Академический Документы
Профессиональный Документы
Культура Документы
Example: HMAC
1
Trusted Third Party
2
Public key certificate
Issued by a CA (Certification Authority), such as VeriSign, etc.
Contains your name, expiration dates, your public key, and the
digital signature of the certificate-issuing authority so that a recipient
can verify that the certificate is real.
3
Authentication
The process of determining whether someone or something is, in fact,
who or what it is declared to be.
Advantages of passwords:
easy to remember and use
everyone know how to use it
Problem
if password is sent in cleartext, can be intercepted
if password is encrypted, requires establishment of encryption key
4
Authentication Protocols
Symmetric key authentication protocols
Public key authentication protocols
(1) A B : M1
(2) B S : M2
(3) S B : M3
5
Replay attack on Authentication Protocols
The attacker records the data of a successful authentication and replays this
information to attempt to falsely authenticate to the verifier.
A B : A, E(Kab : Password)
6
Symmetric Key Authentication Protocols
Verify identity based on a secret key shared between the principles.
A B : E(Kab: Ta, A, B)
7
Symmetric Key Three-Pass Mutual Authentication
The mutual authentication is achieved by the use of random numbers Ra and Rb.
(1) B A : Rb
(2) A B : E(Kab : Ra, Rb, A, B)
(3) B A : E(Kab : Rb, Ra, B, A)
8
CHAP
Authentication based on a shared secret
9
Public Key Authentication Protocols
The public key certificate-based authentication mechanism is used as a representative of
the public key authentication protocols.
(1) B A : Rb
(2) A B : CertA, Ra, Rb, B, E(Ka-1: Ra, Rb, B) // Ra and Rb are nonces
10
Public Key Protocol with Trusted Third Party
(1) A S: A, B
(2) S A: E(Ks-1: Kb, B) // Ra and Rb are nonces
(3) A B: E(Kb: Ra, A)
(4) B S: B, A
(5) S B: E(Ks-1: Ka, A)
(6) B A: E(Ka: Ra, Rb)
(7) A B: E(Kb: Rb)
11
Two factor authentication
use passwords plus something else
Biometric
Retina, hand geometry, hand geometry, handwriting analysis, etc.
12
One way hash chain
A hash chain is a successive application of a cryptographic hash function
h() to a string.
For example,
h(h(h(h(st)))) gives a hash chain of length 4, often denoted h4(st)
A one-time password is a password that is valid for only one login session.
Support two-factor authentication
13
http://en.wikipedia.org/wiki/SecurID
14
Analysis of Authentication Protocols
The objective:
Highlight the design flaws of authentication protocols
The successful attacks which have uncovered flaws in protocols allows to
learn from design errors, understand general attack methods and strategies.
15
Attack 2: Reflection attack
Suppose A and B share a symmetric key K, and authenticate one another on the
basis of demonstrating knowledge of this key by encrypting or decrypting a
challenge as follows.
Upon A sending (1), E intercepts it, and initiates a
new protocol, sending the identical message rA back
to A.
16
Attack 3: Interleaving attack
sA denotes the signature operation of party A, and it is assumed that all parties
have authentic copies of all others public keys.
An enemy E can initiate one protocol with B (pretending to be A), and another
with A (pretending to be B), as shown below, and use a message from the latter
protocol to successfully complete the former, thereby deceiving B into believing
E is A (and that A initiated the protocol). This attack is possible due to the
message symmetry of (2) and (3).