1 / 21

Authentication and Authorization

Authentication and Authorization. Authentication is the process of verifying a principal ’ s identity (but how to define “ identity ” ?) Who the person is Or, what the person is Authorization is the process of determining whether a principal can perform certain actions

williamjsmith
Download Presentation

Authentication and Authorization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication and Authorization • Authentication is the process of verifying a principal’s identity (but how to define “identity”?) • Who the person is • Or, what the person is • Authorization is the process of determining whether a principal can perform certain actions • What the person can do • Typically based on authentication result

  2. Authentication in Cyber Space • Authentication based on what you know. • If you know a secret, then you are linked to an “identity” • The secret needs to be associated with the identity beforehand (authentication state) • Authentication protocol is the process of proving that one knows the secret, a.k.a “credential.”

  3. Simple Password Authentication User Name, Password /etc/shadow Authentication state

  4. Password Verification User-entered Password Password hash stored on file e.g. /etc/shadow H1 Hash Function H2 Y OK H1==H2? N FAIL

  5. Hash function and salt • A “salt” is used to increase the input space of a hash function • Even though a cryptographic function H is hard to invert, if the number of possible inputs to H is small, a brute-force search can easily find the pre-image from a given hash • If we append the input string with a salt and apply H on the whole string, then the number of possible inputs to the hash function is increased S fold where S is the number of all possible salts. • For password hash, the salt is used to mitigate dictionary attack

  6. What is a dictionary attack? • Pre-compute the hash of commonly used passwords • Looking up a password from the hash takes only constant time if the password falls into the dictionary

  7. Password verification with salt Salt, Hash on file e.g. /etc/shadow (S,H1) Password S Hash Function H2 Y OK H1==H2? N FAIL

  8. Challenge-Response Protocol • Objective: Bob (prover) convinces Alice (verifier) that he knows the secret, while not leaking the secret to anyone (including Alice) • Threat model: insecure communication channel • Cryptographic primitives unbreakable • Attacker can do anything else: • Intercept messages • Replace messages • Inject messages • Re-order messages • Encrypt/decrypt a message if he knows the keys

  9. Challenge-Response Protocol • General process • Verifier picks a challenge message and send it to prover. • Prover produces a response using the secret and sends the response back to the verifier • Verifier checks whether the response is valid • Requirements • Protect Verifier: if Bob does not know the secret, the protocol shall fail • Protect Prover: the secret shall not be revealed in the process, not even to the verifier (computationally infeasible to infer)

  10. Using MAC in authentication protocol m m, MAC(m,K) Alice Bob Secret K Secret K Mallory

  11. Authentication based on symmetric encryption Alice Bob Secret key K Secret key K Mallory

  12. Authentication based on symmetric encryption {m}K m Alice Bob Secret key K Secret key K Mallory

  13. Two-party authentication protocol based on public-key crypto … … Alice Bob Bob’s public key PK Bob’s private key SK Mallory

  14. SSH public key-based authentication Server (Alice) Client (Bob) Secure channel {m}Kpub ~/.ssh/.authorized_keys ~/.ssh/id_dsa Private key Kpriv (Passphrase-protected) Public key Kpub H(m) H is a cryptographic hash function

  15. SSH Public Key-based Authentication • What is a secure channel? • Messages sent are encrypted by a shared secret key • Messages are authenticated using MAC • The SSH public key-based authentication is used by the server to authenticate the user at the other end of the secure channel • SSH also supports other kinds of authentication, such as password authentication, which needs a secure channel. • This challenge-response protocol is better than asking the client to sign a challenge message • Server gains zero knowledge • The hash function is to protect the private key from a chosen-ciphertextattack

  16. SSH Agent • The private key must be protected by a passphrase. • The passphrase is used to generate a key to encrypt the private key stored in the file system. • An SSH agent can load the private key into memory and perform the challenge-response protocol on behalf of the user.

  17. Using SSH Agent challenge c SSH Client SSH Server response r c r SSH Agent ~/.ssh/id_dsa ~/.ssh/authorized_keys Server (Alice) Client (Bob)

  18. Using SSH Agent • SSH agent stores private keys in memory and performs crypto calculation • User only needs to enter passphrase when the agent retrieves the private key • Communication between SSH client and agent mediated through file-system protection • An SSH client can only connect to an agent started by the same user, except for user root, who can connect to any user’s agent • Advantage: user does not need to type in passphrase to decrypt the private key every time he wants to log in.

  19. Agent Forwarding c SSH Client SSH Server r r c c r c SSH Client r SSH Agent ~/.ssh/id_dsa Server (Alice) Client (Bob)

  20. Agent Forwarding • Alice can contact the SSH agent on Bob through the SSH channel if Bob allows his agent connection to be forwarded to Alice • SSH client on Alice becomes “man in the middle” • Useful when the user on Bob wants to login to other machines from Alice • root user can always connect to forwarded agents • Bob’s private key never leaves his machine; when Bob tears down the connection with Alice, root on Alice will no longer be able to impersonate Bob

  21. Exercise after class • Set up public key-based authentication using SSH agent for logging into departmental Linux machines (e.g., grad.csee.usf.edu). • Generate your public/private key pair • Upload your public key to the server • Figure out how to use SSH agent • Find a clever way to start/connect to your SSH agent

More Related