Download presentation
Presentation is loading. Please wait.
Published byShanon Rose Modified over 8 years ago
1
Wireless Authentication Using Remote Passwords Authors: Andrew Harding, Timothy W. van der Horst, and Kent E. Seamons Source: Proceedings of the first ACM conference on Wireless network security, 2008, pp. 24-29 Presenter: Jung-wen Lo ( 駱榮問 )
2
2 Outline Introduction Simple Authentication for the Web, 2007 Secure Remote Password, 1998 Surrogate SRP (sSRP) Wireless Authentication Using Remote Passwords (WARP) Threat analysis Conclusion & Comment
3
3 Introduction Current wireless authentication mechanisms User-specific certificates (PKI) Global passphrases e.g. WPA-PSK (Wi-Fi Protected Access-Pre-Shared Key) Username/password pairs => Too heavy or inflexible Simple Authentication for the Web (SAW) Simple Authentication for the Web Decentralized authentication of globally unique personal messaging identifiers Three principle 1. Reuse existing identifiers and authenticators 2. Tightly couple identifiers and identity providers 3. Authentication requires that users obtain two tokens known to the relying party 1st token is given to the initiator of an authentication 2nd token is only obtained after a successful authentication to the identity provider SAW, SRP(Secure Remote Password) WARP
4
4 Secure Remote Password Password-based mutual authentication ID,Salt,Verifier s: Salt B: Ephemeral session parameter K: Session key P U,P H : Proof of K
5
5 Surrogate SRP (sSRP) KS: Random value; =KS IDP +KS U P KS =H(I||G||N||s||B||A||P U ||P IDP ||KS)
6
6 WARP Incarnation of sSRP for wireless authentication U ← Wireless supplicant S RP ← Authentication server AS EAP-WARP Wireless supplicant (S) Authentication server (AS) EAP-success message 6. EAP master session key (MSK) KS
7
7 Threat analysis Attack KS=KS IDP +KS U One-time impersonation resistant sSRP D: PK of IDP
8
8 Conclusion & Comment Conclusion SRP enable to authenticate using existing identifier sSRP replace the use of email in the original SAW protocol for website logins WARP is a convenient and secure wireless authentication mechanism Comment Eliminate the PKI-based approaches
9
9 Simple Authentication for the Web Authors: Timothy W. van der Horst and Kent E. Seamons Src: Proceedings of the 16th international conference on World Wide Web, 2007, pp. 1217-1218 Protocol
10
10 Secure Remote Password Protocol,1998 Initiation Protocol CarolSteve Salt s x=H(s,P) v=g x C,s,v s: salt v: Verifier P: password a,b,u: Random #
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.