14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.

Slides:



Advertisements
Similar presentations
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Advertisements

Lecture 6 User Authentication (cont)
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Modern Symmetric-Key Ciphers
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
1 Security in Wireless Protocols Bluetooth, , ZigBee.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Chapter 12: Authentication Basics Passwords Challenge-Response Biometrics Location Multiple Methods Computer Security: Art and Science © Matt.
1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 29 Cryptography and Network.
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Chap 3: Key exchange protocols In most systems, we distinguish the short term keys from the long term ones: –A short term key (session key) is used to.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
ITIS 6200/8200. time-stamping services Difficult to verify the creation date and accurate contents of a digital file Required properties of time-stamping.
CSE331: Introduction to Networks and Security Lecture 24 Fall 2002.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 9 Cryptographic Protocol Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
CMSC 414 Computer and Network Security Lecture 13 Jonathan Katz.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
13.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 13 Digital Signature.
13.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 13 Digital Signature.
Chapter 13 Digital Signature
Chapter 31 Network Security
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Csci5233 Computer Security1 Bishop: Chapter 12 Authentication.
14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
3.1 SERVICES AND MECHANISMS SERVICES AND MECHANISMS The International Telecommunication Union- Telecommunication Standardization Section (ITU-T) provides.
Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.
Lecture 11: Strong Passwords
Entity Authentication
Le Trong Ngoc Security Fundamentals Entity Authentication Mechanisms 4/2011.
CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1
Chapter 3: Basic Protocols Dulal C. Kar. Key Exchange with Symmetric Cryptography Session key –A separate key for one particular communication session.
Security.
Chapter 21 Distributed System Security Copyright © 2008.
Chapter 31 Cryptography And Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1.1 Chapter 1 Introduction Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
CSCE 522 Identification and Authentication. CSCE Farkas2Reading Reading for this lecture: Required: – Pfleeger: Ch. 4.5, Ch. 4.3 Kerberos – An Introduction.
1 Lect. 20. Identification. 2  Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,
Privacy versus Authentication Confidentiality (Privacy) –Interceptors cannot read messages Authentication: proving the sender’s identity –The Problem of.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Digital Signatures, Message Digest and Authentication Week-9.
1 Needham-Schroeder A --> S: A,B, N A S --> A: {N A,B,K AB,{K AB,A} KBS } KAS A --> B:{K AB,A} KBS B --> A:{N B } KAB A --> B:{N B -1} KAB.
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Lecture 6.1: Protocols - Authentication and Key Exchange I CS 436/636/736 Spring 2012 Nitesh Saxena.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
1 Authentication Protocols Rocky K. C. Chang 9 March 2007.
CSCE 201 Identification and Authentication Fall 2015.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Computer Communication & Networks
پروتكلهاي احرازاصالت Authentication protocols
Chapter 13 Digital Signature
Chapter 29 Cryptography and Network Security
Presentation transcript:

14.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 14 Entity Authentication

14.2 Objectives  To distinguish between message authentication and entity authentication  To define witnesses used for identification  To discuss some methods of entity authentication using a password  To introduce some challenge-response protocols for entity authentication  To introduce some zero-knowledge protocols for entity authentication  To define biometrics and distinguish between physiological and behavioral techniques Chapter 14

INTRODUCTION Entity authentication is a technique designed to let one party prove the identity of another party. An entity can be a person, a process, a client, or a server. The entity whose identity needs to be proved is called the claimant; the party that tries to prove the identity of the claimant is called the verifier Data-Origin Versus Entity Authentication Verification Categories Entity Authentication and Key Management Topics discussed in this section:

14.4 There are two differences between message authentication (data-origin authentication), discussed in Chapter 13, and entity authentication, discussed in this chapter Data-Origin Versus Entity Authentication 1)Message authentication might not happen in real time; entity authentication does. 2)Message authentication simply authenticates one message; the process needs to be repeated for each new message. Entity authentication authenticates the claimant for the entire duration of a session.

Verification Categories Something known Something possessed Something inherent

PASSWORDS The simplest and oldest method of entity authentication is the password-based authentication, where the password is something that the claimant knows Fixed Password One-Time Password Topics discussed in this section:

Fixed Password First Approach Figure 14.1 User ID and password file Attacks on the first approach Eavesdropping Stealing a password Accessing a password file guessing

14.8 Second Approach Continued Figure 14.2 Hashing the password Dictionary attack Create a list of password, calculate the hash value, and search the second-column entries to find a match.

14.9 Third Approach Continued Figure 14.3 Salting the password When the password is created, a random string, called the salt, is concatenated to the password. The salted password is then hashed. The Unix OS uses a variation of this method. Dictionary attack becomes more difficult

14.10 Fourth Approach In the fourth approach, two identification techniques are combined. A good example of this type of authentication is the use of an ATM card (something possessed) with a PIN (personal identification number) (something known) Continued

One-Time Password  A one-time password is a password that is used only once.  In the first approach, the user and the system agree upon a list of passwords.  In the second approach, the user and the system agree to sequentially update the password.  The user and the system agree on an original pwd, P1, which is valid only for the first access.  During the first access, the user generates a new pwd P2, and encrypt this pwd with P1 as the key, P2 is the pwd for the second access.  If Eve can guess the first pwd P1, she can find all of the subsequent ones.

One-Time Password In the third approach, the user and the system create a sequentially updated password using a hash function.

Continued Figure 14.4 the third approach -- Lamport one-time password  Alice and Bob agree upon an original password P0 and a counter n.  The system stores the identity of Alice, the value of n and the hash.

Continued  When system receives the response of the user n in the third message, it applies the hash function to check.  The system then decrease counter and hash value from n to n-1.  Where the value becomes 0, the user can no longer access the system  Everything must be set up again.

CHALLENGE-RESPONSE In password authentication, the claimant proves her identity by demonstrating that she knows a secret, the password. However, because the claimant reveals this secret, it is susceptible to interception by the adversary. In challenge-response authentication, the claimant proves that she knows a secret without sending it Using a Symmetric-Key Cipher Using Keyed-Hash Functions Using an Asymmetric-Key Cipher Using Digital Signature Topics discussed in this section:

Continue In challenge-response authentication, the claimant proves that she knows a secret without sending it to the verifier. Note The challenge is a time-varying value sent by the verifier; the response is the result of a function applied on the challenge. Note

Using a Symmetric-Key Cipher First Approach Figure 14.5 Nonce challenge 1.ID of claimant 2.The challenge: R B is the nonce randomly chosen by the Bob to challenge Alice 3.Alice encrypts the nonce using the shared secret key known only to Alice and Bob. Bob decrypts the message. If the nonce obtained from decryption is the same as the one sent by Bob.

Using a Symmetric-Key Cipher First Approach Figure 14.5 Nonce challenge The use of nonce prevents a replay of the third message by Eve. Eve can not reply the third message and pretend that it is a new request from authentication by Alice. Because once Bob received the response in the first time, the value of R B is not valid any more. There will be a new value next time.

14.19 Second Approach Continued Figure 14.6 Timestamp challenge The challenge message is the current time sent from the verifier to the claimant. The claimant encrypt Alice ID and time with Alice-Bob secret key. Assume the claimant and verifier clocks are synchronized.

14.20 Third Approach Continued Figure 14.7 Bidirectional authentication 1.Alice ID 2.The challenge from Bob to Alice R B 3.Alice respond and send her challenge R A 4.Bob’s response. R A and R B are switched to prevent a replay attack of the 3 rd message by an adversary.

14.21 Instead of using encryption/decryption for entity authentication, we can also use a keyed-hash function (MAC) Using Keyed-Hash Functions Figure 14.8 Keyed-hash function 1.The challenge message is the current time sent from the verifier to the claimant. 2.The timestamp is sent both as plaintext and as text scrambled by the keyed-hash function. 3.Bob compares his calculation with what he received.

Using an Asymmetric-Key Cipher First Approach Figure 14.9 Unidirectional, asymmetric-key authentication Encrypt ID Bob and a nonce with Alice’s public key Ownership of claimant’s private key

14.23 Second Approach Continued Figure Bidirectional, asymmetric-key

Using Digital Signature First Approach Figure Digital signature, unidirectional Ownership of claimant’s private key

14.25 Second Approach Continued Figure Digital signature, bidirectional authentication

ZERO-KNOWLEDGE In zero-knowledge authentication, the claimant does not reveal anything that might endanger the confidentiality of the secret. The claimant proves to the verifier that she knows a secret, without revealing it. The interactions are so designed that they cannot lead to revealing or guessing the secret Fiat-Shamir Protocol Feige-Fiat-Shamir Protocol Guillou-Quisquater Protocol Topics discussed in this section:

Fiat-Shamir Protocol

Fiat-Shamir Protocol Figure Fiat-Shamir protocol is from private key and challenge is from public key of Alice

14.29 Cave Example Continued Figure Cave example 1.Alice chooses to go either right or left. After Alice disappears, Bob comes to point 2 and asks Alice to come up from either the right or left. 2. if Alice knows the magic word, she will come up from the right direction. If she does not know the word, she comes up from the right direction with ½ probability. 3.The game will be repeated many times. The door can only be opened with a magic word. Alice claims that she knows the word and that she can open the door. Bob and Alice are at pint 1. Alice enters the cave and reaches the point 2.

Feige-Fiat-Shamir Protocol Figure Feige-Fiat-Shamir protocol

Guillou-Quisquater Protocol Figure Guillou-Quisquater protocol

BIOMETRICS Biometrics is the measurement of physiological or behavioral features that identify a person (authentication by something inherent). Biometrics measures features that cannot be guessed, stolen, or shared. Several components are needed for biometrics, including capturing devices, processors, and storage devices..

Enrollment Before using any biometric techniques for authentication, the corresponding feature of each person in the community should be available in the database. This is referred to as enrollment.

Authentication Verification Identification Figure Techniques

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.