1 / 30

Computer Security: Principles and Practice

Computer Security: Principles and Practice. Chapter 3 – User Authentication. by William Stallings and Lawrie Brown. User Authentication. fundamental security building block basis of access control & user accountability

ishmael-zamora
Download Presentation

Computer Security: Principles and Practice

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security: Principles and Practice Chapter 3 – User Authentication by William Stallings and Lawrie Brown

  2. User Authentication • fundamental security building block • basis of access control & user accountability • is the process of verifying an identity claimed by or for a system entity • has two steps: • identification - specify identifier • verification - bind entity (person) and identifier • distinct from message authentication

  3. Means of User Authentication • four means of authenticating user's identity • based on • something you have - e.g. key, token, smartcard • something you know - e.g. password, PIN • something you are • static biometrics - e.g. fingerprint, retina, face • dynamic biometrics - e.g. voice, typing • somebody you know - the social network of the user, CCS’06 • can use alone or combined • all can provide user authentication • all have issues

  4. Password Authentication • widely used user authentication method • user provides name/login and password • system compares password with that saved for specified login • authenticates ID of user logging and • that the user is authorized to access system • determines the user’s privileges • is used in discretionary access control

  5. Password Vulnerabilities • offline dictionary attack • specific account attack • popular password attack • workstation hijacking • exploiting user mistakes • exploiting multiple password use • electronic monitoring

  6. Countermeasures • stop unauthorized access to password file • intrusion detection measures • account lockout mechanisms • policies against using common passwords but rather hard to guess passwords • training & enforcement of policies • automatic workstation logout • encrypted network links

  7. Use of Hashed Passwords

  8. UNIX Implementation • original scheme • 8 character password form 56-bit key • 12-bit salt used to modify DES encryption into a one-way hash function • 64-bit zeros as initial input, output is further encrypted, … repeated for 25 times • final output translated to 11 character sequence • now regarded as woefully insecure • e.g. supercomputer, 50 million tests, 80 min • sometimes still used for compatibility

  9. Improved Implementations • have other, stronger, hash/salt variants • many systems (Solaris, Linux) now use MD5 • with 48-bit salt • password length is unlimited • is hashed with 1000 times inner loop • produces 128-bit hash • OpenBSD uses Blowfish block cipher based hash algorithm called Bcrypt • uses 128-bit salt to create 192-bit hash value

  10. Password Cracking Approaches • dictionary attacks • try each possible password then obvious variants in large dictionary against hash in password file • rainbow table attacks • precompute tables of hash values of all possible passwords for all possible salts • a mammoth table of hash values • e.g. 1.4GB table cracks 99.9% of alphanumeric Windows passwords in 13.8 secs • not feasible if larger salt values used

  11. Password Choices • users may pick short passwords • e.g. 3% were 3 chars or less, easily guessed • system can reject choices that are too short • users may pick guessable passwords • so crackers use lists of likely passwords • e.g. one study of 14000 encrypted passwords guessed nearly 1/4 of them • would take about 1 hour on fastest systems to compute all variants, and only need 1 break!

  12. Password File Access Control • can block offline guessing attacks by denying access to encrypted passwords • make available only to privileged users • often using a separate (from user IDs) shadow password file • still have vulnerabilities • exploit O/S bug • accident with permissions making it readable • users with same password on other systems • access from unprotected backup media • sniff passwords in unprotected network traffic

  13. Using Better Passwords • clearly have problems with passwords • goal to eliminate guessable passwords • whilst still easy for user to remember • techniques: • user education • computer-generated passwords • reactive password checking • proactive password checking

  14. User Education • A good technique: using the first letter of each word of a phrase; however, don’t pick a well-known phrase • An apple a day keeps the doctor away (aaadktda) • My sister peg is 24 years old (mspi24yo) • Guidelines may be ignored …

  15. Computer-generated Passwords • FIPS PUB 181 defines one of the best-designed automated password generators • Generate words by forming pronounceable syllables • In general, computer-generated password schemes have a poor acceptance by users.

  16. Reactive Password Checking • System periodically runs its own password cracker to find guessable passwords. • John the Ripper password cracker • Resource intensive, vulnerable until identification

  17. Proactive Password Checking • rule enforcement plus user advice, e.g. • 8+ chars, upper/lower/numeric/punctuation • may not suffice • use password cracker to reject bad passwords • time and space issues • Markov Model • generates guessable passwords • hence reject any password it might generate • Bloom Filter • use to build table based on dictionary using hashes • check desired password against this table

  18. Biometric Authentication • authenticate user based on one of their physical characteristics

  19. Operation of a Biometric System

  20. Biometric Accuracy • never get identical templates • problems of false match / false non-match

  21. Biometric Accuracy • can plot characteristic curve • pick threshold balancing error rates

  22. Authentication Protocols • used to convince communication parties of each other’s identity and to exchange session keys • may be one-way or mutual • key issues are • confidentiality – to prevent masquerade and to protect session keys • timeliness – to prevent message replay attacks

  23. Remote User-Authentication using Symmetric Encryption • using KDC and hierarchy of keys (Needham-Schroeder Protocol) vulnerable to a replay attack if an old session key Ks has been compromised, then attacker X can • impersonate A and trick B to use old Ks by replaying msg. 3 • intercept msg. 4, impersonate A’s response in msg. 5 • impersonate A for further secure communication

  24. Kerberos • trusted authentication service from MIT • provides centralized mutual authentication in a distributed network • allows users access to distributed services in the network • a workstation cannot be trusted to identify its user • rather all trust a central authentication server • relies exclusively on symmetric encryption • requires a user to prove his or her identity for each service invoked, also requires servers to prove their identity its user • two versions in use: version 4 (1988) & 5 (1994)

  25. Kerberos Requirements • requirements in its first published report: • secure • reliable - distributed server architecture • transparent - users only need to enter passwords • scalable - distributed architecture • thus, a trusted third-party authentication service • clients and servers trust Kerberos • implemented using an authentication protocol based on Needham-Schroeder

  26. Kerberos v4 Overview • a basic third-party authentication scheme • have an Authentication Server (AS) • knows the passwords of all users • users initially negotiate with AS to identify themselves • AS provides a non-corruptible authentication credential (ticket granting ticket TGT) • have a Ticket Granting Server (TGS) • users subsequently present TGT to TGS to acquire Service Granting Ticket (SGT) to access specific services • using a complex protocol based on DES

  27. Actions in Kerberos v4

  28. Authentication Security Issues • client attacks • host attacks • eavesdropping • replay • trojan horse • denial-of-service • phishing

  29. PwdHash(Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: Stronger passwordauthentication using browser extensions. In: Proc. of the USENIX Security Symposium, 2005) Bank A Hash (PwdA, BankA) Spoofed Bank A Hash (PwdA, SpoofedBankA) PwdHash (Browser Extension) Plain-text password: PwdA Site-password:Hash (PwdA, BankA) • Unique password per site (domain name is the salt) • Focuses on protecting against phishing attacks

  30. Summary • introduced user authentication • using passwords • using tokens • using biometrics • remote user authentication • Kerberos

More Related