Computer Security Protection in general purpose Operating Systems. Entity Authentication. Entity Authentication is the process of verifying a claimed identity It is based on: something the entity knows something the entity holds something the entity is something the entity does
Computer SecurityProtection in general purpose Operating Systems
EntityAuthentication is the process of verifying a
It is based on:
The user has to know some secret, such as a
password or a personal identification number (PIN).
Anybody who knows your secret “is you”!
The user has to present a physical token (such as key,
an identity tag, a card) to be authenticated.
The token can be lost or stolen!
Use biometrics, such as fingerprints, palm prints, iris
patterns, or retina patterns.
With biometrics a stored pattern is compared to an actual
False positives (accepting the wrong entity) and false
Many users find biometrics unacceptable.
Gruesome threats of the kind used in some Hollywood thrillers!
People perform some mechanical tasks in a way that is both
repeatable and specific to the individual.
False positives (accepting the wrong entity) and false negatives!
The system may take into account the location of the login.
For example, access may only be granted from certain terminals.
With mobile and distributed computing the precise
geographical location can be established during
authentication by using the services of a global
positioning system (GPS).
The most common authentication mechanism.
Although password protection seems to offer relatively good
security, human practice degrades its quality.
Attacks on passwords
If passwords are words consisting of the 26 characters A-Z
and have length 8, then we are altogether 268 passwords.
This is roughly 2*1011, which seems enough intractable.
It would take of the order of about 6 years to test all passwords
at the rate of 1 millisecond per password.
If we were to speed up the search to one microsecond per
password, this would come down to approximately 2 days.
People prefer simple passwords.
Our earlier analysis assumes that people choose
passwords such as “vxlagrst”.
Whereas in reality they tend to use names and words
they can remember.
Spelling checkers carry dictionaries of the most common English
words. The typical size of such a dictionary is 80,000 words.
This reduces the search to seconds
People prefer words which are related to them, such
as the name of a spouse, a child, a relative, a pet,
a street name or something memorable or familiar.
Some people pick a simple password and replace
certain characters such as
0 (zero) by O,
1 for letter L,
3 for letter E, etc
dictionary of weak passwords.
pick their own passwords.
login and the number of failed logins since then.
An entity enters a password and the system verifies the
Does that entity know who has received the password?
A spoofing attack is an attack in which:
one person or a program successfully masquerades as another by falsifying data and thereby gaining illegitimate advantage (e.g., access to a users password)
(with Windows NT,
invokes the OS login screen)
To validate passwords the system compares the password
entered against a value stored in the password file.
–beware of dictionary attacks!)
Use one-way hash function f
Instead of storing the passwordx in the password list,
the hash is stored.
The password list is organized as a two column table
of user IDs (usernames) and the corresponding hashed
When the user logs in and enters the password x is it is
hashed (locally) into f(x). This value is then compared
with the stored value.
The one-way hash function f
crypt(3) for Unix systems
This uses a slightly modified version of the encryption
scheme DES with 25 “rounds” (instead of the 16 rounds)
This encrypts the all zero block using the password x as
The encryption f(x) of the zero block is the hash value.
Access control mechanisms in the OS
These restrict access to files and other resources to users
holding the appropriate privileges.
Only privileged users can have write access to the password file:
otherwise an attacker could access data of other users by
changing their password file.
If read access is restricted to privileged users then passwords
should be secure, in theory.
In practice an attacker can still use a dictionary attack.
Access control mechanisms in the OS
Dictionary attacks can be prevented by using password
With salting, additional information (the salt) is appended
to the password x before it is hashed to get f(x).
This implies that even if two users have the same
password their salted hashes will be different.
For additional password protection several passwords
For example, use
Remembering many passwords is rather inconvenient.
A single sign-on service solves this problem. You enter
your password once, the system stores it, and then uses
it whenever you have to authenticate yourself again.
However this raises new security concerns.
How do you protect the stored password?
(the password needs to be in cleartext)