Information System Security Đại học Quốc Gia TPHCM – Đại học Bách Khoa Khoa Khoa học và Kỹ thuật Máy Tính

Information System Security Đại học Quốc Gia TPHCM – Đại học Bách Khoa Khoa Khoa học và Kỹ thuật Máy Tính Thành viên :  Huỳnh Lưu Triết  Nguyễn Hoàng Tùng

Information System Security AUTHENTICATION METHODS  Something you know  Something you have  Something you are AUTHENTICATION PROTOCOLS  Simple authentication protocols  Real-world security protocols

 Something you know  Something you have  Something you are Information System Security : Password : Smartcard : Fingerprint, Iris Scan

 Identification  Authentication Information System Security ~ Who is someone ? ~ Is something genuine ?

 Something you know  Something you have  Something you are Information System Security

Password Group AGroup BGroup C >= 6 charactersPassphrases8 randomly characters

 Password verification  Other password issues Information System Security

 Password verification Compare with the correct password Password x  y = h(x)  store y  verify z  h(z)  compare h(z) with y Crack : Trudy has “dictionary”  h(x 0,x 1,…x N- 1 )  compare each with y Salt value (s)  y = h(x, s)  store (s, y)  verify z  h(z, s)  compare h(z, s) with y from (s, y)

 Other password issues Information System Security Social engineering Keystroke logging software and spyware Number password Cracking tools

 Something you know  Something you have  Something you are Information System Security

Like credit card, includes a small amount of memory and computing resources

 Something you know  Something you have  Something you are Information System Security

 Types of errors  Biometric examples  Biometric error rates  Biometric conclusions Information System Security

 Types of errors Fraud rate Insult rate Information System Security

 Types of errors Information System Security Alice Fraud rate

 Types of errors Information System Security Not Alice Insult rate

 Biometrics Examples Fingerprints Information System Security - Used in ancient China , J. C. Mayer  fingerprints may unique , Purkinje  nine “fingerprint patterns” , Mark Twain  “Life on the Mississippi” , Sir Francis Galton  “minutia” systems

 Biometric examples Fingerprints Information System Security

 Biometric examples Hand geometry Information System Security - The width and length of the hand and fingers - Hand geometry is easy and quick to measure

 Biometric examples Hand geometry Information System Security

 Biometric examples Iris scan Information System Security - The best for authentication , Frank Burch suggest using it - The 1980s, resurfaced in James Bond films , John Daugman - a researcher at Cambridge University, patented  iris scan - A black and white photo of the eye  transform  a 256-byte (2048 bit) “iris code”

 Biometric examples Iris scan Information System Security - Alice : x ; iris scan stored : y - d(x, y) = non-match bits/bits compared. - d(x, y), same is 0.08 and difference is A match : d (x, y) <= How to attack ? - Picture of Alice  How to prevent ???

 Biometric examples Iris scan Information System Security

 Biometric error rates Fraud rate = Insult rate Fingerprints (5%) Hand geometry (0.1%) Iris scan (0.001%) Information System Security

 Biometric conclusions Difficult to attack Expensive Information System Security

 Difficult to attack ~ Expensive  Attack : Biometrics < Smartcard < Password  Cost : Password < Smartcard < Biometrics

AUTHENTICATION PROTOCOLS I.SIMPLE AUTHENTICATION PROTOCOLS II.REAL-WORLD SECURITY PROTOCOLS

Information System Security SIMPLE AUTHENTICATIONPROTOCOLS 1. Introduction 2. Simple Security Protocols 3. Authentication Protocols Authentication Using Symmetric Keys Session Keys Timestamps

SIMPLE AUTHENTICATION PROTOCOLS 1. Introduction  What is Protocol?  Security Protocol?  Differences between Authentication Method and Authentication Protocol  A seemingly innocuous change can make a significant difference in a protocol  Security protocol must meet the specified security requirements Information System Security

SIMPLE AUTHENTICATION PROTOCOLS 2.Simple Security Protocols Entering into a secure facility, such as the National SecurityAgency Withdraw money from an ATM machine Identify Friend or Foe, or IFF Information System Security

Identify Friend or Foe, or IFF SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocols ◦ Efficient?  Trudy can later replay the messages  Alice’s password is sent in the clear  Bob must know Alice’s password SIMPLE AUTHENTICATION PROTOCOLS Information System Security

How to solve? SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocols SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol Authentication Using Symmetric Keys  Encrypting plaintext P with key K to obtain ciphertext C is C = E(P,K)  Decrypting ciphertext C with key K to recover the plaintext P is P = D(C,K).  Alice and Bob share symmetric key K AB SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol Authentication Using Symmetric Keys SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol Authentication Using Symmetric Keys Is subject to a man-in-the-middle attacks. SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  Authentication Using Symmetric Keys Man in the Middle SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol Authentication Using Symmetric Keys  Conclusion:  One-way authentication protocol may not be secure for mutual Authentication.  Protocols and attacks on protocols can be subtle.  “Obvious” changes to protocols can raise serious security issues SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol Authentication Using Symmetric Keys Lesson:  Don’t have the two sides do exactly the same thing  Small changes to a protocol can result in big changes in security SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  Session Keys  Encrypt data within each connection  Limits the data encrypted with one particular key  Limits the damage if one session key is compromised  Used for confidentiality or integrity protection. SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  Session Keys SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  Session Keys SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  Session Keys  Sign and Encrypt Mutual Authentication SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  Session Keys  Is Sign and Encrypt Mutual Authentication better? SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  TimeStamp  Contains the current time  Timestamp can be used in place of a nonce  Benefit: don’t need to waste any messages exchanging nonces  Used in many real-world security protocols, such as Kerberos  Timestamps create some security concerns SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  TimeStamp  Reduced the number of messages by a third  Using timestamp with the sign and encrypt is secure  What about encrypt and sign? SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3.Authentication Protocol  TimeStamp Unfortunately, the protocol is subject to attack SIMPLE AUTHENTICATION PROTOCOLS Information System Security

3. Authentication Protocol  TimeStamp  Timestamp with the sign and encrypt is secure  Timestamp with encrypt and sign is not  So we can never take anything for granted SIMPLE AUTHENTICATION PROTOCOLS Information System Security

REAL-WORLD SECURITY PROTOCOLS KERBEROS  Kerberized Login  Kerberos Ticket  Kerberos Security

Information System Security REAL-WORLD SECURITY PROTOCOLS KERBEROS  An authentication system that uses symmetric key cryptography  Designed for smaller scale use, such as on a local area network  With N users:  Public key cryptography: requires N key pairs  Symmetric keys: requires N 2 keys  Kerberos: requires N keys

Information System Security REAL-WORLD SECURITY PROTOCOLS KERBEROS Relying on a trusted third party, or TTP. Employs a Key Distribution Center, or KDC, that acts as the TTP The KDC has a master key K KDC, known only to the KDC KDC issues various types of tickets: Ticket- Granting Ticket, or TGT TGT is encrypted with K KDC sending to the recipient TGT can only be read by the KDC

Information System Security REAL-WORLD SECURITY PROTOCOLS KERBEROS  Kerberized Login TGT = E(“Alice”,S A ;K KDC ).

Information System Security REAL-WORLD SECURITY PROTOCOLS KERBEROS  Kerberos Ticket  REQUEST = (TGT, authenticator)  authenticator = E(timestamp,S A )  REPLY = E(“Bob”,K AB, ticket to Bob; S A )  ticket to Bob = E(“Alice”,K AB ;K B )

Information System Security REAL-WORLD SECURITY PROTOCOLS KERBEROS  Kerberos Security  Minor Flaw: KDC sends E(S A,TGT;K A ), Where TGT = E(“Alice”,S A ;K KDC ).  KDC does not need to know who is making the REQUEST  why is “ticket to Bob” sent to Alice?  how does Kerberos prevent replay attacks?

Information System Security