1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography
2 Basic Authentication Techniques Challenge-Response Mechanisms
3 Manipulation Detection Code
4 Applying Asymmetric Cryptographic Technique Nonce Importance:
5 Standardization of the Challenge- Response Mechanism Unilateral entity authentication ISO Two-Pass Unilateral Authentication Protocol
6 Using a Cryptography Check Function (CCF)
7 ISO Public Key Two-Pass Unilateral Authentication Protocol
8 Timestamp Mechanism
9 Using MDC
10 Applying Asymmetric Cryptographic Techniques
11 Standardization of Timestamp Mechanism ISO Symmetric Key One-Pass Unilateral Authentication Protocol
12 CCF & Public Key Techniques
13 Non-standard Mechanisms
14 Mutual Authentication
15 Wiener ’ s Attack
16 Involving Trusted Third Party The Woo-Lam Protocol
17 Password-based Authentication
18 Needham ’ s Password Protocol
19 A One-time Password Scheme
20 Attack of S/KEY: Man-in-the- Middle Attack Page 371
21 Encrypted Key Exchange (EKE) (1) Off-line Dictionary Attack
22 Encrypted Key Exchange (EKE) (2)
23 Authenticated Key Exchange The Station-to-Station (STS) Protocol Mutual Entity Authentication Mutually Authenticated Key Agreement Mutual Key Confirmation Perfect Forward Secrecy (PFS) *Anonymity (Deniability)
24 STS Protocol
25 A Flaw in a Simplified STS protocol (1)
26 A Flaw in a Simplified STS protocol (2)
27 A minor Flaw of the STS Protocol Perfect denial of service attack
28 Typical Attacks on Authentication Protocols Message Replay Attack (page 43,44)
29 Message Replay Attack
30 Parallel Session Attack (1)
31 Parallel Session Attack (2)
32 Reflection Attack
33 Attack Due to Type Flaw (1)
34 Attack Due to Type Flaw (2)
35 Attack Due to Name Omission
36 Attack Due to Misuse of Cryptographic Services Attack due to absence of data-integrity protection Confidentiality failure due to absence of “ semantic security ” protection
37 A Minor Variation of the Otway- Rees Protocol
38 An Attack
39 Authentication Protocols for Internet Security Internet Protocol Security (IPSec)
40 Confidentiality Protection in IPSec Encapsulating Security Payload (ESP)
41 The Internet Key Exchange (IKE) Protocol (1)
42 The Internet Key Exchange (IKE) Protocol (2)
43 Authentication Failure
44 Signature-based IKE Phase 1 Aggressive Mode
45 A Plausible Deniability Feature in IKE Plausible Deniability: Permit an entity to deny “plausibly” the existence of a connection with a Communication partner
46 The Secure Shell (SSH) Remote Login Protocol (1) The SSH Architecture The SSH Transport Layer Protocol Unilaterally authenticated secure channel from the server to the client The SSH User Authentication Protocol Unilateral authentication protocols to achieve entity authentication from a client-side user to the server The SSH Connection protocol
47 The Secure Shell (SSH) Remote Login Protocol (2)
48 The Secure Shell (SSH) Remote Login Protocol (3)
49 The Secure Shell (SSH) Remote Login Protocol (4)