Download presentation
Presentation is loading. Please wait.
Published byJeremy Jordan Modified over 9 years ago
1
Authentication Issues and Solutions CSCI 5857: Encoding and Encryption
2
Outline Replay attacks and solutions –Timestamps –Nonces Storing passwords –Hashing/salting passwords files Challenge-response authentication –Symmetric keys –Public keys
3
3 Replay Attacks Adversary records message from sender to recipient Resends message to recipient (claiming to be sender) Any signatures, digests, etc. will be correct! M = “Give Darth a $1,000 raise -- Alice” M, h(k, M)
4
4 Timestamp Solution Include timestamp in message –Adversary cannot alter if part of digest –Verifier can reject second message with same timestamp Problems if timestamp not accurate –Clocks not synchronized, no universal time scheme used –Example: different time zones could cause multiple legitimate messages with same timestamp! M = “Give Darth a $1,000 raise -- Alice” M | time, h(k, M | time ) Accept Reject
5
5 Nonce Solution Claimant generates random number not sent before Verifier keeps list of previous nonces sent by claimant If current message nonce is in that list, this is a replay previous nonces New nonce N M M | N, h(k, M | N) Alice’s previous nonces N M search
6
6 Nonce Solution Simpler approach for claimant: Generate random number without keeping track of whether sent before –Very unlikely to generate same number twice If current message nonce already sent, verifier can challenge by requesting another nonce Randomly generated nonce N M M | N, h(k, M | N) Alice’s previous nonces N M search Challenge if nonce already used
7
7 Passwords Universal method for claimant to prove identity Attacks on passwords: –Adversary may hack into password file –Adversary may try large number of common passwords
8
8 Hashing the Passwords Store hash of passwords instead of passwords –Can verify given password hashes to same value in file –Cannot recover user’s password from its hash (or even create one with same hash) “Even if I know h(P A ), I still can’t figure out P A ”
9
9 Salting the Passwords Attacker can use “possible message” attack on commonly used passwords –Hashing list of commonly used passwords –Search stolen password file for matching hash value –Tables of common passwords hashed with common algorithms (SHA-2) widely available! PasswordPassword hashed with SHA-2 hello11000101001010000101001 1234500010010010100010101110 …… “I can just search for these to find someone’s password”
10
Solution: “Lengthen” passwords with extra bits –“Salt” = random bits added to end, indexed to claimant –Digest = h(password + salt) Hashes no longer match precomputed tables 10 Salting the Passwords
11
11 Passwords and Keys Problem: How can a passphrase be converted into a binary key Solution: Use hash algorithm to convert a passphrase into a key –Convert passphrase into binary ASCII/Unicode string –Apply hash algorithm (possibly truncating to desired key size) –Has good avalanche effect (2 similar passphrases have very different hashes) 1001010101010100101101010100110010101000011… Help!
12
12 Challenge-Response Authentication Problem with passwords: Claimant sending a secret to the verifier –May be intercepted –May be sold Better idea: –Claimant proves know secret without sending it to verifier –Verifier asks question that can only be answered by claimant with that knowledge Challenge: One-time value sent to claimant –Random number, timestamp, nonce Response: Result of function applied to value –Function includes secret that only claimant knows Alice’s password $$$
13
13 Symmetric Key Challenge-Response Both Alice and Bob verifier know secret symmetric key K –Alice sends request for access –Bob sends nonce R B as challenge –Alice encrypts nonce with symmetric key K A-B –Bob decrypts with K A-B –If result is original nonce R B, then identity verified –Note that actual secret knowledge K A-B never sent! “I can’t answer the challenge unless I know K A-B ”
14
14 Public Key Challenge-Response Alice has public key K A and corresponding private key –Alice sends request for access –Bob encrypts nonce R B with K A and sends as challenge –Alice decrypts nonce with her private key, and sends back to Bob –If result is original nonce R B, then identity verified “I can’t answer the challenge unless I know Alice’s private key ”
15
15 Signature Challenge-Response Alice has public key K A and corresponding private key –Alice sends request for access –Bob sends nonce R B as challenge –Alice signs nonce with her private key, and sends back to Bob –Bob verifies signature with Alice’s public key and nonce value “I can’t answer the challenge unless I know Alice’s private key ”
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.