Download CMSC 414 Computer (and Network) Security

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts
no text concepts found
Transcript
CMSC 414
Computer and Network Security
Lecture 11
Jonathan Katz
Network Security
Authentication: an Overview
Authentication
 Verifying the identity of another entity
– Computer authenticating to another computer
– Person authenticating to a local/remote computer
 Important to be clear about what is being
authenticated
– The user?
– The machine?
– A specific application on the machine?
 What assumptions are being made?
– One legitimate user, or many?
– Authentication to local machine, or over a network?
Attack taxonomy
 Passive attacks
 Active attacks
– Impersonation
• Client impersonation
• Server impersonation
– Man-in-the-middle (MiTM)
 Server compromise
 Different attacks may be easier/more difficult in
different settings
Ease of carrying out attacks?
 Client impersonation (typically trivial)
 Passive eavesdropping
– Wireless setting, wiretapping
 Server impersonation
– Phishing
– DNS spoofing
– Corrupted router
 Man-in-the-middle attack
– Same as above
Why…?
 Why prevent against MiTM attacks?
– Attacker should be unable to successfully impersonate
the user in the future
 Why care about defending against server
compromise
– Password re-use
– Recovery after server reboot
– Attacker may only get limited data from server
Authentication
 Mutual authentication vs. unidirectional
authentication
 What happens after authentication?
– Need binding between session and authentication
 Authentication issues:
– What authentication information is used/how
authentication information is stored (at both ends)
– The authentication protocol itself
Authentication
 Authentication may be based on
– What you know
– What you have
– What you are
– Examples? Tradeoffs?
– Others?
 Can also consider two-factor authentication
What you know
 (Cryptographic) key
– Private- or public-key setting
 Password/PIN
– Low entropy…
 Answers to personal questions
What you have
 Token
 Magnetic stripe card
– User may directly modify contents
 RFID tag
 Cryptographic smart card
 Smartphone
– E.g., enter password to device
 Still need a secure protocol!
What you have
 Several ways hardware tokens can be used, e.g.:
– User authenticates to token using PIN; token
authenticates to other entity
– PIN plus information from token uses to authenticate to
other entity
• Forms of two-factor authentication
– Token and other entity are synchronized; token displays
changing PIN/key used to authenticate
– Challenge/response
What you are -- biometrics
 Tradeoff of cost vs. accuracy
 Face (low accuracy, low cost)
 Fingerprint/hand print (good accuracy, moderate
cost)
 Iris scan (high accuracy, high cost)
…
Verification vs. identification
 Verification: send (id, biometric) and check
whether this ‘matches’ the stored biometric for
user id
– Better suited for authentication
 Identification: Send biometric, find the user whose
biometric is the closest match
– Comes up in law enforcement
Challenges in using biometrics
 Reproducibility
 How much entropy is there?
– Difficult to estimate
 How private are they?
 Revocation?
 Difficult to use securely
– Reproducibility
– Non-uniform
– Still need a secure protocol…
Reproducibility
 Biometric data is not exactly reproducible
– Need to check for closeness rather than an exact match
– Implies the existence of false positives and negatives
• Must trade off one vs. the other…
– Implies a reduction in entropy; easier for an attacker to
guess a value close to your biometric data
Biometric authentication
 How can you securely authenticate yourself to a
remote server using your fingerprint?
 Trivial solution:
User
Server
close?
Can work for ‘local’ authentication…
…but completely vulnerable to eavesdropping!
Better(?) solution
User
nonce
h=MAC(
Server
, nonce)
A single-bit difference in the scanned fingerprint
results in a failed authentication!
Authentication using biometrics
 There exist techniques for secure authentication
using biometric data
– Resilient to error!
– Establish random, shared key
 An active research area…
Address-based authentication
 Is sometimes used
 Generally not very secure
– Relatively easy to forge source addresses of network
packets
 But can be useful if the adversary does not know
what IP address to forge
– E.g., IP address of a user’s home computer
Location-based authentication
 Not authenticating a specific entity, but rather
authenticating that an entity is in some location
 More interest lately, as computation becomes more
ubiquitous
– E.g., re-authentication if laptop moves