1. CMSC 414 Computer and Network Security Lecture 11 Jonathan Katz

2. Network Security

3. Authentication: an Overview

4. Authentication  Verifying the identity of another entity –Computer authenticating to another computer –Person authenticating to a local/remote computer  Important to be clear about what is being authenticated –The user? –The machine? –A specific application on the machine?  What assumptions are being made? –One legitimate user, or many? –Authentication to local machine, or over a network?

5. Attack taxonomy  Passive attacks  Active attacks –Impersonation Client impersonation Server impersonation –Man-in-the-middle (MiTM)  Server compromise  Different attacks may be easier/more difficult in different settings

6. Ease of carrying out attacks?  Client impersonation (typically trivial)  Passive eavesdropping –Wireless setting, wiretapping  Server impersonation –Phishing –DNS spoofing –Corrupted router  Man-in-the-middle attack –Same as above

7. Why…?  Why prevent against MiTM attacks? –Attacker should be unable to successfully impersonate the user in the future  Why care about defending against server compromise –Password re-use –Recovery after server reboot –Attacker may only get limited data from server

8. Authentication  Mutual authentication vs. unidirectional authentication  What happens after authentication? –Need binding between session and authentication  Authentication issues: –What authentication information is used/how authentication information is stored (at both ends) –The authentication protocol itself

9. Authentication  Authentication may be based on –What you know –What you have –What you are –Examples? Tradeoffs? –Others?  Can also consider two-factor authentication

10. What you know  (Cryptographic) key –Private- or public-key setting  Password/PIN –Low entropy…  Answers to personal questions

11. What you have  Token  Magnetic stripe card –User may directly modify contents  RFID tag  Cryptographic smart card  Smartphone –E.g., enter password to device  Still need a secure protocol!

12. What you have  Several ways hardware tokens can be used, e.g.: –User authenticates to token using PIN; token authenticates to other entity –PIN plus information from token uses to authenticate to other entity Forms of two-factor authentication –Token and other entity are synchronized; token displays changing PIN/key used to authenticate –Challenge/response

13. What you are -- biometrics  Tradeoff of cost vs. accuracy  Face (low accuracy, low cost)  Fingerprint/hand print (good accuracy, moderate cost)  Iris scan (high accuracy, high cost)  …

14. Verification vs. identification  Verification: send (id, biometric) and check whether this ‘matches’ the stored biometric for user id –Better suited for authentication  Identification: Send biometric, find the user whose biometric is the closest match –Comes up in law enforcement

15. Challenges in using biometrics  Reproducibility  How much entropy is there? –Difficult to estimate  How private are they?  Revocation?  Difficult to use securely –Reproducibility –Non-uniform –Still need a secure protocol…

16. Reproducibility  Biometric data is not exactly reproducible –Need to check for closeness rather than an exact match –Implies the existence of false positives and negatives Must trade off one vs. the other… –Implies a reduction in entropy; easier for an attacker to guess a value close to your biometric data

17.  How can you securely authenticate yourself to a remote server using your fingerprint?  Trivial solution: Biometric authentication Server User close? Can work for ‘local’ authentication… …but completely vulnerable to eavesdropping!

18. Better(?) solution Server User A single-bit difference in the scanned fingerprint results in a failed authentication! MAC(, nonce) nonce h=

19. Authentication using biometrics  There exist techniques for secure authentication using biometric data –Resilient to error! –Establish random, shared key  An active research area…

20. Address-based authentication  Is sometimes used  Generally not very secure –Relatively easy to forge source addresses of network packets  But can be useful if the adversary does not know what IP address to forge –E.g., IP address of a user’s home computer

21. Location-based authentication  Not authenticating a specific entity, but rather authenticating that an entity is in some location  More interest lately, as computation becomes more ubiquitous –E.g., re-authentication if laptop moves