RADIUS Shared Secret Security Amplification A practical approach to improved security draft-funk-radiusext-shared-secret-amp-00.txt.

Slides:



Advertisements
Similar presentations
Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.
Advertisements

Secure Pre-Shared Key Authentication for IKE
Internet Protocol Security (IP Sec)
Lecture 5: Cryptographic Hashes
CSUF Chapter CSUF Operating Systems Security 2.
NSRC Workshop Some fundamental security concerns... Confidentiality - could someone else read my data? Integrity - has my data been changed? Authentication.
Cryptology Passwords and Authentication Prof. David Singer Dept. of Mathematics Case Western Reserve University.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
1 MD5 Cracking One way hash. Used in online passwords and file verification.
Time Passes, Security Changes… Christian Huitema Monday, August 1, 2005 IETF, Application Area Meeting.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.
Georgy Melamed Eran Stiller
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
Password Best Practices.  Never share your login ids and/or passwords  Remember: you are responsible for any activities associated with your login and.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Implementing Unified Messaging Joseph Blanchard Joseph Mancuso S. Paul Petroski.
Solitaire CRyptography Applications Bistro 8 April 2004.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
Strong Password Protocols
Text passwords Hazim Almuhimedi. Agenda How good are the passwords people are choosing? Human issues The Memorability and Security of Passwords Human.
MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.
Windows This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr. Stephen.
Doc.: IEEE /TBD Submission November 2001 Warren Barkley, Tim Moore, Bernard Aboba/Microsoft IEEE 802.1X and RADIUS Security Bernard Aboba Ashwin.
Local Area Networks (LAN) are small networks, with a short distance for the cables to run, typically a room, a floor, or a building. - LANs are limited.
CIS 450 – Network Security Chapter 8 – Password Security.
Solutions for Secure and Trustworthy Authentication Ramesh Kesanupalli
Security Planning and Administrative Delegation Lesson 6.
Lecture 11: Strong Passwords
The Misuse of RC4 in Microsoft Office A paper by: Hongjun Wu Institute for Infocomm Research, Singapore ECE 578 Matthew Fleming.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
Password authentication Basic idea –User has a secret password –System checks password to authenticate user Issues –How is password stored? –How does system.
INTERNET SAFETY FOR KIDS
Cody Brookshear Andy Borman
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Chapter 1 – Introduction Part 4 1. Message Authentication Codes Allows for Alice and Bob to have data integrity, if they share a secret key. Given a message.
Lecture 5 User Authentication modified from slides of Lawrie Brown.
Lecture 7 Page 1 CS 236 Online Authentication CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lesson 10: Configuring Network Settings MOAC : Configuring Windows 8.1.
Module 7: Implementing Security Using Group Policy.
King Mongkut’s University of Technology Network Security 8. Password Authentication Methods Prof. Reuven Aviv, Jan Password Authentication1.
SCSC 455 Computer Security Chapter 3 User Security.
Password Security Module 8. Objectives Explain Authentication and Authorization Provide familiarity with how passwords are used Identify the importance.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
PKCS #5 v2.0: Password-Based Cryptography Standard
Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Computer Security Sample security policy Dr Alexei Vernitski.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
Understanding Security Policies Lesson 3. Objectives.
1 Web Technologies Website Publishing/Going Live! Copyright © Texas Education Agency, All rights reserved.
An Introduction to Local Area Networks An Overview of Peer-to-Peer and Server-Based Models.
7/10/20161 Computer Security Protection in general purpose Operating Systems.
Understanding Security Policies
Answer to Summary Questions
Authentication Schemes for Session Passwords using Color and Images
Cluster Communications
PPP – Point to Point Protocol
Extended Authentication Protocol (EAP) Vulnerabilities exploited through Rogue Access Points Stephen Cumella.
Unit 7 NT1330 Client-Server Networking II Date: 7/26/2016
Web Systems Development (CSC-215)
Outline Using cryptography in networks IPSec SSL and TLS.
Exercise: Hashing, Password security, And File Integrity
Security Issues with Wireless Protocols
Computer Security Protection in general purpose Operating Systems
Hash Function Requirements
Presentation transcript:

RADIUS Shared Secret Security Amplification A practical approach to improved security draft-funk-radiusext-shared-secret-amp-00.txt Paul Funk Funk Software

Shared Secret Question Is RADIUS encryption/validation good enough? –Primary threat is dictionary attack –Attacker must have layer 2 traffic visibility In theory: –Yes, if you use a strong shared secret –More so if you use IPsec –Proper network hygiene helps In practice: –Security police cannot force strong shared secrets to be used –IPsec introduces its own kind of nightmare

Make It Easier For Administrators Use PKCS-5 to convert ordinary secrets to strong ones: –Start with “precursor” secret –“Amplify” its security by repeated PKCS-5 hashing Precursor secret can be administrator-friendly: –Can be remembered –Doesn’t need to be written down Amplified shared secret: –Is much more resistant to dictionary attack –Can be generated via simple utility (need not be built in to RADIUS clients and servers) –Can be configured into existing RADIUS equipment by copy- and-paste –Can be regenerated as needed from precursor

Amplification Process PKCS-5 is used to amplify the precursor: –Hash the precursor secret 1,048,576 times (2 ^ 20) –Output 12 octets of pseudo-random data –Base64-encode into 16 ASCII characters Example: –If precursor secret is “swordfish” … –Amplified shared secret is “g6QvQuRgRsl1AQ/E” Try demo at: –

Using a Salt For Increased Security Optional “salt” improves security flavor: –The salt is just an additional piece of text –It is mixed with precursor during hashing –Salt ensures entropy meets minimum requirements, even with weak precursor secrets Deployment –Administrator defines domain-wide salt –technicians pick precursors to generate shared secrets as needed

Security Analysis Equivalent to adding 20 bits of entropy to password Ordinary dictionary attack against precursor: –Takes a million times longer Attacker must perform a million hashes for each candidate precursor Attack that might have taken an hour now takes over a hundred years –Equivalent to adding 20 bits of entropy to password Dictionary attack directly against the amplified shared secret: –Infeasible, as it has 96 bits of apparent entropy Precomputed dictionary attack: –Attacker computes many amplified shared secrets from precursors and stores them on CD-ROM –Uses CD-ROM in dictionary attack –Once CD-ROM is developed, dictionary attack against amplified secret is equivalent to attack against precursor –However, it will take decades to create CD-ROM –And storage capacity needs to run in the terabytes.

Recommendations Ordinary text is estimated at 2.5 bits of entropy per character: –12 character secret has 30 bits of entropy –16 character secret has 40 bits of entropy Suggest precursors of at least 12, preferable 16 characters: –12 character secret has 50 bits of entropy after amplification –16 character secret has 60 bits of entropy after amplification

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.