Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.

Published byJeremy Jordan Modified over 8 years ago

Similar presentations

Presentation on theme: "Authentication Issues and Solutions CSCI 5857: Encoding and Encryption."— Presentation transcript:

1 Authentication Issues and Solutions CSCI 5857: Encoding and Encryption

2 Outline Replay attacks and solutions –Timestamps –Nonces Storing passwords –Hashing/salting passwords files Challenge-response authentication –Symmetric keys –Public keys

3 3 Replay Attacks Adversary records message from sender to recipient Resends message to recipient (claiming to be sender) Any signatures, digests, etc. will be correct! M = “Give Darth a $1,000 raise -- Alice” M, h(k, M)

4 4 Timestamp Solution Include timestamp in message –Adversary cannot alter if part of digest –Verifier can reject second message with same timestamp Problems if timestamp not accurate –Clocks not synchronized, no universal time scheme used –Example: different time zones could cause multiple legitimate messages with same timestamp! M = “Give Darth a $1,000 raise -- Alice” M | time, h(k, M | time ) Accept Reject

5 5 Nonce Solution Claimant generates random number not sent before Verifier keeps list of previous nonces sent by claimant If current message nonce is in that list, this is a replay previous nonces New nonce N M M | N, h(k, M | N) Alice’s previous nonces N M search

6 6 Nonce Solution Simpler approach for claimant: Generate random number without keeping track of whether sent before –Very unlikely to generate same number twice If current message nonce already sent, verifier can challenge by requesting another nonce Randomly generated nonce N M M | N, h(k, M | N) Alice’s previous nonces N M search Challenge if nonce already used

7 7 Passwords Universal method for claimant to prove identity Attacks on passwords: –Adversary may hack into password file –Adversary may try large number of common passwords

8 8 Hashing the Passwords Store hash of passwords instead of passwords –Can verify given password hashes to same value in file –Cannot recover user’s password from its hash (or even create one with same hash) “Even if I know h(P A ), I still can’t figure out P A ”

9 9 Salting the Passwords Attacker can use “possible message” attack on commonly used passwords –Hashing list of commonly used passwords –Search stolen password file for matching hash value –Tables of common passwords hashed with common algorithms (SHA-2) widely available! PasswordPassword hashed with SHA-2 hello11000101001010000101001 1234500010010010100010101110 …… “I can just search for these to find someone’s password”

10 Solution: “Lengthen” passwords with extra bits –“Salt” = random bits added to end, indexed to claimant –Digest = h(password + salt) Hashes no longer match precomputed tables 10 Salting the Passwords

11 11 Passwords and Keys Problem: How can a passphrase be converted into a binary key Solution: Use hash algorithm to convert a passphrase into a key –Convert passphrase into binary ASCII/Unicode string –Apply hash algorithm (possibly truncating to desired key size) –Has good avalanche effect (2 similar passphrases have very different hashes) 1001010101010100101101010100110010101000011… Help!

12 12 Challenge-Response Authentication Problem with passwords: Claimant sending a secret to the verifier –May be intercepted –May be sold Better idea: –Claimant proves know secret without sending it to verifier –Verifier asks question that can only be answered by claimant with that knowledge Challenge: One-time value sent to claimant –Random number, timestamp, nonce Response: Result of function applied to value –Function includes secret that only claimant knows Alice’s password $$$

13 13 Symmetric Key Challenge-Response Both Alice and Bob verifier know secret symmetric key K –Alice sends request for access –Bob sends nonce R B as challenge –Alice encrypts nonce with symmetric key K A-B –Bob decrypts with K A-B –If result is original nonce R B, then identity verified –Note that actual secret knowledge K A-B never sent! “I can’t answer the challenge unless I know K A-B ”

14 14 Public Key Challenge-Response Alice has public key K A and corresponding private key –Alice sends request for access –Bob encrypts nonce R B with K A and sends as challenge –Alice decrypts nonce with her private key, and sends back to Bob –If result is original nonce R B, then identity verified “I can’t answer the challenge unless I know Alice’s private key ”

15 15 Signature Challenge-Response Alice has public key K A and corresponding private key –Alice sends request for access –Bob sends nonce R B as challenge –Alice signs nonce with her private key, and sends back to Bob –Bob verifies signature with Alice’s public key and nonce value “I can’t answer the challenge unless I know Alice’s private key ”

Download ppt "Authentication Issues and Solutions CSCI 5857: Encoding and Encryption."

Similar presentations

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Email Security 1. email is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.

Security 1. is one of the most widely used and regarded network services currently message contents are not secure may be inspected either.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.

Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.

 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.

SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
UCB Security Jean Walrand EECS. UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management.

UCB Security Jean Walrand EECS. UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.

Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.

ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Similar presentations

Ads by Google