presentations
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Advertisements

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Password-based Credentials Download Protocols Radia Perlman
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Chapter 9 Overview of Authentication System
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Password Authentication J. Mitchell CS 259. Password fileUser exrygbzyf kgnosfix ggjoklbsz … kiwifruit hash function.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Computer Science Public Key Management Lecture 5.
Strong Password Protocols
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
The Secure Password-Based Authentication Protocol
Chapter 2. Network Security Protocols
1 Lecture 14: Real-Time Communication Security real-time communication – two parties interact in real time (as opposed to delayed communication like )
Authentication and Authorization Authentication is the process of verifying a principal’s identity (but how to define “identity”?) –Who the person is –Or,
EMBEDDED SECURITY EEN 417 Fall /6/13, Dr. Eric Rozier, V1.0, ECE Thanks to Edward Lee and Sanjit Seshia of UC Berkeley.
Lecture 11: Strong Passwords
Authentication (ch 9~12) IT443 – Network Security Administration 1.
Key Agreement Guilin Wang School of Computer Science 12 Nov
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Cryptography and Network Security (CS435) Part Eight (Key Management)
CIST/ETRI/ISIT/KDDI/Kyusyu Univ./NICT Joint Research Workshop on Ubiquitous Network Security 2005 Verifier-Based Password-Authenticated Key Exchange Jeong.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
ECE509 Cyber Security : Concept, Theory, and Practice Key Management Spring 2014.
Kerberos Guilin Wang School of Computer Science 03 Dec
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.
King Mongkut’s University of Technology Network Security 8. Password Authentication Methods Prof. Reuven Aviv, Jan Password Authentication1.
Key Management Network Systems Security Mort Anvari.
1 (Re)Introducing Strong Password Protocols Radia Perlman
1 Authentication Protocols Rocky K. C. Chang 9 March 2007.
Cryptography and Network Security Chapter 10 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Hash Functions Which of these problems is easier to solve:
CMSC 414 Computer and Network Security Lecture 15
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Strong Password Protocols
Strong Password Protocols
Strong Password Protocols
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
AIT 682: Network and Systems Security
Presentation transcript:

Authentication System

Bob can not “see” Alice, so Trudy simply declares Introduction Authentication is the process of reliably verifying the identity of someone (or something). in a network, Bob can not “see” Alice, so Trudy simply declares herself to be Alice “I am Alice”

Kinds of Authentication Password-Based Authentication Symmetric key Based Authentication Public-Key Based Authentication

Password-Based Authentication Attaining the benefits of cryptographic authentication with the user being able to remember passwords only Problems of password protocols: Eavesdropping Password guessing attack On-line password guessing Off-line password guessing

Encrypted Key Exchange (EKE) Key establishment as well as authentication One of the W{.} may possibly be removed. In that case, the non-encrypting side should not issue the first challenge. (Why not?) Alice Bob “Alice”, W{EA} W{EA{KAB}} KAB{CA} KAB{CA, CB} KAB{CB}

EKE with Diffie-Hellman Why are ga, gb encrypted? (authentication) Alice Bob “Alice”, W{ga mod p} (KAB = gab mod p) KAB{CA, CB} KAB{CA} W{gb mod p}, CB

Augmented EKE EKE vulnerable to database disclosure (since server has to store W) Augmented EKE: defense against this threat Client has to know the password. Server stores a one-way derivation of it.

Augmented EKE with Diffie-Hellman Server stores gW mod p How does this protocol protect against database disclosure? Why is this protocol not secure? Alice Bob “ Alice”, ga mod p gb mod p, H(gab mod p, gbW mod p) H’(gab mod p, gbW mod p)

Secure Remote Password (SRP) Secure Remote Password Protocol Thomas Wu Notation

Protocol To establish a password P with Steve, Carol picks a random salt s, and computes . Carol Steve

Off- vs. On-Line Password Guessing On-line password guessing attack: Type passwords at the system that is going to verify the password. The system can make it impossible to guess too many passwords in this manner. Ex: ATM. The system can be designed to be slow, so as not to allow very many guesses per unit time.

Off-line password guessing attack: Dictionary attack An attacker guesses a password and verifies his guess off-line. If his guess fails the attacker tries again with another password, until he finds the proper one.

Symmetric key based Authentication Both Entity using a secret key k, |k|>64 Not need CA. Compare with PASSWORD BASE user need not to input password More faster Must store KEY More security in theory In 1994, Bellare, Rogaway present Entity Authencation and Key Distribution The MAP1, and AKEP1 are more important. MAP1 has Matural Authentcation AKEP1 add the part of Key Exchange

MAP1 Suppose the entities Alice and Bob share a secret key . Alice RA [B, A, RA, RB] [A, RB] 

AKEP1

we assume the entities A and B share secret keys  and .  is the session agreed after the protocol. Alice Bob RA [B, A, RA, RB, {} ] [A, RB] 

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.