Identification (User Authentication)

Model Alice wishes to prove to Bob her identity in order to access a resource, obtain a service etc. Bob may ask the following: –Who are you? (prove that you’re Alice) –Who the **** is Alice? Eve wishes to impersonate Alice: –One time impersonation –Full impersonation (identity theft)

Identification Scenarios Local identification –Human authenticator –Device Remote identification –Human authenticator –Corporate environment (LAN, database etc.), similarly Telecom Operator environment –E-commerce environment

Initial Authentication The problem: how does Alice initially convince anyone that she’s Alice? The solution must often involve a “real- world” type of authentication – id card, driver’s license etc. Errors due to human factor are numerous Example – the Microsoft-Verisign fiasco Example - phishing

Closed Environments

Model The initial authentication problem is fully solved by a trusted party, Carol Carol can distribute the identification material in a secure fashion, e.g by hand, or over encrypted and authenticated lines Example – a corporate environment Example – an operator’s network Eve’s attack avenue is the Alice-Bob connection We begin by looking at remote authentication

Passwords Model 1: –Alice is assigned a password, PWD, by Carol in a secure manner –Bob receives the pair from Carol in a secure manner –Alice authenticates herself to Bob by sending the pair

Problems with Model 1 Bob needs to hold a username, password database If Eve has access to Bob’s database (for instance by a Trojan horse), she can impersonate Alice Eve can eavesdrop, capture the pair and impersonate Alice Human-chosen and memorized passwords are vulnerable to guessing attacks Bob can impersonate Alice

Improvements to Model 1 The internal database contains pairs of, where h is a one way function Example – Unix systems The database is often held at a central location Advantage – less space, Bob can’t impersonate Alice Disadvantage – new attack avenues

Architecture 1 Carol Bob Alice 1.Black lines – secure initial connection 2.White lines – online authentication

Architecture 2 Carol Bob Alice 1.Black lines – secure initial connection 2.White lines – online authentication DB

Solving Eavesdropping First solution: –Use encrypted and authenticated lines –Advantage – attacks by Eve are very difficult –Disadvantages – need encryption and authentication in place for every transaction. Infrastructure and performance overhead Second solution: challenge and response protocols

Challenge – Response (Model 2) PWD is used as a key Protocol: –Alice sends authentication request using her name –Bob retrieves PWD –Bob sends random challenge, r –Alice replies with h PWD (r) –Bob tests authenticity

Pros and Cons Pros: –PWD is not passed in the clear –No need for encryption and authentication Cons: –Database has to be managed by Bob –Guessing attacks are still possible Caution: Challenges must not be repeated. Sequence numbers or time should be used

Summary Challenge and response model is sufficient for closed, non-flexible environments. Main security problems: impersonation by database administrator (Bob), guessing attacks. Operational problems: adding and removing authorized users

GSM Authentication Mobile Station (cell-phone) authenticates to mobile operator (PLMN) Mobile Station (MS) stores a symmetric authentication key k i in the SIM. Same key is stored by Home PLMN Problem: authentication to visited PLMN that doesn’t have key, without exposing key over air Solution: first - billing agreement between HPLMN and visited PLMN. Second – challenge response protocol

GSM Authentication Components MS BS VLR HLR AUC Visited PLMN HPLMN

GSM Authentication Protocol MS sends IMSI to visited PLMN, identifying MS and HPLMN. HPLMN sends n triplets in the clear over land lines or Microwave. Visited PLMN sends to MS the challenge, RAND MS response SRES=A3 ki (RAND) MS passes authentication if XRES=SRES Traffic between MS and BS is encrypted using A5 algorithm with the key k c = A8 ki (RAND)

Local Authentication Device Level

Local ID Technologies Passwords Tokens: smart-cards, Secure-ID, USB tokens Biometric identification: –Fingerprints –Voice recognition –Face recognition Multi-Factor authentication

Tokens: Pros and Cons Pros –Stronger security than passwords –Even physical attacks are difficult Cons –Require extra hardware –Require standardization –Easily lost

Biometrics: Pros and Cons Pros –Large key, reasonable amount of entropy –Not easily lost –Not easily transferable Cons –Invasion of privacy –Can’t be changed –False positives and negatives –Susceptible to many types of physical attacks

Biometrics (cont.) Technology is not mature yet Fingerprint technology is the most mature: –Less false positives and negatives –Not as easy to fool (really?!) The technology’s fate is still unclear Example – be careful with biometrics. Remote access using biometric information as password is problematic