CSCE 522
Identification and Authentication
Reading
Reading for this lecture:
Required:
– Pfleeger: Ch. 2.1
– An Introduction to Computer Security: The NIST Handbook,
http://csrc.nist.gov/publications/nistpubs/800-12/handbook.pdf : Chapter 16, Identification and
Authentication, pages 180-194
Interesting read:
– Thanasis Petsas, Giorgos Tsirantonakis, Elias Athanasopoulos, and Sotiris Ioannidis. 2015.
Two-factor authentication: is the world ready?: quantifying 2FA adoption. In Proceedings of the
Eighth European Workshop on System Security (EuroSec '15). ACM, New York, NY, USA, ,
Article 4 , 7 pages.,
http://dl.acm.org/citation.cfm?id=2751323.2751327&coll=DL&dl=ACM&CFID=722323573&
CFTOKEN=51590717
– Smart Card Alliance, http://www.smartcardalliance.org/
– Entrust, authentication news
http://www.entrust.com/category/authentication-2/
– Certificate Authority GlobalSign Loses Critical Data to ComodoHacker, http://techiebuzz.com/tech-news/globalsign-attack-certificate-authority-data-leak.html , Sept 8, 2011
Reading for next lecture:
– Pfleeger: Ch. 2.2
CSCE 522 - Farkas
2
Identification

Establishes the
identity of an
individual/system/application/etc.
 Proof of identity:
password, driver’s
license, Id card, etc.
CSCE 522 - Farkas
3
Authentication

Allows an entity (a user or a system) to prove its
identity within a context, e.g., computer system
 Typically, the entity whose identity is verified
reveals knowledge of some secret S to the verifier
 Strong authentication: the entity reveals
knowledge of S to the verifier without revealing S
to the verifier
CSCE 522 - Farkas
4
Authentication Information
Must be securely maintained by the
system.
CSCE 522 - Farkas
5
Elements of Authentication





Person/group/code/system: to be authenticated
Distinguishing characteristics: differentiates the
entities to be authenticated
Proprietor/system owner/administrator:
responsible for the system
Authentication mechanism: verify the
distinguishing characteristics
Access control mechanism: grant privileges upon
successful authentication
CSCE 522 - Farkas
6
Authentication Requirements

Network must ensure
– Data exchange is established with addressed peer entity
not with an entity that masquerades or replays previous
messages

Network must ensure data source is the one
claimed
 Authentication generally follows identification
– Establish validity of claimed identity
– Provide protection against fraudulent transactions
CSCE 522 - Farkas
7
User Authentication

What the user knows
– Password, personal information

What the user possesses
– Physical key, ticket, passport, token, smart card

What the user is (biometrics)
– Fingerprints, voiceprint, signature dynamics
CSCE 522 - Farkas
8
Passwords

Commonly used method
 For each user, system stores (user name,
F(password)), where F is some transformation
(e.g., one-way hash) in a password file
– F(password) is easy to compute
– From F(password), password is difficult to compute
– Password is not stored in the system

When user enters the password, system computes
F(password); match provides proof of identity
CSCE 522 - Farkas
9
Vulnerabilities of Passwords

Inherent vulnerabilities
– Easy to guess or snoop
– No control on sharing

Practical vulnerabilities
– Visible if unencrypted in distributed and network
environment
– Susceptible for replay attacks if encrypted naively

Password advantage
– Easy to modify compromised password.
CSCE 522 - Farkas
10
Attacks on Password

Guessing attack/dictionary attack
 Social Engineering
 Sniffing
 Trojan login
 Van Eck sniffing
CSCE 522 - Farkas
11
Guessing Attack

Exploits human nature to use easy to
remember passwords
 Trial-and-error attack
 Easy to detect (failed logins) and block
– Problem: if the attacker has access to the
password file (even if it is encrypted)

Need audit mechanism
CSCE 522 - Farkas
12
Social Engineering

Attacker asks for password by
masquerading as somebody else (not
necessarily an authenticated user)
 May be difficult to detect
 Protection against social engineering: strict
security policy and users’ education
CSCE 522 - Farkas
13
Dictionary Attacks on Passwords

Attack 1:
– Create dictionary of common words and names and
their simple transformations
– Use these to guess password
 Attack 2:
– Usually F is public and so is the password file
(encrypted)
– Compute F(word) for each word in dictionary
– Find match
CSCE 522 - Farkas
14
Password Salt

Used to make dictionary attack more difficult
 Salt is a 12 bit number between 0 and 4095
 It is derived from the system clock and the process
identifier
 Compute F(password+salt); both salt and F(password+salt)
are stored in the password table
 User: gives password, system finds salt and computes
F(password+salt) and check for match
Better!: use a random number, user authenticates by sending
F(password+random number) || random number
CSCE 522 - Farkas
15
Password Management Policy

Educate users to make better choices
 Define rules for good password selection
and ask users to follow them
 Ask or force users to change their password
periodically
 Actively attempt to break user’s passwords
and force users to change broken ones
 Screen password choices
CSCE 522 - Farkas
16
One-time Password
Use the password exactly once!
The first use of the password would grant
access; a second or subsequent use of the
same password would not
CSCE 522 - Farkas
17
Lamport’s scheme







Doesn’t require any special hardware
System computes one-way function F, such as
F(x),F2(x),…, F1000(x)
System stores user’s name and F1000(x)
User supplies F999(x) the first time
If the login is correct, system replaces F1000(x)
with F999(x)
Next login: user supplies F998(x) … and so on
User calculates Fn(x) using a hand-held calculator,
a workstation, or other devices
CSCE 522 - Farkas
18
Time Synchronized

There is a hand-held authenticator
– It contains an internal clock, a secret key, and a display
– Display outputs a function of the current time and the
key
– It changes about once per minute

User supplies the user id and the display value
 Host uses the secret key, the function and its clock
to calculate the expected output
 Login is valid if the values match
CSCE 522 - Farkas
19
Time Synchronized
Problem: Need time
synchronization between
device and server
Secret key
DES
Time
One Time Password
CSCE 522 - Farkas
20
Challenge Response
• Non-repeating challenges from the host is used
• The device requires a keypad
Work
station
Network
Host
User ID
Challenge
Response
CSCE 522 - Farkas
21
Challenge Response
Secret key
Challenge
DES
One Time Password
CSCE 522 - Farkas
22
Devices with Personal Identification
Number (PIN)

Devices are subject to theft, some devices
require PIN (something the user knows)
 PIN is used by the device to authenticate the
user
 Problems with challenge/response schemes
– Key database is extremely sensitive
– This can be avoided if public key algorithms
are used
CSCE 522 - Farkas
23
Smart Cards

Portable devices with a CPU, I/O ports, and
some nonvolatile memory
 Can carry out computation required by
public key algorithms and transmit directly
to the host
 Some use biometrics data about the user
instead of the PIN
CSCE 522 - Farkas
24
Biometrics

Fingerprint
 Retina scan
 Voice pattern
 Signature
 Typing style
CSCE 522 - Farkas
25
Problems with Biometrics

Expensive
– Retina scan (min. cost) about $ 2,200
– Voice (min. cost) about $ 1,500
– Signature (min. cost) about $ 1,000

False readings
– Retina scan 1/10,000,000+
– Signature 1/50
– Fingerprint 1/500

Can’t be modified when compromised
CSCE 522 - Farkas
26
Identity Management

Distributed, heterogeneous domain
 User credentials
 Performance
pswd
pswd
System 2
System 1
I am Ann. Here is my
Password2.
I am Ann. Here is my
Password1.
pswd
System 3
I am Ann. Here is my
Password3.
CSCE 522 - Farkas
27
Identity Management cont.
Need verifiable proof of identity – without
being authenticated during every single
interaction
 Digital certificate: links identity and public
key together

– A user can prove his/her identity by signing the
messages with his/her private key
CSCE 522 - Farkas
28
Digital Certificates

Most common digital certificate: X.509
 Initially issued in 1988
 Rely on PKI and hierarchy of certificate
authorities
 Certificate Authority: issue and revoke
digital certificates, accepts user
notifications, publishes revocation list
CSCE 522 - Farkas
29
Digital Certificates Basic
Content
– …
– Issuer
– Validity


Not Before
Not After
– Subject
– Subject Public Key Info


Public Key Algorithm
Subject Public Key
– …
– Certificate Signature Algorithm
– Certificate Signature
CSCE 522 - Farkas
30
Problem with X.509

Large file
 Long duration  needs validation of
certificate for revocation
 Why are digital certificates revoked?
– Exposure of private key
– Incorrect/unauthorized issuance
– Termination of assignment
CSCE 522 - Farkas
31
Return to Multiple
Authentication
CA
Verify Certificate
System 2
System 1
I am Ann. Here is my
X.509
System 3
I am Ann. Here is my
X.509
I am Ann. Here is my
X.509
CSCE 522 - Farkas
32
CA
Single Sign On
Verify Certificate
System 2
System 1
I am Ann. Here is my
SAML token
System 3
I am Ann. Here is my
X.509. Give me a locally
verifiable token.
SAML token
I am Ann. Here is my
SAML token
CSCE 522 - Farkas
33
Next Class

Access Control
CSCE 522 - Farkas
34