Chapter 2 Protocols Controlling communications of principals in systems.

Slides:

Advertisements

Similar presentations

Modelling and Analysing Security Protocol: Lecture 4 Attacks and Principles Tom Chothia CWI.

Advertisements

AUTHENTICATION AND KEY DISTRIBUTION

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

Lecture 10: Mediated Authentication

Chapter 10 Real world security protocols

Authentication Applications The Kerberos Protocol Standard

COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment.

CSC 474 Information Systems Security

Handshake Protocols COEN 350. Simple Protocol Alice: Hi, I am Alice. My password is “fiddlesticks”. Bob: Welcome, Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

1 Security in Wireless Protocols Bluetooth, , ZigBee.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.

Modelling and Analysing of Security Protocol: Lecture 3 Protocol Goals Tom Chothia CWI.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.

Information Security of Embedded Systems : BAN-Logic Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.

1 Authentication Protocols Celia Li Computer Science and Engineering York University.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Programming Satan’s Computer

14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.

IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:

Formal Analysis of Security Protocols Dr. Changyu Dong

BAN LOGIC Amit Chetal Monica Desai November 14, 2001

© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.

Key Agreement Guilin Wang School of Computer Science 12 Nov

Network Security Lecture 23 Presented by: Dr. Munam Ali Shah.

Security protocols  Authentication protocols (this lecture)  Electronic voting protocols  Fair exchange protocols  Digital cash protocols.

Week 4 - Wednesday.  What did we talk about last time?  RSA algorithm.

Authentication Building Secure Protocols. Topics The Authentication Problem Simple Device Authentication Attack and Countermeasures Cryptographic Hash.

Shanti Bramhacharya and Nick McCarty. This paper deals with the vulnerability of RFIDs A Radio Frequency Identifier or RFID is a small device used to.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.

1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.

14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.

6 June Lecture 2 1 TU Dresden - Ws on Proof Theory and Computation Formal Methods for Security Protocols Catuscia Palamidessi Penn State University,

Ingredients of Information Security. - Who has access the asset? - Is the asset correct? - Is the asset accessible? …uncorrupted? …authentic?

Lecture 6.1: Protocols - Authentication and Key Exchange I CS 436/636/736 Spring 2012 Nitesh Saxena.

The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.

Authenticated Key Exchange I. Definitions I. MAP I. matching conversations II. oracles II. (I)KA II. AKEP2 III. AKEP2 Security I. Session Keys II. Perfect.

1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced.

Identify Friend or Foe (IFF) Chapter 9 Simple Authentication protocols Namibia Angola 1. N 2. E(N,K) SAAF Impala Russian MIG 1 Military needs many specialized.

1 Authentication Protocols Rocky K. C. Chang 9 March 2007.

Chapter 3 Basic Protocols. 3.1 Key Exchange n Session Key - Why? n Key Exchange with Symmetric Cryp. KDC request E KA (K AB ), E KB (K AB ) E KB (K AB.

Pertemuan #8 Key Management Kuliah Pengaman Jaringan.

Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.

KERBEROS. Introduction trusted key server system from MIT.Part of project Athena (MIT).Developed in mid 1980s. provides centralised private-key third-party.

1 Authentication Celia Li Computer Science and Engineering York University.

Fourth Edition by William Stallings Lecture slides by Lawrie Brown

Analyzing Key Distribution and Authentication Protocols

پروتكلهاي احرازاصالت Authentication protocols

Lecture 6.1: Protocols - Authentication and Key Exchange I

刘振上海交通大学计算机科学与工程系电信群楼3-509

Chapter 8 roadmap 8.1 What is network security?

AIT 682: Network and Systems Security

Presentation transcript:

Chapter 2 Protocols Controlling communications of principals in systems

Security Protocols This is the broader meaning of “protocols” Not just computer protocols The protocols control the communications of the various principles in a system. Security protocols fail.

Eavesdropping Risk Passwords remain the foundation of which computer security rests Key fob and garage doors use 16 bit serial number as key Random guess serial number Use a grabber to get another's code Using a simple password such as serial number is seldom adequate except for systems that require minimum security

Simple Authentication T  G: T,{T,N} kt T  G name (T) sent to garage Form is the Name (T) concatenated with {T, N) encrypted with kt {T, N where N is nonce) Nonce guarantees freshness Assures it is not a play-back Nonce can be very poorly done Challenge and response two-pass protocol

Manipulating Message Can also set your self up in the middle and manipulate the message These are just adjustments to replay attacks

Changing Environment Can make previously secure products fail. ATMs originally designed under these premise: Cards not secure PINS are Machines installed in secure locations (banks) Moving of ATMs to many locations violated one of the original design premise opening up a series of new attacks

Managing Encryption Keys A variant of Kerberos is widely used in W2K variants. Basic Key Management use a trusted third party Needham-Schroeder Protocol Kerberos is derivative of Needham- Schroeder, developed at MIT

Formal Proofs There has been work done to formally prove the security of various protocols. Ban Logic pg 29 These formal methods require designers to look more closely at the design. But do not assure security, based on external assumptions The “boundaries” between technologies are often where vulnerabilities arise.

Discussion topics Find current example of man in middle attack Find article on using source routing to establish man in middle attack Current uses of Kerberos

List of resources Security protocols Garage door openers Nice article comparing garage opener and automotive security protections:

List of resources Challenge-response Kerberos otocol%29 otocol%29 Needham-Schroeder Schroeder Schroeder