Lecture (5) on Authentication PDF
Document Details
Uploaded by WellReceivedPromethium
Tags
Summary
This lecture provides an overview of authentication protocols, discussing different approaches to verifying user identities in a network environment. It explains the vulnerabilities of various protocols (e.g., ap1.0, ap2.0, etc), highlighting potential attacks and solutions like using encryption and trusted intermediaries.
Full Transcript
Lecture (5) 1 Authentication “The Doors of Durin, Lord of Moria. Speak, friend, and enter.” - Words on the gate to Moria Password? Mellon (Elvish for friend) “Too simple for a learned lore master in these suspicious days. Those were happier times.”...
Lecture (5) 1 Authentication “The Doors of Durin, Lord of Moria. Speak, friend, and enter.” - Words on the gate to Moria Password? Mellon (Elvish for friend) “Too simple for a learned lore master in these suspicious days. Those were happier times.” - Gandalf 2 Authentication Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” In a network, Bob can not “see” Alice, so Trudy simply “I am Alice” declares herself to be Alice 3 Authentication: Another Try Protocol ap2.0: Alice says “I am Alice” in an IP packet containing her source IP address Alice’s IP address “I am Alice” Failure scenario?? 4 Authentication: Another Try Protocol ap2.0: Alice says “I am Alice” in an IP packet containing her source IP address Trudy can create a packet “spoofing” Alice’s address Alice’s IP address “I am Alice” 5 Authentication: Another Try Protocol ap3.0: Alice says “I am Alice” and sends her secret password to “prove” it. Alice’s Alice’s “I’m Alice” IP addr password Alice’s Failure scenario?? OK IP addr 6 Authentication: Another Try Protocol ap3.0: Alice says “I am Alice” and sends her secret password to “prove” it. Alice’s Alice’s “I’m Alice” IP addr password Playback attack: Trudy Alice’s records Alice’s packet OK IP addr and later plays it back to Bob Alice’s Alice’s “I’m Alice” IP addr password 7 Authentication: Yet Another Try Protocol ap3.1: Alice says “I am Alice” and sends her encrypted secret password to “prove” it. Alice’s encrypted “I’m Alice” IP addr password Alice’s Failure scenario?? OK IP addr 8 Authentication: Another Try Protocol ap3.1: Alice says “I am Alice” and sends her encrypted secret password to “prove” it. Alice’s encrypted “I’m Alice” Record IP addr password and Alice’s OK playback IP addr still works! Alice’s encrypted “I’m Alice” IP addr password 9 Authentication: Yet Another Try Goal: avoid playback attack Authentication number: Enter an easily remembered four-digit number. The Taxpayer Authentication number is a way to confirm that you are speaking with an agency authorized to speak to you regarding this matter. Authentication number (R) used only once-in-a-lifetime ap4.0: to prove Alice “live”, Bob sends Alice Authentication number, R. Alice must return R, encrypted with shared secret key “I am Alice” R KA-B(R) Alice is live, and only Alice knows key to encrypt R, so it must be Alice! Failures, drawbacks? 10 Authentication: ap5.0 ap4.0 requires shared symmetric key Can we authenticate using public key techniques? ap5.0: use Authentication number / nonce, public key cryptography “I am Alice” Bob computes R + - - KA(KA(R)) = R KA(R) and knows only Alice “send me your public key” could have the private key, that encrypted R KA+ such that + - KA(KA(R)) = R 11 ap5.0: Security Hole ap5.0 only as “secure” as the distribution of public keys “I am Alice” Bob computes R + - - KT(KT(R)) = R KT (R) and authenticates “send me your public key” Trudy + KT 12 Outline Security: Cryptography Introduction Security: Authentication Security: Key Distribution 13 Trusted Intermediaries Symmetric key problem: Public key problem: How do two entities When Alice obtains Bob’s establish shared secret key public key (from web site, over network? e-mail, diskette), how Solution: does she know it is Bob’s public key, not Trudy’s? Trusted key distribution center (KDC) acting as Solution: intermediary between Trusted certification entities authority (CA) 14 Key Distribution Center (KDC) Alice, Bob need shared symmetric key. KDC: server shares different secret key with each registered user (many users) Alice, Bob know own symmetric keys, KA-KDC KB-KDC , for communicating with KDC. KDC KA-KDCKP-KDC KX-KDC KP-KDC KB-KDC KY-KDC KZ-KDC KA-KDC KB-KDC 15 Key Distribution Center (KDC) Q: How does KDC allow Bob, Alice to determine shared symmetric secret key to communicate with each other? KDC generates KA-KDC(A,B) R1 Alice KA-KDC(R1, KB-KDC(A,R1) ) Bob knows to knows use R1 to R1 KB-KDC(A,R1) communicate with Alice Alice and Bob communicate: using R1 as session key for shared symmetric encryption 16 Certification Authorities Certification authority (CA): binds public key to particular entity, E. E (person, router) registers its public key with CA. E provides “proof of identity” to CA. CA creates certificate binding E to its public key. Certificate containing E’s public key digitally signed by CA – CA says “this is E’s public key” Bob’s digital + public signature KB key K+B (encrypt) CA certificate for K- Bob’s private identifying key CA Bob’s public key, information signed by CA 17 Certification Authorities When Alice wants Bob’s public key: Gets Bob’s certificate (Bob or elsewhere). Apply CA’s public key to Bob’s certificate, get Bob’s public key + digital Bob’s KB signature public + (decrypt) KB key CA public + KCA key 18 Certificate Contents Serial number (unique to issuer) info about certificate owner, including algorithm and key value itself (not shown) Info about certificate issuer Valid dates Digital signature by issuer 19 Secure Sockets Layer (SSL) Transport layer security Server authentication: to any TCP-based app SSL-enabled browser includes public keys for using SSL services. trusted CAs. Used between Web Browser requests server browsers, servers for e- certificate, issued by trusted CA. commerce (shttp). Browser uses CA’s public Security services: key to extract server’s public Server authentication key from certificate. Data encryption Check your browser’s Client authentication security menu to see its (optional) trusted CAs. 20 SSL (continued) Encrypted SSL session: SSL: basis of IETF Browser generates Transport Layer symmetric session key, Security (TLS). encrypts it with server’s SSL can be used for public key, sends non-Web applications, encrypted key to server. e.g., IMAP. Using private key, server Client authentication decrypts session key. can be done with client Browser, server know certificates. session key All data sent into TCP socket (by client or server) encrypted with session key. 21 Network Security (Summary) Cryptography (symmetric and public) Basic techniques & tradeoffs Authentication Common styles of attack Key distribution Why needed …. used in many different security scenarios secure email, secure transport (SSL), IP sec, 802.11 WEP 22