Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication Deniable Authentication Protection Against Dictionary Attacks Isidora Petreska Dimitar Gosevski and.

Published byJessica Wilcox Modified over 8 years ago

Similar presentations

Presentation on theme: "Authentication Deniable Authentication Protection Against Dictionary Attacks Isidora Petreska Dimitar Gosevski and."— Presentation transcript:

1 Authentication Deniable Authentication Protection Against Dictionary Attacks Isidora Petreska Dimitar Gosevski and

2 Contents Introduction to Authentication Deniable Authentication Deniable authentication protocols Adaptive Multi-Trapdoor Commitment (AMTC) Scheme ATMC – based authenticators Decisional Diffie-Hellman (DDH) Scheme Passwords and AuthenticationDeniable Authentication Countermeasures against dictionary attacks and their weaknesses Reveres Turing Test (RTT) Basic User Authentication Protocol Solving Protocol Drawbacks Security Analysis Analysis for a user account Setting the parameters

3 Introduction to Authentication Formal definition Authentication technologies Concerns to: –Deniable authentication –Password security

4 Deniable Authentication Property of deniability Concept of deniable authentication –Privacy concerns of the sender Need for deniable authentication: –in private key cryptography? –in public key cryptography?

5 Deniable authentication protocols Example of deniable protocol What if the sender changes his/her mind? Need to forward deniability Proposal of new schemes based on: –Adaptive Multi-Trapdoor Commitment and –Decisional Diffie-Hellman protocols

6 Adaptive Multi-Trapdoor Commitment (AMTC) Scheme Notion of commitment Trapdoor Commitment Scheme (TCS) Adaptive Multi-Trapdoor Commitment (AMTC) Scheme: –CKG - a master key generation algorithm –Sel - given a master public key (PK), it outputs an equivalent key (pk) –Tkg - having a triple (PK, pk, TK) it outputs a trapdoor information (tk) –Com - verify a commitment Com(PK, pk, M, R) –Equiv - opening of a commitment C

7 ATMC – based authenticators (1/2)

8 ATMC – based authenticators (2/2)

9 Decisional Diffie-Hellman (DDH) Scheme (1/2)

10 Decisional Diffie-Hellman (DDH) Scheme (2/2)

11 Passwords and Authentication Passwords as authentication method Passwords convenient for both service providers and users Dictionary attacks against passwords Password eavesdropping

12 Countermeasures against dictionary attacks and their weaknesses Countermeasures –Delayed response –Account locking procedure Drawbacks of the countermeasures –Global password attacks –Denial of Service Attacks –Customer service cost

13 Reveres Turing Test (RTT) Found by M.Naor Distinguish between human and automated program –Automated generation –Easy for Humans –Hard for machines –Small probability of guessing the answer correctly

14 RTT (Cont..) Used by large IT companies –Yahoo –AltaVista –PayPal Possible drawbacks of RTTs –Based on the visual capabilities of the human Improvement of RTTs –Audible RTTs

15 Basic User Authentication Protocol Combines RTT with any password based authentication system –Slow down the execution of the automated programs tying to break in the system Drawbacks of the Protocol –Usability difficult for the user to answer RTT in every login attempt –Scalability not easy to generate and serve RTT per login attempt

16 Solving Protocol Drawbacks Limited set of computer used by the user –Small possibility of dictionary attack from this computes –Identify specific computer web browser by using cookies –No need of solving RTT by this computers RTT required only for a fraction of the login attempts

17 Security Analysis User Server Interaction –Feedback no. 1 Invalid username or password –Feedback no. 2 First answer RTT than you will be inform if the username/password pair is correct –Whether to ask for RTT is deterministic function from username /password pair –Same time delay regardless if the entered password is correct or not

18 Analysis for a user account To verify fraction of correct or incorrect passwords a RTT mast be pass first Assume that all passwords has the same probability to be correct Randomly chosen passwords Wining Ticket Game

19 Setting the parameters Steps to designee a successful authentication protocol: –Estimating the benefit that the attacker gain from breaking into account –Estimating the size of the domain of passwords –Estimating the cost of solving single RTT by the attacker –The cost of breaking an account should be higher than the potential gain from the break

20 The content on this presentation are being reproduced without the original author’s permission!

Download ppt "Authentication Deniable Authentication Protection Against Dictionary Attacks Isidora Petreska Dimitar Gosevski and."

Similar presentations

Securing Passwords against Dictionary Attacks

Securing Passwords against Dictionary Attacks
1 CompChall: Addressing Password Guessing Attacks IAS, ITCC-2005, April 2005 CompChall: Addressing Password Guessing Attacks By Vipul Goyal OSP Global.

1 CompChall: Addressing Password Guessing Attacks IAS, ITCC-2005, April 2005 CompChall: Addressing Password Guessing Attacks By Vipul Goyal OSP Global.
Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.

Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.

Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Identity Based Encryption

Identity Based Encryption
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Trustworthy User Interface Design: Dynamic Security Skins Rachna Dhamija and J.D. Tygar University of California, Berkeley TIPPI Workshop June 13, 2005.

Trustworthy User Interface Design: Dynamic Security Skins Rachna Dhamija and J.D. Tygar University of California, Berkeley TIPPI Workshop June 13, 2005.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

Similar presentations

Ads by Google