Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”)

Published byJean Flynn Modified over 9 years ago

Similar presentations

Presentation on theme: "Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”)"— Presentation transcript:

1 Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”) A hash that is computed from the user password using PBKDF2 (SHA- 1, iterated 10,000 times) is used as the master key. The master key is never stored or transferred to the client or server. The master key is used to derive additional keys for different functions. MK = PBKDF2(salt, password) Derived keys are computed using the HMAC (SHA-256) of the master key and a designated string. With derived keys, we are able to use multiple keys for different functions, but only require the user to keep track of one password. The derived keys are stored on the server, and may be transferred to the client or server when requested. HMAC-based Extract-and-Expand Key Derivation Function (HKDF) Why this approach? The HKDF approach allows greater security for a few reasons: Both the master key and the password are not stored on the server or client Both the master key and the password are not sent over network traffic between the client and the server (except during registration and salt/password reset, only the master key is sent over) Only the salt that the server computed, the authentication key, and the client encryption key may be sent over the network. Only the authentication key is stored on the client.

2 Registration ClientServer Send username, MK, user information Compute salt Compute MK with salt & user password Compute derived keys using MK Store information in database Encrypt database record with server encryption key* Respond with success/failure Proceed with first-time login *The server encryption key is stored in a separate database that is encrypted with a private key on the server. The server encryption key is used to decrypt the database record to verify the authentication key. Request salt Respond with salt

3 First-Time Login *The authentication key is only saved if the user chooses to save his or her login credentials. ClientServer Request salt Respond with salt Compute MK with salt & user password Compute authentication key using MK Send authentication key Verify authentication key Respond with success/failure Save authentication key for next time*

4 N-Time Login ClientServer Send authentication key Verify authentication key Respond with success/failure Save authentication key for next time* *The authentication key is only saved if the user chooses to save his or her login credentials.

5 Reset Master Key ClientServer Request new salt Decrypt database Send current MK, new MK Compute derived keys using new MK Re-encrypt database record with new server encryption key Verify password by computing authentication key with old MK and authenticating Respond with success/failure Proceed with first-time login Security Precautions Since only the authentication key is stored on the device (and not the master key or password), the malicious user does not know the password. We can authenticate the legitimate user by using the password to compute a master key, and then an authentication key and verifying it against the one stored on the server. Compute current MK with salt & user password Request current salt Respond with salt Compute new MK with new salt & user password Respond with new generated salt Replace old salt with new salt in DB

Download ppt "Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”)"

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Securing the Worlds Information Secure Dynamic Credit and Debit Cards Stop Credit Card and Identity Theft Andre Brisson Stephen Boren Co founders/ Co.

Securing the Worlds Information Secure Dynamic Credit and Debit Cards Stop Credit Card and Identity Theft Andre Brisson Stephen Boren Co founders/ Co.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi

Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
SCSC 455 Computer Security

SCSC 455 Computer Security
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.

Forms Authority Database Store Username and Passwords: ASP.NET framework allows you to control access to pages, classes, or methods based on username and.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.

Implementation of a Two-way Authentication Protocol Using Shared Key with Hash CS265 Sec. 2 David Wang.
Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.

Real-Time Authentication Using Digital Signature Schema Marissa Hollingsworth BOISECRYPT ‘09.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation.

Apr 30, 2002Mårten Trolin1 Previous lecture – passwords Passwords for authentication –Storing hashed passwords –Use of salt Passwords for key generation.
Kerberos Authenticating Over an Insecure Network.

Kerberos Authenticating Over an Insecure Network.
CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 14 Jonathan Katz.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

Similar presentations

Ads by Google