CSCE 465 Lecture 23

« previous | Tuesday, April 16, 2013 | next »

Authentication

User Authentication

process of reliably verify certain information

Examples:

• User Authentication: allow user (supplicant) to prove his/her identity to another entity (verifier), such as a system or device
• Message Authentication: Verify that message has not been altered without proper authorization

Based on

• What user knows (password, personal information, key, credit card number)
• Where user is or where he/she can be reached (email address, IP address)
• Physical characteristics of user (fingerprints, voiceprint, signature, iris, DNA, etc.
• What user has in their possession (smart card, physical key, USB token)

Identification

process through which one ascertains the identity of another person or entity

Identification

requires that verifier check information presented against all entities it knows about.

must, by definition, uniquely identify given entity

Authentication

requires information be checked for single, previously identified, entity

doesn't necessarily require uniqueness

Password-Based Authentication

Use secret quantity (password) that prover states to prove he/she knows it

Most common method of user authentication

Issues:

• Password must be easy to remember, but hard to guess (difficult to achieve)
• What makes a good password?
• Where is password stored? and in what form?

When user inputs the requsted password, compute its hash and send that. Compare hash with stored hash value in database.

Threats:

• password guessing/dictionary^[1]
• sending in plain text

Attacks

Suppose passwords can be up to 9 characters long

Potentially 10¹⁸ possible passwords:

• Trying 10 million per second, it would take 320,000 years to exhaust all possibilities
• Not all passwords are equally likely to be used

Example study In a sample of 3000 passwords:

• 500 were easily guessed versions of dictionary words or first/last name
• 86% of passwords were easily guessed
• pet names, common names, common words, dates
• variations (backwards, append digits)

Dictionary Attacks:

• Online (attempting to enter passwords on interface)
• Offline (download hashed results and try hashing all possible passwords)
• Offline Pre-computed (lookup precomputed hashes)

Other Attacks:

• Eavesdropping
• "Trojan horse" password entry
• Man-in-the-middle
• Social engineering
• Phishing

Salting

Make dictionary attack more difficult

Salt is ${\displaystyle n}$-bit random number between 0 and ${\displaystyle 2^{n}}$

• Doesn't protect against online dictionary attack
• Makes offline computationally infeasible (but salt may be publicly provided with password)
• Makes offline pre-computed useless

UNIX uses 16-bit salt

• Two users with identical passwords will have different hash values

Guidelines

1. Initial passwords are system-generated and have to be changed by the user on first login
2. User must change passwords periodically
3. Passwords vurnerable to dictionary attack are rejected
4. User should not use same password on multiple sites

Address-Based

Associates identity with network address or email address

• Assume ID of source can be inferred based on network address from which packets arrive
• Used by many web services
• Early OS functions and tools worked this way:
  • rsh, rlogin, etc.
  • /etc/hosts.equiv
  • ~/.rhosts

Benefits

easy

relatively secure

Threat

Spoofed network address

Crypto-Based

User Performs requested crypto operation on value (challenge that verifier supplies)

The S/Key Protocol

(a.k.a. Lamport's Hash)

developed by the same Lamport that invented LaTeX

IDEA: Using "Disposable" passwords

• Generate long list of passwords, use each only one time
• Eavesdropping does not help
• Remembering long list is not easy.

Generation

1. Alice selects password ${\displaystyle x}$
2. Alice specifies ${\displaystyle n}$, or number of passwords
3. Alice's computer generates a sequence of passwords using a hash chain:
   • ${\displaystyle x_{1}=H(x)}$
   • ${\displaystyle x_{2}=H(x_{1})}$
   • ${\displaystyle x_{3}=H(x_{2})}$
   • …
   • ${\displaystyle x_{n}=H(x_{n-1})}$
4. Alice communicates starting with last value in sequence ${\displaystyle x_{n}}$

This works since hash function ${\displaystyle H(x)}$ is (ideally) not reversible.

Authentication

Assuming server is in posession of ${\displaystyle x_{i}}$

1. Server sends ${\displaystyle i}$
2. Alice replies ${\displaystyle x_{i-1}}$
3. Server checks ${\displaystyle H(x_{i-1})=x_{i}}$

Next time, server will decrement ${\displaystyle i}$

Limitations

Value of ${\displaystyle n}$ limits number of passwords

• chain must be periodically regenerated
• does not authenticate server (extremely vulnerable to man-in-the-middle attack)

Biometrics

Relies on physical characteristics of people to authenticate them

Desired qualities

1. Uniquely identifying for every person
2. very difficult to mimic/forge
3. Highly accurate, no variation
4. Easy to scan or collect
5. inexpensive to implement

Which are concerns for passwords? (2, ..., all?)

Convenient for users, but

• potentially troubling sacrifice of private information
• no technique (yet) has all desired property

Example

• Signature (penmanship
• Fingerprints
• Palm geometry
• Retina scan
• Iris scan
• Facial recognition
• Voice print recognition

Token

hardware-based authentication

Physical device that can be interfaced to the computer and carries identifying information

Types

• Passive
• Active

Examples

• Smart card
• RFID

Time-Synchronized Tokens

Contained Components

• Internal clock
• Display
• Secret key

Computes one-way function of current time and key and displays that.

• this value changes once per minute.
• user reads value and types it in to authenticate to server
• requires server and token time stay synchronized

Summary

1. passwords are most widely used form, despite numerous problems
2. biometrics hold promise, but are expensive, inconvenient, and compromise privacy
3. Two-factor authentication commonly used for higher security
4. One-time passwords (S/Key) are attractive, especially if combined with hardware.

Footnotes