1. Strong Password Authentication Protocols
By Roger Wong

2. What is Authentication?
Form of Identity Verification
Showing the system that you are who you say you are
Three general ways
Something you know
Something you have
Something you are

3. Something you know Example: Passwords
Pros:
Easy to implement
Most users understand it
Cons:
Fairly easy to crack if the password is simple enough
Most people reuse passwords
Some ways around this is to use One-Time Passwords

4. Something you have Example: Smart Cards
Tamper-resistant, stores secret information
Scan in card-reader. Like SMU ID
Other examples are Tokens, ATM Cards, and iButtons
All depends on the difficulty of forging

5. Something you are Mainly involves biometrics
Extremely hard to break into
Some cons are false negatives/positives, social acceptance, and key management

6. Multi-factor authentication
A three-factor authentication involved all three will be secure but not as usable
Two factor authentication is more widely used.
My.SMU
Using your ID for the dorms

7. Computer Authentication
What about computer to computer authentication?
Three types of computer authentication
Client authentication – server verifying the client’s identity
Server authentication – client verifying the server’s identity
Mutual authentication – client and server verifying each other’s identity

8. Some methods of mutual authentication
Kerberos – a computer network authentication protocol
Diffie-Hellman key exchange – one of the first public-key protocols

9. Kerberos

18. Diffie-Hellman key exchange

19. Conclusion
These are just some of the strong password authentication protocols
Person authenticating themselves
Something you have
Something you know
Something you are
Computer authenticating themselves
Client authentication – server verifying the client’s identity
Server authentication – client verifying the server’s identity
Mutual authentication – client and server verifying each other’s identity