Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept. 2011 Part I: Introduction to Number Theory Part II: Advanced.

Published byGrant Chester Jennings Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept. 2011 Part I: Introduction to Number Theory Part II: Advanced."— Presentation transcript:

1 1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept. 2011 Part I: Introduction to Number Theory Part II: Advanced Cryptography

2 2 Basic Authentication Techniques  Challenge-Response Mechanisms

3 3 Manipulation Detection Code

4 4 Applying Asymmetric Cryptographic Technique Nonce Importance:

5 5 Standardization of the Challenge- Response Mechanism Unilateral entity authentication ISO Two-Pass Unilateral Authentication Protocol

6 6 Using a Cryptography Check Function (CCF)

7 7 ISO Public Key Two-Pass Unilateral Authentication Protocol

8 8 Timestamp Mechanism

9 9 Using MDC

10 10 Applying Asymmetric Cryptographic Techniques

11 11 Standardization of Timestamp Mechanism ISO Symmetric Key One-Pass Unilateral Authentication Protocol

12 12 CCF & Public Key Techniques

13 13 Non-standard Mechanisms

14 14 Mutual Authentication

15 15 Wiener ’ s Attack

16 16 Involving Trusted Third Party The Woo-Lam Protocol

17 17 Password-based Authentication

18 18 Needham ’ s Password Protocol

19 19 A One-time Password Scheme

20 20 Attack of S/KEY: Man-in-the- Middle Attack  Page 371

21 21 Encrypted Key Exchange (EKE) (1) Off-line Dictionary Attack

22 22 Encrypted Key Exchange (EKE) (2)

23 23 Authenticated Key Exchange  The Station-to-Station (STS) Protocol Mutual Entity Authentication Mutually Authenticated Key Agreement Mutual Key Confirmation Perfect Forward Secrecy (PFS) *Anonymity (Deniability)

24 24 STS Protocol

25 25 A Flaw in a Simplified STS protocol (1)

26 26 A Flaw in a Simplified STS protocol (2)

27 27 A minor Flaw of the STS Protocol Perfect denial of service attack

28 28 Typical Attacks on Authentication Protocols  Message Replay Attack (page 43,44)

29 29 Message Replay Attack

30 30 Parallel Session Attack (1)

31 31 Parallel Session Attack (2)

32 32 Reflection Attack

33 33 Attack Due to Type Flaw (1)

34 34 Attack Due to Type Flaw (2)

35 35 Attack Due to Name Omission

36 36 Attack Due to Misuse of Cryptographic Services  Attack due to absence of data-integrity protection  Confidentiality failure due to absence of “ semantic security ” protection

37 37 A Minor Variation of the Otway- Rees Protocol

38 38 An Attack

39 39 Authentication Protocols for Internet Security  Internet Protocol Security (IPSec)

40 40 Confidentiality Protection in IPSec  Encapsulating Security Payload (ESP)

41 41 The Internet Key Exchange (IKE) Protocol (1)

42 42 The Internet Key Exchange (IKE) Protocol (2)

43 43 Authentication Failure

44 44 Signature-based IKE Phase 1 Aggressive Mode

45 45 A Plausible Deniability Feature in IKE Plausible Deniability: Permit an entity to deny “plausibly” the existence of a connection with a Communication partner

46 46 The Secure Shell (SSH) Remote Login Protocol (1)  The SSH Architecture The SSH Transport Layer Protocol  Unilaterally authenticated secure channel from the server to the client The SSH User Authentication Protocol  Unilateral authentication protocols to achieve entity authentication from a client-side user to the server The SSH Connection protocol

47 47 The Secure Shell (SSH) Remote Login Protocol (2)

48 48 The Secure Shell (SSH) Remote Login Protocol (3)

49 49 The Secure Shell (SSH) Remote Login Protocol (4)

Download ppt "1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept. 2011 Part I: Introduction to Number Theory Part II: Advanced."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Secure Mobile IP Communication

Secure Mobile IP Communication
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
1 CCSDS Security Architecture Key Management 13 th April 2005 Athens.

1 CCSDS Security Architecture Key Management 13 th April 2005 Athens.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Authentication & Kerberos

Authentication & Kerberos
Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Security at the Network Layer: IPSec

Security at the Network Layer: IPSec
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
Introduction to PKI, Certificates & Public Key Cryptography Erwan Lemonnier.

Introduction to PKI, Certificates & Public Key Cryptography Erwan Lemonnier.
7.3 Network Security Controls 1Network Security / G.Steffen.

7.3 Network Security Controls 1Network Security / G.Steffen.
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

Similar presentations

Ads by Google