The Secure Password-Based Authentication Protocol

Slides:



Advertisements
Similar presentations
TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu.
Advertisements

1 Password-based authenticated key exchange Ravi Sandhu.
KERBEROS
Pairwise Key Agreement in Broadcasting Networks Ik Rae Jeong.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
SIP Authentication using EC- SRP5 Protocol draft-liu-sipcore-ecc-srp5-00.txt Authors: Fuwen Liu, Minpeng Qi and Min Zuo.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
Key Exchange Using Passwords and Long Keys Vladimir Kolesnikov Charles Rackoff Comp. Sci. University of Toronto.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :
Intro To Secure Comm. Exercise 2. Problem  You wish for your users to access a remote server via user and password.  All of the users have modems and.
1 Three-Party Encrypted Key Exchange Without Server Public-Keys C. L. Lin, H. M. Sun, M. Steiner, and T. Hwang IEEE COMMUNICATIONS LETTER, VOL. 5, NO.12,
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 15 Jonathan Katz.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Network Security--- User Authentication and Key Agreement Protocols
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
國立清華大學資訊工程系 資訊安全實驗室 孫宏民 博士 Phone: Authenticated Key Exchange Protocols.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
A New Two-Server Approach for Authentication with Short Secrets John Brainard, Ari Juels,Burt Kaliski and Michael Szydlo RSA Laboratories To appear in.
Authentication System
國立清華大學資訊工程系 資訊安全實驗室 孫宏民 Phone: Network Security --- Network Security --- Key Establishment Protocols.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
1 Security Weakness in a Three-Party Password-Based Key Exchange Protocol Using Weil Pairing From : ePrint (August 2005) Author : Junghyun Nam, Seungjoo.
Password Authentication J. Mitchell CS 259. Password fileUser exrygbzyf kgnosfix ggjoklbsz … kiwifruit hash function.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Computer Science Public Key Management Lecture 5.
Ssh: secure shell. overview Purpose Protocol specifics Configuration Security considerations Other uses.
Strong Password Protocols
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Chapter 2. Network Security Protocols
EMBEDDED SECURITY EEN 417 Fall /6/13, Dr. Eric Rozier, V1.0, ECE Thanks to Edward Lee and Sanjit Seshia of UC Berkeley.
Lecture 11: Strong Passwords
Key Agreement Guilin Wang School of Computer Science 12 Nov
Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.
CIST/ETRI/ISIT/KDDI/Kyusyu Univ./NICT Joint Research Workshop on Ubiquitous Network Security 2005 Verifier-Based Password-Authenticated Key Exchange Jeong.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Lecture 5.2: Key Distribution: Private Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
Kerberos Guilin Wang School of Computer Science 03 Dec
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Password-only Authenticated Key Agreement Protocols Based on Self-certified Approach Tzong-Chen Wu and Yen-Ching Lin Department of Information Management.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Secure Messenger Protocol using AES (Rijndael) Sang won, Lee
1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced.
Dan Boneh Basic key exchange Trusted 3 rd parties Online Cryptography Course Dan Boneh.
RSA-based password authenticated key exchange protocol Presenter: Jung-wen Lo( 駱榮問 )
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
1 (Re)Introducing Strong Password Protocols Radia Perlman
SPEAKER: HONG-JI WEI DATE: Efficient and Secure Anonymous Authentication Scheme with Roaming Used in Mobile Networks.
1 Authentication Protocols Rocky K. C. Chang 9 March 2007.
My topic is…………. - It is the fundamental building block and the primary lines of defense in computer security. - It is a basic for access control and.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
KERBEROS. Introduction trusted key server system from MIT.Part of project Athena (MIT).Developed in mid 1980s. provides centralised private-key third-party.
CMSC 414 Computer and Network Security Lecture 15
Single Password, Multiple Accounts
Password-based authenticated key exchange
COEN 351 Authentication.
Presentation transcript:

The Secure Password-Based Authentication Protocol 20022127 Jeong Yunkyoung ykjeong@icu.ac.kr

Contents Introduction Authentication over an untrusted network Secure Password Authentication Previous Work EKE SRP PAK Future Study Reference

Introduction Techniques for user authentication What a user knows (passwords, PINs) What a user is (voiceprint identification, retinal scanners) What a user has (ID cards, smartcards) The problem of password authentication protocol One party must somehow prove to another party that it knows some password P. telnet, Kerberos : insecure

Authentication over an untrusted network(1) We want a password authentication and key-exchange protocol suitable for authenticating users and exchanging keys over an untrusted network. Alice Bob Password=“sesame” The Internet

Authentication over an untrusted network(2) Alice Bob Password=“sesame” K=3A82019B7CE8F1F9 The Internet

Secure Password Authentication Remote user access If one of the entities is a user and the other is a server, then this can be seen as a problem in the area of remote user access. Goal: security without requiring the user to carry/remember anything except password BUT, Password is “weak” : “easily memorizable” “low entropy” “easily guessed” “drawn from a ‘small’ dictionary” Dictionary attack

Previous Work - EKE Encrypted Key Exchange Steven M. Bellovin, Michael Merritt Notation

Previous Work - EKE Protocol (using RSA) Both parites have cleartext versions of the shared password. Alice Bob K

Previous Work - SRP Secure Remote Password Protocol Thomas Wu Notation

Previous Work - SRP Protocol To establish a password P with Steve, Carol picks a random salt s, and computes . Carol Steve

Previous Work - PAK Victor Boyko, Philip MacKenzie, Sarvar patel P=rq+1 for some value r co-prime to q. g is a generator of a subgroup of of size q. The resulting session key is K. Alice Bob

Future Study Some effort is needed. My approach… Network is insecure. PAP for using a short password. Don’t have cleartext version of the shared password. Less rounding. Using Diffie-Hellman and Hash,etc. Suggest efficient and secure password-based authentication protocol.

Reference S.M.Bellovin and M.Merritt. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In IEEE Security 92, pages 72-84. S.M.Bellovin and M.Merritt. Augumented encrypted key exchange: Password-based protocols secure against dictionary attacks. In IEEE Security 92, pages 72-84. T.Wu. The secure remote password protocol. In NDSS 98, pages 97-111 V.Boyko, P.MacKenzie, and S.Patel. Provably-secure password authentication and key exchange using Diffie-Hellman. In EUROCRYPT2000 , PAGES 156-171. P.MacKenzie and R.Swaminathan. Secure network authentication with password information. Manuscript.