1 / 24

Authentication attacks, causes and solutions

Authentication attacks, causes and solutions. Analyzing man in the middle and dictionary attacks against SSL/TLS and password based authentication systems. Fletcher Liverance, 16 April 2009. Sources. Password-Based Authentication: Preventing Dictionary Attacks

leo-murphy
Download Presentation

Authentication attacks, causes and solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication attacks, causes and solutions Analyzing man in the middle and dictionary attacks against SSL/TLS and password based authentication systems Fletcher Liverance, 16 April 2009

  2. Sources • Password-Based Authentication: Preventing Dictionary Attacks • Saikat Chakrabarti, University of Kentucky • Mukesh Singhal, University of Kentucky • Computer, IEEE CS Press, June 2007, pp. 68-74 • SSL/TLS Session-Aware User Authentication • Rolf Oppliger, eSECURITY Technologies • Ralf Hauser, PrivaSphere AG • David Basin, ETH Zurich • Computer, IEEE CS Press, March 2008, pp. 59-65

  3. Overview • What is authentication? • Two common attacks • Advanced password authentication protocols • Improvements in SSL/TLS • Preventing future attacks

  4. What is Authentication? Authentication is the binding of an identity to a subject • Face • Voice • Signature • Birth certificate • Social security number • ID card • Personal knowledge • Key • Password • Name • Phone number

  5. Impersonal Authentication • How do you authenticate over a network? • No direct visual cues • No direct auditory cues • No physical connection • Knowledge based authentication • Recreation of human authentication cues • Electronic IDs

  6. Online Repeated query of authentication server Slow Easy to block Offline Repeated computation and comparison of password hash Faster No interaction required Top ten passwords: (username) (username)123 123456 password 1234 12345 passwd 123 test 1 Dictionary Attack

  7. Man in the Middle “a form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data to masquerade as one or more of the entities involved in a communication association.” RFC 2828 – Internet Security Glossary

  8. Basic Password Authentication

  9. Challenge/Response

  10. EKE Protocol

  11. Plaintext equivalence • User and host must have access to the same secret password • Attacker can intercept password hash as it is sent to server

  12. Secure remote-password protocol

  13. Behind the scenes • Alice and Bob agree on finite field F(x) • Alice gives Bob verifier v = F(Hash(salt, password)) and salt. • Alice sends identity to Bob • Bob sends salt to Alice • Alice computes K-a = F(Rand-a) and x = Hash(s, pwd) • Alice send K-a to Bob • Bob computes K-b = v + F(Rand-b) • Bob sends K-b and Rand-r to Alice • Alice computes K-ab = Hash(K-b – F(Hash(salt, pwd))^(Rand-a + Rand-r*Hash(salt,pwd)) • Bob computes K-ab = Hash(Rand-b*Key-a*v^Rand-r) • Alice sends Cert-a to Bob • Bob verifies Cert-a is correct • Bob sends Cert-b to Alice • Alice verifies Cert-b is correct

  14. Alternative Solutions • Delayed response • Account locking • Extra computation • Reverse Turing Test • Captcha (Completely Automated Public Turing Test to Tell Computers and Humans Apart)

  15. SSL/TLS

  16. SSL/TLS Issues • Prone to man in the middle attack • Attacker intercepts server messages • Attacker replaces server certificate with its own • Client encrypts all future transmissions using attacker’s certificate • “the naïve end user usually does SSL/TLS server authentication poorly if at all” • “developers usually decouple SSL/TLS session establishment from user authentication”

  17. Preventing MITM attacks • Enforce proper server authentication • Uneducated users • Forged certificates • Click through • Complicated revocation policy • Complicated certificate verification tree

  18. TLS-SA • Combine user authentication with SSL/TLS session establishment • Provide user authentication code (UAC) that depends on credentials and TLS session • Attacker can start session with user and host, but cannot forward messages between them

  19. TLS-SA Implementation • Normal TLS • Client token generates session key based on hash of server cert • User enters password • UAC is computed from session key and password and is transmitted to server • Server authenticates client at any time by requesting user ID, hash of server cert and the UAC.

  20. A Formal Approach “protocols need more than heuristic arguments to provide security guarantees.” • Provable security via the Standard model • Uses complexity-theoretic hardness assumptions: • Factoring the product of large primes is hard • Computing the discrete logarithm is hard in certain large groups. • AES is a good pseudorandom permutation

  21. A Formal Approach (cont.) • The random oracle model • “A public random function that takes any string as input and outputs n bits” • Use heuristically secure algorithms such as SHA • The ideal-cipher model • A standard block cipher, with k-bit key and n-bit input, chosen uniformly from all block ciphers of this form. • Use pseudorandom permutations such as AES

  22. Q & A

More Related