Presentation is loading. Please wait.

Presentation is loading. Please wait.

User Authentication - Principles and Methods1 User Authentication Principles and Methods David Groep, NIKHEF.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "User Authentication - Principles and Methods1 User Authentication Principles and Methods David Groep, NIKHEF."— Presentation transcript:

1 User Authentication - Principles and Methods1 User Authentication Principles and Methods David Groep, NIKHEF

2 User Authentication - Principles and Methods2 Principles and Methods Authorization factors Cryptographic methods Authentication for login How secure is security?

3 User Authentication - Principles and Methods3 Authentication Establishing the identity of your partner credential persistence Authentication Factors what you know, what you have, what you are 012 none web browser, coffee machine, … login(1), ssh without key agent, Girotel’s GIN DigiPass (Rabobank), SecurID, PKI, CryptoCard (sec), Schiphol’s Privium long(er) time (DNS cache)ssh key-agent, Kerberos TGT Kerberos+CryptoCard, GSI (Grid Security Infrastructure)*

4 User Authentication - Principles and Methods4 Ingredients for ≥1 factor Auth Cryptography –symmetric –asymmatric Trust –user-to-system –system-to-system –system-to-user

5 User Authentication - Principles and Methods5 Keeping it private: cryptography symmetric crypto: –common key is used to encrypt and decrypt –key must be exchanged over a pre-existing private channel –arbitrarily complex methods (XOR, 3DES, IDEA, …) asymmetric “public key” crypto: –a key-pair has encryption and decryption key –keys cannot be derived from each other –one key can be broadcasted publicly –popular methods: RSA, DSA

6 User Authentication - Principles and Methods6 Symmetric crypto Exchanging the key is main problem Many algorithms, from worthless to pretty good (Caesar’s, XOR, Enigma, DES, 3DES, IDEA, CAST5) Examples: –XOR: key=0x56, plaintext=45: 01010110 = 0x56(key) 00101101 = 45(plain text) 01111011 = 123(encrypted message) 01010110 = 0x56(same key) 00101101 => 45

7 User Authentication - Principles and Methods7 Public Key crypto: how? Example: Alice Bob (e,n)(e,n)(d,n)(d,n) (e,n)(e,n) m n = pq c (d,e,p,q)(d,e,p,q) public space c=E e,n (m) D d,n (c) → m

8 User Authentication - Principles and Methods8 RSA key generation Take a (small) value e = 3 Generate a set of primes (p,q), each with a length of k/2 bits, with (p-1) prime relative to e. (p,q) = (11,5)  (p,q) = (11-1)(5-1) = 40; n=pq=55 find d, in this case 27 [3*27 = 81 = 1 mod(40)] Public Key: (3,55) Private Key: (27,55)

9 User Authentication - Principles and Methods9 An RSA message exchange Encryption: Bob thinks of a plaintext m(<n) = 18 Encrypt with Alice’s public key (3,55) c=E 3;55 (18)=18 3 mod(55) = 5832 mod(55) = 2 send message “2” Decryption: Alice gets “2” she knows private key (27,55) E 27;55 (2) = 2 27 mod(55) = 18 ! If you just have (3,55), it’s hard to get the 27… (3,55)

10 User Authentication - Principles and Methods10 Uses of public-key crypto Confidentiality no-one but the recipient can read what you say Message integrity encrypt a digest of your message with a private key Non-repudiation similar to integrity This encryption works both ways with 2 key pairs

11 User Authentication - Principles and Methods11 From public-key crypto to trust You establish communication between key pairs but not between entities! Binding needed between key pair and an identity ( this is implicit in symmetric solutions, but not here!) in a trusted way … Anarchic models (SSH) Distributed trust models (PGP) Hierarchical (authoritarian) model (PKI)

12 User Authentication - Principles and Methods12 Methods (1): login/telnet -style Only one factor, a password in the user’s memory Password must be kept secret –should not be sent in clear over networks –user must not write it down in clear –should not be guessable problems with all of the above…

13 User Authentication - Principles and Methods13 Methods (2): ssh with passwords still only one factor: the password but each SSH daemon as a RSA* key pair: –public key is sent to the client –this is used to encrypt a (symmetric) session key –password and future data are sent within the encrypted session

14 User Authentication - Principles and Methods14 Methods (2): ssh with passwords Problems with SSH password authentication: –key distribution problem how can the client verify that the host public key is correct? only trivial alerts against change of host key –no single sign-on (login to a new host requires typing the password) –leads to guessable passwords or writing them down!

15 User Authentication - Principles and Methods15 Methods (3): ssh with client keys Have the client generate an RSA key pair locally: ssh-keygen → ~/.ssh/id_rsa & ~/.ssh/id_rsa.pub The public part of this key is stored on remote server in user homedir: ~remoteuser/.ssh/authorized_keys2 ssh remoteuser@remotehost challenge encrypted with public key sent to user; can he decrypt it? same keypair can be used for all hosts

16 User Authentication - Principles and Methods16 Methods (3): ssh with client keys The (local) user keypair is a very valuable target! Need to (symmetrically) encrypt the private key (~/.ssh/id_rsa) to get single sign-on: –in-memory proxy agent can serve the private key to new clients (ssh-agent, ssh-add ~/.ssh/id_rsa) –protected with unix file privileges on socket –contact information in environment variables Key distribution problem is still there…

17 User Authentication - Principles and Methods17 Methods (4): Kerberos Based on symmetric cryptography One Key Distribution Centre (KDC) per `Realm’ –Authentication Service (AS) and –Ticket Granting Service (TGS) KDC supplies limited-lifetime “tickets” to principals –Ticket Granting Ticket, encrypted with hash of password –Service Tickets (ST), verified using the TGT Every service also shares a secret with the KDC (kadmin: add_principal host/satan.hell.org@HELL.ORG)

18 User Authentication - Principles and Methods18 Methods (4): Kerberos User contacts KDC and gets TGT, encrypted using 3DES with hash of password as key TGT used to encrypt session where ST is requested from KDC user gets ticket only when authorized by the KDC AS ST encrypted with password of service’s principal If service can decrypt ticket, it can be used to exchange new session key KDC has copy of every principal’s password! Has active role, thus central point of failure

19 User Authentication - Principles and Methods19 Methods (5): PKI Public Key Infrastructure, PKI, aims to solve the key distribution problem for public key crypto Trusted third party (Certification Authority) binds authentication data to a public key: the Certificate

20 User Authentication - Principles and Methods20 Methods (5): PKI The PKI Certificate `X.509’ –structured message with: –public key –identifier(s) –digitally signed by a trusted third party Certification Authority (CA) –binds identifiers to a public key –in accordance with a defined Certification Policy –following the guidelines of a C. Practice Statement

21 User Authentication - Principles and Methods21 Methods (5): PKI Certificate used without interaction with CA Life-time: usually 1 year (should depend on RSA key length) Used in TLS protocols (formerly SSL) Public key encrypts a (symmetric) session key Can be used both ways (client authentication) Also for message security Applications: https, S/MIME. Popular CA’s: Verisign, Thawte

22 User Authentication - Principles and Methods22 Methods (5): PKI Problems with PKI –public keys for trusted CA’s need to be distributed –difficult to invalidate credentials (`revocation’) –need to protect private key with passphrase, no implicit single sign-on; key may still be on disk… –CA is accountable for the binding he makes –heavy registration procedure (RA’s, etc.) –site admins risk doing double work when working with user certs for sensitive work/login

23 User Authentication - Principles and Methods23 Methods (6): GSI Grid Security Infrastructure (GSI), based on PKI user generates limited `proxies’ of long-living credential proxy secured by regular unix file permissions life-time usually 12 hours possible to limit capabilities (`only read e-mail’) proxy signed by long-lived key, that is signed by CA proxy implements single sign-on other PKI problems remain: key on disk, double work, heavy CA applications: grid job run, file access, gsi-ssh

24 User Authentication - Principles and Methods24 One-time pads Adds extra factor to authentication (cryptocard) Cryptocard serves as password generator but needs activation data (PIN code) Clock syncronization cryptocard & host/server can be used over any channel (login, telnet, ssh, …)

25 User Authentication - Principles and Methods25 Hardware tokens Store precious credentials on detached active storage Examples: –SecurID*: small processor on-board decrypts challenge with the built-in private key, key never leaves card (RSA or symmetric key) –Chipknip (3DES symmetric key)

26 User Authentication - Principles and Methods26 Summary of Methods 1.Login, Telnet 2.ssh with password authentication 3.ssh with RSA authentication 4.Kerberos 5.PKI 6.GSI Additional bonus options for (almost) all: –one-time pads –hardware tokens

27 User Authentication - Principles and Methods27 Conclusions Plenty of options, –from weak to strong, –for harmless stuff and for military-grade secrets No silver bullet –Security is about reducing risk, not eliminating risk –Users are oblivious to security: if it’s too difficult, they will: write their password on the wyteboard type their password in plain text in scripts to renew credentials install their own back-doors ……

Download ppt "User Authentication - Principles and Methods1 User Authentication Principles and Methods David Groep, NIKHEF."

Similar presentations

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.

Security Protocols Sathish Vadhiyar Sources / Credits: Kerberos web pages and documents contained / pointed.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Lecture 2: Security Rachana Ananthakrishnan Argonne National Lab.

Lecture 2: Security Rachana Ananthakrishnan Argonne National Lab.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Introduction to Cryptography

Introduction to Cryptography
Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Security Chapters 14,15. The Security Environment Threats Security goals and threats.

Similar presentations

Ads by Google