COEN 351 Authentication.

Slides:



Advertisements
Similar presentations
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Advertisements

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Kerberos Jean-Anne Fitzpatrick Jennifer English. What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Available as open.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
Sanjay Goel University at Albany, School of Business NYS Center for Information Forensics and Assurance 1 Password Protection.
Sanjay Goel, School of Business/NYS Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
CS470, A.SelcukAuthentication Systems1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesn’t scale Using public key cryptography (possible)
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Authentication.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Chapter-2 Identification & Authentication. Introduction  To secure a network the first step is to avoid unauthorized access to the network.  This can.
COEN 250 Authentication. Between human and machine Between machine and machine.
Entity Authentication
Le Trong Ngoc Security Fundamentals Entity Authentication Mechanisms 4/2011.
Lecture 19 Page 1 CS 111 Online Authentication for Operating Systems What is authentication? How does the problem apply to operating systems? Techniques.
CSCE 522 Identification and Authentication. CSCE Farkas2Reading Reading for this lecture: Required: – Pfleeger: Ch. 4.5, Ch. 4.3 Kerberos – An Introduction.
1 Lect. 20. Identification. 2  Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Computer and Network Security - Message Digests, Kerberos, PKI –
Authentication What you know? What you have? What you are?
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
CSCE 201 Identification and Authentication Fall 2015.
KERBEROS SYSTEM Kumar Madugula.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
LEARNING AREA 1 : INFORMATION AND COMMUNICATION TECHNOLOGY PRIVACY AUTHENTICATION VERIFICATION.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Information Systems Design and Development Security Precautions Computing Science.
What is Kerberos? Network authentication protocol Developed at MIT in the mid 1980s Kerberos is a three-headed dog Available as open source or in supported.
Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Understand User Authentication LESSON 2.1A Security Fundamentals.
CSCE 522 Identification and Authentication
Outline The basic authentication problem
IT443 – Network Security Administration Instructor: Bo Sheng
CSCE 522 Identification and Authentication
Cryptography Why Cryptography Symmetric Encryption
Computer Communication & Networks
IP Security – Session 3 – AAA
CMSC 414 Computer and Network Security Lecture 15
Authentication.
Radius, LDAP, Radius used in Authenticating Users
Network Security Unit-VI
Message Security, User Authentication, and Key Management
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
9.2 SECURE CHANNELS Medisetty Swathy.
پروتكلهاي احرازاصالت Authentication protocols
Cyber Security Authentication Methods
Security.
By Hyun-Chul Kim, Hong-Woo Lee, Kyung-Seok Lee, Moon-Seog Jun
CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9
KERBEROS.
CDK: Chapter 7 TvS: Chapter 9
Chapter -7 CRYPTOGRAPHIC HASH FUNCTIONS
Authentication Chapter 2.
CS703 - Advanced Operating Systems
Operating Systems Concepts
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
AIT 682: Network and Systems Security
Presentation transcript:

COEN 351 Authentication

Authentication Authentication is based on What you know What you have Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card What you are Biometrics: fingerprints, Iris, voice, … Where you are IP-address (not very secure), … Who else trusts you Certification by trusted third party, …

Authentication Passwords, Pins, … threatened by External disclosure Looking over the shoulder, social engineering Guessing Brute forcing, dictionary attack, … Snooping Finds unencrypted passwords Circumvention through replay Host compromise That hands out password file.

Authentication Password protection mechanisms Transformation: Password presented by user to client is hashed, hash is sent to server. Server compares with hash of password. UNIX Salting: Each hash is different. Challenge-response Protects against replay attacks. Time stamps Authentication request from client to server depends on time. Protects against replays. One-time passwords Digital Signature with every request. Zero-Knowledge techniques

Authentication Kerberos: Authentication system based on symmetric cryptography For patent reasons

Kerberos Every user / client / server shares a key with the authentication server. Authentication server hands out tickets to all other servers.

Kerberos First exchange between user and Authentication Server establishes a session key. This way, the same key is used only sparingly.

Key Distribution Center KDC: Database of keys for all users Invents and hands out keys for each transaction between clients. Alice KDC Bob Alice wants Bob KAlice{ KAB for Bob } KBob{KAB for Alice}

Personal Tokens Small hardware devices that use a pin to unlock. Storage Token: contains a secret value. Synchronous one-time password generator Generates a new password once a minute. Challenge Response: Implements the calculation of the response from a challenge according to a secret algorithm. Digital Signature Token: Calculates digital signature from message MAC.

Personal Tokens Human Interface Token. Smartcard PCMCIA card USB token Handheld with digital display (and keyboard). Smartcard Dimensions and contacts standardized by ISO/IEC. PCMCIA card USB token

Biometrics Fingerprint recognition Voice recognition Handwriting recognition Face recognition Retinal scan Hand geometry recognition

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.