Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Authentication Protocols Celia Li Computer Science and Engineering York University.

Published byHilary Horton Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Authentication Protocols Celia Li Computer Science and Engineering York University."— Presentation transcript:

1 1 Authentication Protocols Celia Li Computer Science and Engineering York University

2 2 Outline  Overview of authentication  Symmetric key authentication protocols (Kerberos)  Public key authentication protocols (SSL)  Authentication protocols in Wireless Local Area Networks (WLAN)

3 3 Outline  Overview of authentication  Symmetric key authentication protocols (Kerberos)  Public key authentication protocols (SSL)  Authentication protocols in Wireless Local Area Networks (WLAN).

4 4 Overview of Authentication  The process of determining whether someone is, in fact, who it is declared to be.  An authentication protocol consists of a sequence of messages between principals and will be described using different notations.  Principals: parties who cooperate by exchanging messages over networks.

5 5 Notation E(K : M): denotes encrypting message plaintext M with key K. Ka: key of principal A Kab: shared key of principle A and B Principals are generally denoted by capitals such as A, B and S (server) (1) A  B : M1 (2) B  S : M2 (3) S  B : M3

6 6 Notation Na: A number generated by a principal A. Generally termed as a nonce. A nonce could be a timestamp: a number denoting the current time. a sequence number a random number that can be used for one time A  B : A, E(Kab : Na) A is identity of node A (ip address or computer name)

7 7 Overview of Authentication Timeliness in Authentication Protocols  An authentication protocol is required to guarantee that the parties involved in the authentication process are present during the execution of the protocol.  Nonces are generally used to assess timeliness in authentication protocols.

8 8 Attacks on Authentication Protocol Replay attack:  The attacker records the message of an authentication protocol and replays this information to attempt to falsely authenticate to the other principle. Counter measures:  Using timestamps, sequence number or random numbers.

9 9  Overview of authentication  Symmetric key authentication protocols (Kerberos)  Public key authentication protocols (SSL)  Authentication protocols in Wireless Local Area Networks (WLAN) Outline

10 10 Symmetric Key Authentication Without Trusted Third Party Symmetric key one-pass unilateral authentication protocol Na: Timestampt, Ra, Rb: Random numbers. Each random number only can be used one time. B authenticates A: Symmetric key two-pass unilateral authentication protocol Symmetric key three-pass mutual authentication If Na (timestamp) has a recent value, B can prove A’s identity. B authenticates A: A authenticates B:

11 11 Symmetric Key Authentication With Trusted Third Party S: Trusted Third Party A B A gets a shared key Kab generated by S A & B trust S, Kas is a shared key of A & S, Kbs is a shared key of B & S B gets shared key Kab A authenticates B B authenticates A (1) (2) (3), (5) (4) NS (Needham-Schroeder) Symmetric Key Authentication

12 12 Kerberos Authentication  A typical example of symmetric key authentication with trusted third party  The trusted third party in Kerberos is the authentication server which is in charge of distribute shared keys.  Kerberos ticket is employed for the authentication purpose

13 13 Kerberos Authentication Kerberos Ticket  A certificate issued by an authentication server, encrypted using the key of the authentication server.  The ticket contains  the key that will be used for authentication of the client to the verifier who will verify the correctness of the key  the name of the principal to whom the key was issued  an expiration time of the ticket

14 14 Kerberos authentication  Client C wants to access server S. Client C and sever S need to authenticate each other  Authentication server is comprised of two parts:  A: Key Distribution Server  G: Ticket Grant Server  (1) C sends a random number N1 to A  (2) A sends back a ticket Tcg to C.  Kac: shared key between A and C  Kcg: shared key between C and G  C authenticates A if N1 is correct

15 15 Kerberos authentication  (3) C forwards the ticket Tcg to G  N2: random number  T: time stamp  G authenticates C if time stamp is correct  (4) G sends back a service ticket Tcs to C.  Kcs: shared key between C and S  C authenticates G if N2 is correct  (5) C sends ticket Tcs to S  T’: time stamp  S authenticates C if time stamp is correct  (6) C authenticates S if time stamp is correct

16 16  Overview of authentication  Symmetric key authentication protocols (Kerberos)  Public key authentication protocols (SSL)  Authentication protocols in Wireless Local Area Networks (WLAN) Outline

17 17 Public Key Certificate  Commonly used for public key authentication protocols  An electronic document which uses a digital signature to bind together a public key with an identity:  the name of a person or an organization, their address  Issued by a certification authority (CA)  e.g. VeriSign  The certificate can be used to verify if a public key belongs to an individual.

18 18 Public Key Certificate Public key certificates include:  Public key of the user  DN (name of the user)  Validity period of the certificate  Name of the certificate issuer  Digital signature of the certificate issuer

19 19 Public Key Authentication without Trusted Third Party Public key one-pass unilateral authentication protocol Public key two-pass unilateral authentication protocol Public key three-Pass mutual authentication protocol CertA: public key certificate of A Ka -1 : private key of A, Kb -1 : private key of b B authenticates A: A authenticates B:

20 20 Public Key Authentication with Trusted Third Party NS (Needham-Schroeder) Public Key Authentication Protocol S: Trusted Third Party A B B authenticates A by verifying Nb A authenticates B by verifying Na S sends B’s public key Kb to A S sends A’s public key Ka to B B asks A’s public key from S B gets A’s identity A asks B’s public key from S (1) (2) (3) (4) (5) (6) (7)

21 21 Secure Socket Layer Protocol (SSL) Universally accepted on the Web for authenticated and encrypted communication between clients and servers. Typical example of public key authentication Protect sensitive information such as Social Security Number (SSN), Credit Card Number, etc. Web ServerClient

22 22 SSL Server Certificate The SSL protocol requires a server certificate so that client can authenticate the server. Client Certificate (Optional) You can optionally configure your server to request a client certificate so that server can authenticate the client. Only discuss how client authenticates server in SSL

23 23 SSL 1.Client  server: Hello message 2.Server  client: server’s public key certificate, including server’s public key, digital signature signed by certificate authority (CA) 3.Client uses CA’s public key to verify digital signature signed by CA, thus verifies server’s certificate. 4.Client  server: a random number in order to prove server’s identity. 5. Server encrypts random number with its private key. 6. Server  client: the encrypted message 7.Clients decrypts the message using server’s public key to verify identity of the server. Client authenticates server based on certificate issued by certificate authority (CA)

24 24 Compare SSL and Kerberos SSLKerberos Uses public key encryptionUses symmetric key encryption Certificate based Relies on a trusted third party Ideal for secure communications with a large, variable user base that is not known in advance, such as the WWW. Ideal for networked environments where all services and users are known in advance.

25 25  Overview of authentication  Symmetric key authentication protocols (Kerberos)  Public key authentication protocols (SSL)  Authentication protocols in Wireless Local Area Networks (WLAN) Outline

26 26 Authentication Protocols in WLAN WPA (Wi-Fi Protected Access) Certification program created to secure wireless computer networks. Provides stronger data encryption and user authentication Implements the IEEE 802.11i standard.IEEE 802.11i The three entities of WPA are the client, the Authentication Server (AS), and the Access Point (AP). Only after the client is authenticated by the authentication server, the authenticator (Access Point) allows the client to access the network AS

27 27 Authentication Protocols in WLAN  Symmetric key approach: EAP-LEAP  Public key approach: EAP-TLS Symmetric Key Approaches  Efficient and require little computational power  Resource constrain, e.g., computational power of PDAs, mobile VoIP phones, have.  Drawbacks  Most protocols derive the shared secret from the user's password and some passwords are not strong, it is easy for the attacker to extract the secret key from them.

28 28 Lightweight Extensible Authentication Protocol (LEAP) The server knows the password of the client. Password is the shared key between the client C and authentication server S

29 29 Authentication Protocols in WLAN Public key Approaches  Provides strong security  Cannot authenticate a client without public certificate  Example: EAP-TLS

30 30 EAP-Transport Layer Security (EAP-TLS) AS verifies client’s digital signature using client’s public key got from client’s certificate Cert client Get random number p by decrypting with its private key Client calculates H(c,s,p), compares it with the value sent by As

31 31 References [1] Kerberos http://web.mit.edu/kerberos/www/http://web.mit.edu/kerberos/www/ [2] SSL http://docs.sun.com/source/816-6156- 10/contents.htmhttp://docs.sun.com/source/816-6156- 10/contents.htm [3] EAP-TLS http://en.wikipedia.org/wiki/Extensible_Authentication_Pro tocol http://en.wikipedia.org/wiki/Extensible_Authentication_Pro tocol

Download ppt "1 Authentication Protocols Celia Li Computer Science and Engineering York University."

Similar presentations

AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.

Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.
Authentication & Kerberos

Authentication & Kerberos
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Security Issues in Grid Computing Reading: Grid Book, Chapter 16: “Security, Accounting and Assurance” By Clifford Neuman.

Security Issues in Grid Computing Reading: Grid Book, Chapter 16: “Security, Accounting and Assurance” By Clifford Neuman.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

Similar presentations

Ads by Google