Chapter 11: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Establishing Identity One or more of the following What entity knows (eg. password) What entity has (eg. badge, smart card) What entity is (eg. fingerprints, retinal characteristics) Where entity is (eg. In front of a particular terminal)

What entity knows https://docs.oracle.com/cd/E19424-01/820-4811/gdzeq/index.html

What entity has http://www.acmesecurity.com/images/access-new.jpg

What entity is https://cdn.wccftech.com/wp-content/uploads/2017/12/iPhone-X-Face-ID-Projection.jpg

Where entity is https://pbs.twimg.com/media/B9roIlCIIAAKaBx.png

Authentication System (A, C, F, L, S) A (authentication information): the set of specific information with which entities proves their identity; C (complementary information): the set of information that the system stores and uses to validate the authentication information; F (complementation function): generate the complementary information from the authentication information; f : A  C; L: authentication functions that prove identity; S: selection function enabling an entity to create or alter information in A or C; November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Authentication System (A, C, F, L, S) A (authentication information): the set of specific information with which entities proves their identity;

Authentication System (A, C, F, L, S) C (complementary information): the set of information that the system stores and uses to validate the authentication information; http://www.miklsoft.com/help/passwords-generator/passwords-list.gif

Authentication System (A, C, F, L, S) F (complementation function): generate the complementary information from the authentication information; f : A  C; https://www.fbi.gov/image-repository/istock_20976715_medium.jpg/@@images/image/high

Authentication System (A, C, F, L, S) L: authentication functions that prove identity;

Authentication System (A, C, F, L, S) S: selection function enabling an entity to create or alter information in A or C; https://www.imore.com/sites/imore.com/files/styles/large/public/field/image/2013/09/iphone_5s_touch_id_fingerprint_video_hero_4x3.jpg?itok=bhma0a7k

Example Password system, with passwords stored on line in clear text A set of strings making up passwords C = A F singleton set of identity function { I } L single equality test function { eq } S function to set/change password November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Passwords Example of an authentication mechanism based on what people know; Sequence of characters Examples: 10 digits, a string of letters, etc. Generated randomly, by user, by computer with user input Sequence of words Examples: pass-phrases Algorithms Examples: challenge-response, one-time passwords November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Storage of Passwords Store as cleartext Encipher file If password file compromised, all passwords revealed Encipher file Need to have decipherment, encipherment keys in memory Reduces to previous problem Store one-way hash of password If file read, attacker must still guess passwords or invert the hash November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

SHA-1 Hashing Example

Anatomy of Attacking Goal: find a  A such that: For some f  F, f(a) = c  C c is associated with entity Two ways to determine whether a meets these requirements: Direct approach: as above Indirect approach: as l(a) succeeds iff f(a) = c  C for some c associated with an entity, compute l(a) November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Preventing Attacks How to prevent this: Hide one of a, f, or c Prevents obvious attack from above Example: UNIX/Linux shadow password files Hides c’s Block access to all l  L or result of l(a) Prevents attacker from knowing if guess succeeded Example: preventing any logins to an account from a network Prevents knowing results of l (or accessing l) November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Guessing Through L Cannot prevent these Make them slow Otherwise, legitimate users cannot log in Make them slow Backoff: the amount of time to wait before next attempt keep increasing; Disconnection: after some number of failed authentication attempts, the connection is broken and the user must reestablish it; Disabling: if n consecutive attempts to log in to an account fail, the account is disabled until a security manager can reenable it; Be very careful with administrative accounts! Jailing: Allow in, but restrict activities and record the attacker’s actions; November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Dictionary Attack vs Brute Force Definition 11–3. A dictionary attack is the guessing of a password by repeated trial and error. https://steemitimages.com/0x0/https://i.imgsafe.org/2a4600dbe2.png

Anderson’s Formula The goal of defenders is to maximize the time needed to guess a password. Anderson’s formula: P: probability of guessing a password in specified period of time G: number of guesses tested in 1 time unit T: number of time units N: number of possible passwords (|A|) Then P ≥ TG/N

Example Goal Solution Passwords drawn from a 96-char alphabet Can test 104 guesses per second Probability of a success to be 0.5 over a 365 day period What is minimum password length? Solution N ≥ TG/P = (365246060)104/0.5 = 6.311011 Choose s such that 96s ≥ N So s ≥ 6, meaning passwords must be at least 6 chars long

Approaches: Password Selection Random selection Any password from A equally likely to be selected Pronounceable passwords User selection of passwords November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Random Selection of Passwords Theorem 11-1: let the expected time to guess a password be T. Then T is a maximum when the selection of any of a set of possible passwords is equiprobable; Short passwords should be avoided; Size of password space could be reduced due to the limited period of pseudo-random number generator; Human factor is also an important role: a person who is assigned two random passwords must write them down; Use a transformation algorithm to keep the password safe: t: X  A; Transformation algorithm is “capitalize the third letter in the word, and append the digit 2.” “Swqgle3”  ? (the transformation algorithm needs to be memorized). November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Pronounceable Passwords Generate phonemes randomly Phoneme is unit of sound, eg. cv, vc, cvc, vcv (c: consonant, v: vowel) Examples: helgoret, juttelon are; przbqxdfl, zxrptglfn are not Problem: too few Solution: key crunching Run long key through hash function and convert to printable sequence Use this sequence as password November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

User Selection Problem: people pick easy to guess passwords Based on account names, user names, computer names, place names Dictionary words (also reversed, odd capitalizations, control characters, “elite-speak”, conjugations or declensions, swear words, Torah/Bible/Koran/… words) Too short, digits only, letters only License plates, acronyms, social security numbers Personal characteristics or foibles (pet names, nicknames, job characteristics, etc. November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Picking Good Passwords “LlMm*2^Ap” Names of members of 2 families “OoHeO/FSK” Second letter of each word of length 4 or more in third line of third verse of Star-Spangled Banner, followed by “/”, followed by author’s initials What’s good here may be bad there “DMC/MHmh” bad at Dartmouth (“Dartmouth Medical Center/Mary Hitchcock memorial hospital”), ok here Why are these now bad passwords?  November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Proactive Password Checking Analyze proposed password for “goodness” Always invoked Can detect, reject bad passwords for an appropriate definition of “bad” Discriminate on per-user, per-site basis Needs to do pattern matching on words Needs to execute subprograms and use results Spell checker, for example Easy to set up and integrate into password selection system November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

Password Aging Force users to change passwords after some time has expired How do you force users not to re-use passwords? Record previous passwords Block changes for a period of time Give users time to think of good passwords Don’t force them to change before they can log in Warn them of expiration days in advance

Challenge-Response User, system share a secret function f (in practice, f is a known function with unknown parameters, such as a cryptographic key)

Pass Algorithms Challenge-response with the function f itself a secret Example: Challenge is a random string of characters such as “abcdefg”, “ageksido” Response is some function of that string such as “bdf”, “gkip” Can alter algorithm based on ancillary information Network connection is as above, dial-up might require “aceg”, “aesd” Usually used in conjunction with fixed, reusable password November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop

One-Time Passwords Password that can be used exactly once Problems After use, it is immediately invalidated Problems Synchronization of user, system Generation of good random passwords Password distribution problem

Biometrics Fingerprints: optical or electrical techniques Optical Scanner vs Capacitive Scanner; Maps fingerprint into a graph, then compares with database http://www.bioelectronix.com/whatisbiostrip.png

Biometrics – Voice ID Voices: speaker verification or recognition Verification: uses statistical techniques to test hypothesis that speaker is who is claimed (speaker dependent) Recognition: checks content of answers (speaker independent) https://23817o46hoju2rzish3wqwd2-wpengine.netdna-ssl.com/wp-content/uploads/2016/02/voicekey-onepass_2256.png

Other Characteristics Eyes: patterns in irises unique Measure patterns, determine if differences are random; or correlate images using statistical tests http://static.migom.by/img/news/6420/main.jpg

Other Characteristics Faces: image, or specific characteristics like distance from nose to chin Lighting, view of face, other noise can hinder this https://accelerator-origin.kkomando.com/wp-content/uploads/2017/09/face-scan.jpg

Other Characteristics Keystroke dynamics: believed to be unique Keystroke intervals, pressure, duration of stroke, where key is struck Statistical tests used http://www.deepnetsecurity.com/wp-content/uploads/2014/03/TypeSense-password.png

Cautions These can be fooled! Assumes biometric device accurate in the environment it is being used in! Transmission of data to validator is tamperproof, correct https://en.dopl3r.com/memes/dank/me-about-to-unlock-my-boyfriends-phone-with-a-mask-i-made-of-his-face/97018

Key Points Authentication is not cryptography You have to consider system components Passwords are here to stay They provide a basis for most forms of authentication Protocols are important They can make masquerading harder Authentication methods can be combined Example: PAM November 1, 2004 Introduction to Computer Security ©2004 Matt Bishop