Cpr E 308 Spring 2004 Security Unix Passwords Security across a network Cryptography – encryption and decryption.

Slides:



Advertisements
Similar presentations
User Registration. Click on ‘Sign Up’ button. Enter Registration details and click on submit button.
Advertisements

Password Cracking Lesson 10. Why crack passwords?
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
CSUF Chapter CSUF Operating Systems Security 2.
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
CSC 474 Information Systems Security
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Section 3.2: Operating Systems Security
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (7) AUTHENTICATION.
Cryptography and Network Security Chapter 20 Intruders
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
CSE331: Introduction to Networks and Security Lecture 23 Fall 2002.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Chapter 1 Computer Networks and the Internet. Copyright © 2005 Pearson Addison-Wesley. All rights reserved. 1-2.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
1 Security and Protection Chapter 9. 2 The Security Environment Threats Security goals and threats.
Strong Password Protocols
SSH Secure Login Connections over the Internet
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
Jim McLeod MyDBA  SQL Server Performance Tuning Consultant with MyDBA  Microsoft Certified Trainer with SQLskills Australia 
Security 0 The Secure Environment. Security 1 The Secure Environment Security goals (C.I.A.) and threats.
SSL, Single Sign On, and External Authentication Presented By Jeff Kelley April 12, 2005.
Lecture 11: Strong Passwords
David Evans CS150: Computer Science University of Virginia Computer Science Class 31: Cookie Monsters and Semi-Secure.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition The Security Requirements Triad Data confidentiality Privacy Data Integrity.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
1 Securing Data and Communication. 2 Module - Securing Data and Communication ♦ Overview Data and communication over public networks like Internet can.
Account Forwarding ICS100 David Pai Spring 2007.
1 Information Security Practice I Lab 5. 2 Cryptography and security Cryptography is the science of using mathematics to encrypt and decrypt data.
Password authentication Basic idea –User has a secret password –System checks password to authenticate user Issues –How is password stored? –How does system.
Networks Network topologies. Networks Network topology Is the way the devices are arranged in a network In a wired network, it shows how the computers.
G53SEC 1 Authentication and Identification Who? What? Where?
Identification and Authentication CS432 - Security in Computing Copyright © 2005,2010 by Scott Orr and the Trustees of Indiana University.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
G53SEC 1 Authentication and Identification Who? What? Where?
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Advanced file encryption Copyright © 2002 Deerfield.com, All Rights Reserved.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Authentication What you know? What you have? What you are?
King Mongkut’s University of Technology Network Security 8. Password Authentication Methods Prof. Reuven Aviv, Jan Password Authentication1.
Password. On a Unix system without Shadow Suite, user information including passwords is stored in the /etc/passwd file. Each line in /etc/passwd is a.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
Internet2 Base CAMP Topics in Middleware: Authentication.
Unit 1 Understanding computer systems: How legal, ethical, safety and security issues affect how computers should be used OCR Cambridge Nationals in ICT.
Operating Systems Security 1. The Boot Sequence The action of loading an operating system into memory from a powered-off state is known as booting or.
LINUX Presented By Parvathy Subramanian. April 23, 2008LINUX, By Parvathy Subramanian2 Agenda ► Introduction ► Standard design for security systems ►
Managing Users CSCI N321 – System and Network Administration Copyright © 2000, 2011 by Scott Orr and the Trustees of Indiana University.
CIS 450 – Network Security Chapter 10 – UNIX Password Crackers.
 Encryption provides confidentiality  Information is unreadable to anyone without knowledge of the key  Hashing provides integrity  Verify the integrity.
Network Security  introduction  cryptography  authentication  key exchange  required reading: text section 7.1.
Effective Password Management Neil Kownacki. Passwords we use today PINs, smartphone unlock codes, computer accounts, websites Passwords are used to protect.
ACCESSING YOUR E-FAX SYSTEM
Grid Security.
Password Management Limit login attempts Encrypt your passwords
Password Cracking Lesson 10.
Radius, LDAP, Radius used in Authenticating Users
Chapter 8 File Security.
IIT Indore © Neminah Hubballi
Windows 94
Use same User ID and password as computer login
Authentication & Access Control
ATTACKS ON WINZIP ENCRYPTION
Exercise: Hashing, Password security, And File Integrity
Computer Security Protection in general purpose Operating Systems
Presentation transcript:

Cpr E 308 Spring 2004 Security Unix Passwords Security across a network Cryptography – encryption and decryption

Cpr E 308 Spring 2004 Passwords in UNIX Login: snt Password: cpre308 How does the system check if the password is correct? One solution: –Password file has (username, password) pairs –Store [snt, cpre308] in /etc/passwd –Password file readable only by privileged user Privileged users can get your password –Why is this a problem?

Cpr E 308 Spring 2004 Solution: One-Way Functions f(x) is easy to compute f -1 (x) is extremely difficult, if not impossible, to compute Password file can now be world-readable –Unix password file contains image of each password »/etc/passwd contains snt:y »snt logs in, supplies x »if f(x) == y, then ok Copyright © 2002 Thomas W. Doeppner. All rights reserved.

Cpr E 308 Spring 2004 Dictionary Attack (Morris and Thompson) For all words in dictionary, compute f(word) Find word such that f(word) == y Many users use simple passwords Copyright © 2002 Thomas W. Doeppner. All rights reserved.

Cpr E 308 Spring 2004 Counterattack Salting –for each password, create random “salt” value –Password file contains (f(append(word, salt)), salt) –12-bit salt values in Unix –attacker must do dictionary attack 4096 times, for each salt value »Not secure enough.. »Feldmeier and Karn produced list of 732,000 most common passwords concatenated with each of 4096 salt values covers ~30% of all passwords Copyright © 2002 Thomas W. Doeppner. All rights reserved. For additional security: systems make password file unreadable

Cpr E 308 Spring 2004 Networks Copyright © 2002 Thomas W. Doeppner. All rights reserved.

Cpr E 308 Spring 2004 “Trust Me” ACDE Copyright © 2002 Thomas W. Doeppner. All rights reserved. B

Cpr E 308 Spring 2004 “Trust Everyone”: The Internet usually unauthenticated and unencrypted Passwords are (sometimes) passed unencrypted – telnet Copyright © 2002 Thomas W. Doeppner. All rights reserved.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.