Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication John C. Mitchell Stanford University CS 99j.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Authentication John C. Mitchell Stanford University CS 99j."— Presentation transcript:

1 Authentication John C. Mitchell Stanford University CS 99j

2 Computer security Computer security is concerned with the detection and prevention of unauthorized actions by users of a computer system.

3 Authentication uVerify identity Only allow authorized access uMessage authentication (different concept) Confirm source and integrity of message Message received is the same as message sent

4 Fundamental limitation I am talking to Joe I am talking to someone who has Joe’s Password Private key Thumbprint

5 Outline uPassword authentication Unix password scheme Dictionary attack uChallenge-response mechanisms uAuthentication protocols uProtocol analysis methods

6 Password authentication uBasic idea User has a secret password System checks password to authenticate user uIssues How is password stored? How does system check password? How easy is it to guess a password?

7 Basic password scheme Password fileUser exrygbzyf kgnosfix ggjoklbsz … kiwifruit hash function

8 Basic password scheme uHash function h : strings  strings Given h(password), hard to find password No known algorithm better than trial and error uUser password stored as h(password) uWhen user enters password System computes h(password) Compares with entry in password file uNo passwords stored on disk

9 Unix password system uHash function is 25xDES Number 25 was meant to make search slow uPassword file is publicly readable Other information in password file … uAny user can try “dictionary attack” User looks at password file Computes hash(word) for every word in dictionary u“Salt” makes dictionary attack harder Otherwise, compare hash(word) to all passwords

10 Salt [Belgers] uPassword line account:crypted-passwd:uid:gid:user-name:homedir:shell walt:fURfuu4.4hY0U:129:129:Belgers:/home/walt:/bin/csh uChecking with salt

11 Another password vulnerability void check_passwd(char *name, passwd) { char buffer1[2]; char buffer2[2]; /* place password for name in buffer 1 */ strcpy(buffer2,passwd) if (buffer1[1]==buffer2[1] && buffer1[1]==buffer2[1]) { /* allow login */ }; else { /* disallow login */ }; }

12 Extra Reading uFind Phrack archives.oO Phrack 49 Oo. Volume Seven, Issue Forty-Nine uLook for this article XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Smashing The Stack For Fun And Profit XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX by Aleph One aleph1@underground.org

13 Challenge-response Challenge f(key,string) string Response Secret key User

14 Challenge-response authentication uChallenge System presents user with some string uResponse User computes f(key,string) uAuthentication Check property of f(key,string) Secret data can stay secret: no password is sent What kind of function will work?

15 Authentication protocols uMany protocols to confirm identity Clark-Jacob survey of 50 protocols uCommon use Client and server confirm identity and agree on secret encryption key

16 Network connection uTCP syncronize/acknowledgement Client Server SYN SYN-ACK ACK sequence numbers omitted...

17 Needham-Schroeder Key Exchange { A, Na } Kb { Na, Nb } Ka { Nb} Kb Result: A and B share two private numbers not known to any observer without K a -1, K b -1 AB

18 Anomaly in Needham-Schroeder AE B { A, N a } { N a, N b } { N b } KeKe KbKb KaKa KaKa KeKe Evil agent E tricks honest A into revealing private key N b from B. Evil E can then fool B. [Lowe]

19 Repaired Needham-Schroeder Protocol { A, Na } Kb { Na, B, Nb } Ka { Nb} Kb Result: A and B share two private numbers not known to any observer without K a -1, K b -1 AB

20 How do we know this is correct? uThink a lot uAsk smart people uSystematic methods Protocol logics –BAN, GNY, SvO, … Model checking –Exhaustive testing of finite systems Mathematical proof –Prove an abstract form of protocol is correct –Even with simplifications, requires computer assistance

21 Explicit Intruder Method Intruder Model Analysis Tool Formal Protocol Informal Protocol Description Gee whiz. Looks OK to me.

Download ppt "Authentication John C. Mitchell Stanford University CS 99j."

Similar presentations

Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are.

Luu Anh Tuan. Security protocol Intruder Intruder behaviors Overhead and intercept any messages being passed in the system Decrypt messages that are.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
Authentication attacks, causes and solutions Analyzing man in the middle and dictionary attacks against SSL/TLS and password based authentication systems.

Authentication attacks, causes and solutions Analyzing man in the middle and dictionary attacks against SSL/TLS and password based authentication systems.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.

CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.

Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.
1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.

1 Chapter 11: Authentication Basics Passwords. 2 Establishing Identity Authentication: binding of identity to subject One or more of the following –What.
Analysis of Security Protocols (I) John C. Mitchell Stanford University.

Analysis of Security Protocols (I) John C. Mitchell Stanford University.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.

Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.
CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 24 Jonathan Katz.
More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.

Outline User authentication –Password authentication, salt –Challenge-response authentication protocols –Biometrics –Token-based authentication Authentication.

Similar presentations

Ads by Google