CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

Slides:



Advertisements
Similar presentations
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Advertisements

Chapter 10 Real world security protocols
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.
Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
G Robert Grimm New York University Using Encryption for Authentication in Computer Networks.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
1 Pertemuan 04 Pengamanan Akses Sistem Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.
CMSC 414 Computer and Network Security Lecture 19 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
CMSC 414 Computer and Network Security Lecture 18 Jonathan Katz.
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
CMSC 414 Computer (and Network) Security Lecture 24 Jonathan Katz.
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
Authentication System
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Strong Password Protocols
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 ECE453 – Introduction to Computer Networks Lecture 19 – Network Security (II)
Information Security Principles Assistant Professor Dr. Sana’a Wafa Al-Sayegh 1 st Semester ITGD 2202 University of Palestine.
Chapter 2. Network Security Protocols
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Lecture 11: Strong Passwords
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Network Security Lecture 23 Presented by: Dr. Munam Ali Shah.
KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 KEY MANAGEMENT DIFFIE-HELLMAN KEY.
1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
1 Network Security Lecture 7 Overview of Authentication Systems Waleed Ejaz
COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
KERBEROS SYSTEM Kumar Madugula.
Fall 2006CS 395: Computer Security1 Key Management.
Key Management and Distribution Anand Seetharam CST 312.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
KERBEROS. Introduction trusted key server system from MIT.Part of project Athena (MIT).Developed in mid 1980s. provides centralised private-key third-party.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
CMSC 414 Computer and Network Security Lecture 15
Presentation transcript:

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz

Public-key protocols  Server stores pk; user stores sk  Server sends R; user signs R –Using a secure signature scheme…  Is this secure? –Potential weaknesses –What if we had used encryption instead?  Can we achieve security against server compromise and eavesdropping without using public-key crypto?

Lamport’s hashing protocol  Server stores H n (pw); user sends H n-1 (pw) –Server updates user’s entry…  Can also add “salt” to hash –Can use same password on different sites –Protects against off-line attacks –Can use same password (but different salt) when password “expires”  Deployed as S/Key

Some attacks…  Secret expires…  No mutual authentication –“Small n” attack

Session key establishment  There are very few applications for which authentication alone is sufficient! –What do you do once you are authenticated?  Generally, need to establish a session key –Efficiency advantages to using symmetric-key techniques if public-key auth. is used –Advantages even if a symmetric key is already shared…

Session keys  Reduces effectiveness of cryptanalysis  If a key is compromised, only one conversation is affected  Prevents replay of messages from other conversations  Better security from un-trusted host

KDCs  Key Distribution Centers  Advantages of symmetric-key crypto, without O(n 2 ) keys –But requires a trusted intermediary –Single point of failure/attack

Multiple intermediaries  Can use multiple KDCs… –Can have all pairs of KDCs share a key –More likely, there will be a hierarchy of KDCs

Basic key exchange  Public-key based…  Diffie-Hellman key exchange –Not authenticated (yet)!