computer security principles and practice
Download
Skip this Video
Download Presentation
Computer Security: Principles and Practice

Loading in 2 Seconds...

play fullscreen
1 / 30

Computer Security: Principles and Practice - PowerPoint PPT Presentation


  • 135 Views
  • Uploaded on

Computer Security: Principles and Practice. Chapter 3 – User Authentication. by William Stallings and Lawrie Brown. User Authentication. fundamental security building block basis of access control & user accountability

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Computer Security: Principles and Practice' - ishmael-zamora


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
computer security principles and practice

Computer Security: Principles and Practice

Chapter 3 – User Authentication

by William Stallings and Lawrie Brown

user authentication
User Authentication
  • fundamental security building block
    • basis of access control & user accountability
  • is the process of verifying an identity claimed by or for a system entity
  • has two steps:
    • identification - specify identifier
    • verification - bind entity (person) and identifier
  • distinct from message authentication
means of user authentication
Means of User Authentication
  • four means of authenticating user's identity
  • based on
    • something you have - e.g. key, token, smartcard
    • something you know - e.g. password, PIN
    • something you are
      • static biometrics - e.g. fingerprint, retina, face
      • dynamic biometrics - e.g. voice, typing
    • somebody you know - the social network of the user, CCS’06
  • can use alone or combined
  • all can provide user authentication
  • all have issues
password authentication
Password Authentication
  • widely used user authentication method
    • user provides name/login and password
    • system compares password with that saved for specified login
  • authenticates ID of user logging and
    • that the user is authorized to access system
    • determines the user’s privileges
    • is used in discretionary access control
password vulnerabilities
Password Vulnerabilities
  • offline dictionary attack
  • specific account attack
  • popular password attack
  • workstation hijacking
  • exploiting user mistakes
  • exploiting multiple password use
  • electronic monitoring
countermeasures
Countermeasures
  • stop unauthorized access to password file
  • intrusion detection measures
  • account lockout mechanisms
  • policies against using common passwords but rather hard to guess passwords
  • training & enforcement of policies
  • automatic workstation logout
  • encrypted network links
unix implementation
UNIX Implementation
  • original scheme
    • 8 character password form 56-bit key
    • 12-bit salt used to modify DES encryption into a one-way hash function
    • 64-bit zeros as initial input, output is further encrypted, … repeated for 25 times
    • final output translated to 11 character sequence
  • now regarded as woefully insecure
    • e.g. supercomputer, 50 million tests, 80 min
  • sometimes still used for compatibility
improved implementations
Improved Implementations
  • have other, stronger, hash/salt variants
  • many systems (Solaris, Linux) now use MD5
    • with 48-bit salt
    • password length is unlimited
    • is hashed with 1000 times inner loop
    • produces 128-bit hash
  • OpenBSD uses Blowfish block cipher based hash algorithm called Bcrypt
    • uses 128-bit salt to create 192-bit hash value
password cracking approaches
Password Cracking Approaches
  • dictionary attacks
    • try each possible password then obvious variants in large dictionary against hash in password file
  • rainbow table attacks
    • precompute tables of hash values of all possible passwords for all possible salts
    • a mammoth table of hash values
    • e.g. 1.4GB table cracks 99.9% of alphanumeric Windows passwords in 13.8 secs
    • not feasible if larger salt values used
password choices
Password Choices
  • users may pick short passwords
    • e.g. 3% were 3 chars or less, easily guessed
    • system can reject choices that are too short
  • users may pick guessable passwords
    • so crackers use lists of likely passwords
    • e.g. one study of 14000 encrypted passwords guessed nearly 1/4 of them
    • would take about 1 hour on fastest systems to compute all variants, and only need 1 break!
password file access control
Password File Access Control
  • can block offline guessing attacks by denying access to encrypted passwords
    • make available only to privileged users
    • often using a separate (from user IDs) shadow password file
  • still have vulnerabilities
    • exploit O/S bug
    • accident with permissions making it readable
    • users with same password on other systems
    • access from unprotected backup media
    • sniff passwords in unprotected network traffic
using better passwords
Using Better Passwords
  • clearly have problems with passwords
  • goal to eliminate guessable passwords
  • whilst still easy for user to remember
  • techniques:
    • user education
    • computer-generated passwords
    • reactive password checking
    • proactive password checking
user education
User Education
  • A good technique: using the first letter of each word of a phrase; however, don’t pick a well-known phrase
    • An apple a day keeps the doctor away (aaadktda)
    • My sister peg is 24 years old (mspi24yo)
  • Guidelines may be ignored …
computer generated passwords
Computer-generated Passwords
  • FIPS PUB 181 defines one of the best-designed automated password generators
    • Generate words by forming pronounceable syllables
  • In general, computer-generated password schemes have a poor acceptance by users.
reactive password checking
Reactive Password Checking
  • System periodically runs its own password cracker to find guessable passwords.
    • John the Ripper password cracker
  • Resource intensive, vulnerable until identification
proactive password checking
Proactive Password Checking
  • rule enforcement plus user advice, e.g.
    • 8+ chars, upper/lower/numeric/punctuation
    • may not suffice
  • use password cracker to reject bad passwords
    • time and space issues
  • Markov Model
    • generates guessable passwords
    • hence reject any password it might generate
  • Bloom Filter
    • use to build table based on dictionary using hashes
    • check desired password against this table
biometric authentication
Biometric Authentication
  • authenticate user based on one of their physical characteristics
biometric accuracy
Biometric Accuracy
  • never get identical templates
  • problems of false match / false non-match
biometric accuracy1
Biometric Accuracy
  • can plot characteristic curve
  • pick threshold balancing error rates
authentication protocols
Authentication Protocols
  • used to convince communication parties of each other’s identity and to exchange session keys
  • may be one-way or mutual
  • key issues are
    • confidentiality – to prevent masquerade and to protect session keys
    • timeliness – to prevent message replay attacks
remote user authentication using symmetric encryption
Remote User-Authentication using Symmetric Encryption
  • using KDC and hierarchy of keys (Needham-Schroeder Protocol)

vulnerable to a replay attack if an old session key Ks has been compromised, then attacker X can

  • impersonate A and trick B to use old Ks by replaying msg. 3
  • intercept msg. 4, impersonate A’s response in msg. 5
  • impersonate A for further secure communication
kerberos
Kerberos
  • trusted authentication service from MIT
  • provides centralized mutual authentication in a distributed network
    • allows users access to distributed services in the network
    • a workstation cannot be trusted to identify its user
    • rather all trust a central authentication server
    • relies exclusively on symmetric encryption
    • requires a user to prove his or her identity for each service invoked, also requires servers to prove their identity its user
  • two versions in use: version 4 (1988) & 5 (1994)
kerberos requirements
Kerberos Requirements
  • requirements in its first published report:
    • secure
    • reliable - distributed server architecture
    • transparent - users only need to enter passwords
    • scalable - distributed architecture
  • thus, a trusted third-party authentication service
    • clients and servers trust Kerberos
  • implemented using an authentication protocol based on Needham-Schroeder
kerberos v4 overview
Kerberos v4 Overview
  • a basic third-party authentication scheme
  • have an Authentication Server (AS)
    • knows the passwords of all users
    • users initially negotiate with AS to identify themselves
    • AS provides a non-corruptible authentication credential (ticket granting ticket TGT)
  • have a Ticket Granting Server (TGS)
    • users subsequently present TGT to TGS to acquire Service Granting Ticket (SGT) to access specific services
  • using a complex protocol based on DES
authentication security issues
Authentication Security Issues
  • client attacks
  • host attacks
  • eavesdropping
  • replay
  • trojan horse
  • denial-of-service
  • phishing
slide29
PwdHash(Ross, B., Jackson, C., Miyake, N., Boneh, D., Mitchell, J.C.: Stronger passwordauthentication using browser extensions. In: Proc. of the USENIX Security Symposium, 2005)

Bank A

Hash (PwdA, BankA)

Spoofed Bank A

Hash (PwdA, SpoofedBankA)

PwdHash

(Browser Extension)

Plain-text password: PwdA

Site-password:Hash (PwdA, BankA)

  • Unique password per site (domain name is the salt)
  • Focuses on protecting against phishing attacks
summary
Summary
  • introduced user authentication
    • using passwords
    • using tokens
    • using biometrics
  • remote user authentication
  • Kerberos
ad