Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Authentication Celia Li Computer Science and Engineering York University.

Published byDoris Newton Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Authentication Celia Li Computer Science and Engineering York University."— Presentation transcript:

1 1 Authentication Celia Li Computer Science and Engineering York University

2 2 Authentication The process of determining whether someone or something is, in fact, who or what it is declared to be Overview of authentication Symmetric key authentication protocols (Kerberos) Public key authentication protocols (SSL)

3 3 Overview of Authentication Run before some other protocol a reliable data transfer protocol a routing information exchange protocol Principals: parties who cooperate by exchanging messages over networks.

4 4 Notation A protocol consists of a sequence of messages between principals and will be described using different notations. E(K : M) denotes encrypting message plaintext M with key K. Principals are generally denoted by capitals such as A, B and S (for a server) (1) A  B : M1 (2) B  S : M2 (3) S  B : M3

5 5 Notation Na: A number generated by a principal A. Used only once for the purposes of the current run of the protocol and is generally termed as a nonce. A nonce could be a timestamp, a sequence numbers or a pseudo-random number. A  B : A, E(Kab : Na)

6 6 Notation Timeliness in Authentication Protocols An authentication protocol is required to guarantee that the parties involved in the authentication process are present during the execution of the protocol. Timestamps, sequence numbers, and other types of nonces are generally used to assess freshness of messages.

7 7 Attacks on Authentication Protocol Reply attack: The attacker records the data of a successful authentication and replays this information to attempt to falsely authenticate to the verifier. Counter measures: using of sequence numbers, timestamps, or pseudo-random numbers.

8 8 Symmetric Key Authentication Without Trusted Third Party Symmetric key one-pass unilateral authentication protocol Ta: Timestampts, Na: Sequence number, Ra, Rb: Random numbers. B authenticates A: Symmetric key two-pass unilateral authentication protocol Symmetric key three-pass mutual authentication If Ta (timestamp) has a recent value, B can prove A’s identity. B authenticates A: A authenticates B:

9 9 Symmetric Key Authentication With Trusted Third Party S: Trusted Third Party A B A gets a shared key Kab generated by S A & B trust S, Kas is a shared key of A & S, Kbs is a shared key of B & S B gets shared key Kab A authenticates B B authenticates A (1) (2) (3), (5) (4)

10 10 Kerberos Authentication V5 In traditional systems, we use password-based authentication. Passwords sent across the network can be intercepted and subsequently used by eavesdroppers to impersonate the user. Password based authentication is inconvenient; users do not want to enter a password each time they access a network service.

11 11 Kerberos Authentication V5 Kerberos Ticket A certificate issued by an authentication server, encrypted using the authentication server key. The ticket contains the key that will be used for authentication of the principal to the verifier the name of the principal to whom the key was issued an expiration time Because the ticket is encrypted in the server key, known only by the authentication server and intended verifier, it is not possible for the client to modify the ticket without detection.

12 12 Kerberos authentication A & G are third parties, client C and sever S need to authenticate each other In (1) & (2), C obtains a ticket Tcg from A in order to contacts G In (3) & (4), C obtains a ticket Tcs from G in order to contacts S In (5), S authenticates C In (6), C authenticates S Support single sign-on Tcg is issued once Each Tcs is issued for each server C gets shared key Kcg C forwards ticket Tcg to G C gets shared key Kcs In (5), C forwards ticket Tcs to S, S gets shared key Kcs, S authenticates C C authenticates S

13 13 Public Key Certificate Kerberos supports single sign on Kerberos eliminates the problem of having passwords for each of many different services by introducing a new service, called the ticket granting server (G). After receiving the ticket grant ticket, any time that the user wishes to contact a service, the user's password is not needed. As long as you have a Ticket Grant Ticket, you can use any Kerberized service without the need to enter your password again.

14 14 Public Key Certificate An electronic document which uses a digital signature to bind together a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual. An electronic "credit card" that establishes your credentials when doing business or other transactions on the Web. Issued by a CA (certification authority), such as VeriSign, etc.

15 15 Public Key Certificate Public key certificates include the following information: Public key of the subject Distinguished Name of the subject Validity period of the certificate Distinguished Name of the certificate issuer Digital signature of the certificate issuer

16 16 Public Key Authentication without Trusted Third Party Public key one-pass unilateral authentication protocol Public key two-pass unilateral authentication protocol Public key three-Pass mutual authentication protocol CertA: public key certificate of A, Ka -1 : private key of A, Kb -1 : private key of b B authenticates A: A authenticates B:

17 17 Public Key Authentication with Trusted Third Party Needham-Schroeder Public Key Authentication Protocol S: Trusted Third Party A B B authenticates A by verifying Nb A authenticates B by verifying Na S sends B’s public key Kb to A S sends A’s public key Ka to B B asks A’s public key from S B gets A’s identity A asks B’s public key from S (1) (2) (3) (4) (5) (6) (7)

18 18 Secure Soket Layer Protocol (SSL) l Universally accepted on the Web for authenticated and encrypted communication between clients and servers. l Protect sensitive information such as Social Security Number (SSN), Credit Card Number, etc. Web ServerClient

19 19 SSL Server Certificate The SSL protocol requires a server certificate so that client can authenticate the server. Client Certificate You can optionally configure your server to request a client certificate so that server can authenticate the client. Web Server Client Trust based on certificate

20 20 SSL 1.Client  server: Hello message 2.Server  client: server’s public key certificate, including server’s public key, digital signature signed by certificate authority (CA) 3.Client uses CA’s public key to verify digital signature signed by CA, thus verifies server’s certificate. 4.Client  server: a random number in order to prove server’s identity. 5. Server encrypts random number with its private key. 6. Server  client: the encrypted message 7.Clients decrypts the message using server’s public key to verify identity of the server. Client authenticates server based on certificate issued by certificate authority (CA)

21 21 Compare SSL and Kerberos SSLKerberos Uses public key encryptionUses symmetric key encryption Certificate based (asynchronous) Relies on a trusted third party (synchronous) Ideal for secure communications with a large, variable user base that is not known in advance, such as the WWW. Ideal for networked environments where all services and users are known in advance.

22 22 Authentication Protocols in WLAN WPA (Wi-Fi Protected Access) Certification program created by the Wi-Fi Alliance to secure wireless computer networks.Wi-Fi Alliance Provides stronger data encryption and user authentication Implements the majority of the IEEE 802.11i standard.IEEE 802.11i The three entities are the client, the Authentication Server (AS), and the AP. Supports EAP (extensible authentication protocol)

23 23 Extensible Authentication Protocol (EAP) EAP is a universal authentication framework used in WLANs. EAP can embed other authentication protocols, such as LEAP, TLS ClientsAccess Point Authentication Server Common Messages Apply to different protocols

24 24 Authentication Protocols in WLAN Symmetric key approach: EAP-LEAP Public key approach: EAP-TLS Symmetric Key Approaches Efficient and require little computational power. Especially important in wireless networks because many wireless devices, such as PDAs and mobile VoIP phones, have little computational power. Drawbacks: most protocols derive the shared secret from the user's password and some passwords are not strong, it is easy for the attacker to extract the secret key from them.

25 25 Lightweight Extensible Authentication Protocol (LEAP) Authentication server is integrated with access point in LEAP

26 26 Authentication Protocols in WLAN Public key Approaches: Provides strong security. Does not provide a way to authenticate clients who do not have a certificate that are signed by the CAs that the authentication server (AS) trusts. Example: EAP-TLS

27 27 EAP-Transport Layer Security (EAP-TLS) AS verifies client’s digital signature using client’s public key got from client’s certificate Cert client Get random number p by decrypting with its private key Client calculates H(c,s,p), compares it with the value sent by As

Download ppt "1 Authentication Celia Li Computer Science and Engineering York University."

Similar presentations

AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
NETWORK SECURITY.

NETWORK SECURITY.
CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.

CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.

Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.

Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.

Similar presentations

Ads by Google