Le Trong Ngoc Security Fundamentals Entity Authentication Mechanisms 4/2011.

Slides:



Advertisements
Similar presentations
Lecture 6 User Authentication (cont)
Advertisements

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CSC 386 – Computer Security Scott Heggen. Agenda Authentication Passwords Reducing the probability of a password being guessed Reducing the probability.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.
Introduction to Biometrics Dr. Pushkin Kachroo. New Field Face recognition from computer vision Speaker recognition from signal processing Finger prints.
GUIDE TO BIOMETRICS CHAPTER I & II September 7 th 2005 Presentation by Tamer Uz.
Video- and Audio-based Biometric Person Authentication Motivation: Applications. Modalities and their characteristics. Characterization of a biometric.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Biometrics and Authentication Shivani Kirubanandan.
B IOMETRICS Akash Mudubagilu Arindam Gupta. O VERVIEW What is Biometrics? Why Biometrics? General Biometric System Different types of Biometrics Uses.
Marjie Rodrigues
Security-Authentication
CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Karthiknathan Srinivasan Sanchit Aggarwal
Zachary Olson and Yukari Hagio CIS 4360 Computer Security November 19, 2008.
By Alvaro E. Escobar 1 Biometrics Agenda I. Video II. Biometric Overview III. Biometric Technologies IV. Accuracy Metrics V. BioPrivacy Concerns.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter 10: Authentication Guide to Computer Network Security.
Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
CS 736 A methodology for Analyzing the Performance of Authentication Protocol by Laseinde Olaoluwa Peter Department of Computer Science West Virginia.
10/8/20151 Computer Security Authentication. 10/8/20152 Entity Authentication Entity Authentication is the process of verifying a claimed identity It.
Entity Authentication
Lecture 19 Page 1 CS 111 Online Authentication for Operating Systems What is authentication? How does the problem apply to operating systems? Techniques.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Presented by: Suparita Parakarn Kinzang Wangdi Research Report Presentation Computer Network Security.
CSCE 522 Identification and Authentication. CSCE Farkas2Reading Reading for this lecture: Required: – Pfleeger: Ch. 4.5, Ch. 4.3 Kerberos – An Introduction.
1 Lect. 20. Identification. 2  Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
Biometrics Authentication Technology
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Authentication Chapter 2. Learning Objectives Create strong passwords and store them securely Understand the Kerberos authentication process Understand.
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Power Point Project Michael Bennett CST 105Y01 ONLINE Course Editor-Paulette Gannett.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Biometric Technologies
Authentication What you know? What you have? What you are?
INTRODUCTION TO BIOMATRICS ACCESS CONTROL SYSTEM Prepared by: Jagruti Shrimali Guided by : Prof. Chirag Patel.
Access Control / Authenticity Michael Sheppard 11/10/10.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
1 Authentication Protocols Rocky K. C. Chang 9 March 2007.
CSCE 201 Identification and Authentication Fall 2015.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.
By Kyle Bickel. Road Map Biometric Authentication Biometric Factors User Authentication Factors Biometric Techniques Conclusion.
Michael Carlino. ROADMAP -Biometrics Definition -Different types -Future -Advantages -Disadvantages -Common Biometric Report -Current Issues.
CSCE 522 Identification and Authentication
Outline The basic authentication problem
MANAGEMENT of INFORMATION SECURITY, Fifth Edition
Access control techniques
Computer Communication & Networks
Authentication.
FACE RECOGNITION TECHNOLOGY
Network Security Unit-VI
Biometrics.
Authentication.
Two Way Authentication
Seminar Presentation on Biometrics
Biometrics.
Asst. Prof. Arvind Selwal, CUJ,Jammu
Authentication Chapter 2.
Chapter 29 Cryptography and Network Security
Computer Security Authentication
COEN 351 Authentication.
Presentation transcript:

Le Trong Ngoc Security Fundamentals Entity Authentication Mechanisms 4/2011

Continued Entity authentication is a technique designed to let one party prove the identity of another party. An entity can be a person, a process, a client, or a server. The entity whose identity needs to be proved is called the claimant; the party that tries to prove the identity of the claimant is called the verifier.

Continued There are two differences between message authentication (data-origin authentication) and entity authentication, discussed in this chapter. 1)Message authentication might not happen in real time; entity authentication does. 2)Message authentication simply authenticates one message; the process needs to be repeated for each new message. Entity authentication authenticates the claimant for the entire duration of a session.

Continued Something known Something possessed Something inherent

PASSWORDS The simplest and oldest method of entity authentication is the password-based authentication, where the password is something that the claimant knows.

Continued First Approach User ID and password file

Continued Hashing the password Second Approach

Continued Third Approach Salting the password

Continued Fourth Approach In the fourth approach, two identification techniques are combined. A good example of this type of authentication is the use of an ATM card with a PIN (personal identification number).

Continued One-Time Password First Approach In the first approach, the user and the system agree upon a list of passwords. Second Approach In the second approach, the user and the system agree to sequentially update the password. Third Approach In the third approach, the user and the system create a sequentially updated password using a hash function.

Continued Lamport one-time password

CHALLENGE-RESPONSE In password authentication, the claimant proves her identity by demonstrating that she knows a secret, the password. In challenge-response authentication, the claimant proves that she knows a secret without sending it.

Continued In challenge-response authentication, the claimant proves that she knows a secret without sending it to the verifier. The challenge is a time-varying value sent by the verifier; the response is the result of a function applied on the challenge.

Continued First Approach Nonce challenge

Continued Second Approach Timestamp challenge

Continued Third Approach. Bidirectional authentication

Continued Instead of using encryption/decryption for entity authentication, we can also use a keyed-hash function (MAC). Keyed-hash function Using Keyed-Hash Functions

Continued First Approach Unidirectional, asymmetric-key authentication Using an Asymmetric-Key Cipher

Continued Second Approach Bidirectional, asymmetric-key

Continued Using Digital Signature First Approach Digital signature, unidirectional

Continued Second Approach Digital signature, bidirectional authentication

ZERO-KNOWLEDGE In zero-knowledge authentication, the claimant does not reveal anything that might endanger the confidentiality of the secret. The claimant proves to the verifier that she knows a secret, without revealing it. The interactions are so designed that they cannot lead to revealing or guessing the secret. Fiat-Shamir Protocol Feige-Fiat-Shamir Protocol Guillou-Quisquater Protocol

Continued Fiat-Shamir protocol

Continued Cave Example

Continued Feige-Fiat-Shamir protocol

Continued Guillou-Quisquater protocol

Continued Guillou-Quisquater protocol

BIOMETRICS Biometrics is the measurement of physiological or behavioral features that identify a person (authentication by something inherent). Biometrics measures features that cannot be guessed, stolen, or shared. Components Enrollment Authentication Techniques Accuracy Applications

Continued Several components are needed for biometrics, including capturing devices, processors, and storage devices.. Components

Continued Before using any biometric techniques for authentication, the corresponding feature of each person in the community should be available in the database. This is referred to as enrollment. Enrollment

Continued Authentication Verification Identification

Continued Techniques

Continued Physiological Techniques Fingerprint Iris Retina Face Hands Voice DNA

Continued Behavioral Techniques Signature Keystroke

Continued Accuracy False Rejection Rate (FRR) False Acceptance Rate (FAR)

Continued Several applications of biometrics are already in use. In commercial environments, these include access to facilities, access to information systems, transaction at point-ofsales, and employee timekeeping. In the law enforcement system, they include investigations (using fingerprints or DNA) and forensic analysis. Border control and immigration control also use some biometric techniques. Applications

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.