1 / 30

Cosc 4765

Cosc 4765. Authentication. Interesting Fact. Following the second world war, the now famous pair, Julius and Ethel Rosenberg were convicted and executed for spying on the U.S. bomb project for the Soviet Union in 1953.

Download Presentation

Cosc 4765

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Cosc 4765 Authentication

  2. Interesting Fact • Following the second world war, the now famous pair, Julius and Ethel Rosenberg were convicted and executed for spying on the U.S. bomb project for the Soviet Union in 1953. • At one point they improvised a clever password system: a cardboard Jell-O box was torn in two and one half given to a contact whom they later would need to identify. • The complex edge shape and color matching made a complex key quite impossible to forge. • Without matching secrets it is impossible to prove someone's identity

  3. Orange Book • The only risk to computers is the people who come into contact with them: networked users. To minimize the effects of users on the system, we introduce security mechanisms. • The Trusted Computer Security Evaluation Criteria (TSEC) Orange book was the first attempt to try to specify a standard for security management in the US in 1967. • Although concentrated on national security issues, the recommendations were also of general applicability.

  4. Orange Book (2) • Trusted Computing Base (TCB) • The totality of protection mechanisms within an OS including software, hardware and firmware. • Four basic divisions • A, B, C and D. • With A highest degree of security and D lowest (no requirements!). • Complete set of ratings • D, C1, C2, B1, B2, B3 and A1

  5. Authentication • “Authentication binding of an identity to a subject.” • What information can be used to establish this binding? • What the subject knows (secrets) • What the entity has (smart cards) • What the entity is (retinal prints) • Where the entity is (current location)

  6. Secrets: A Password • Simple and natural mechanism. Widely used. • How do we store passwords? • Fixed messages encrypted with passwords • Hash of password • We'll look at *nix first, then Windows password system. • On both systems the users are identified by usernames and authenticated by passwords

  7. *nix authentication • The passwords are used as key to encrypt the all zero word using crypt • which uses a modified version of DES repeated 25 times. • Result stored in /etc/passwd file • The user name is usually 6 to 8 characters • represented internally by 16 bit number (UID) • Example: • jdoe:987hggw2fd435:103:1001:John Doe: /home/jdoe:/bin/csh

  8. *nix Password algorithm

  9. Passwords and crypt • First eight characters password used as the DES key to encrypt constant 64-bit block (consisting of all zero bits) via DES 25 times • the result of each encryption is used to feed the next round. • The resultant 64-bits is converted into a string of 11 printable ASCII characters by encoding every six bits into a printable ASCII character and zero padding the 11th character.

  10. The "Salt" • When a password is first selected, the password encryption program selects a random 12-bit number as the salt. • Salt and the result is stored in password file. • Later on, when the user attempts to login the salt is extracted from the password file and is used • The effect of salting is to allow for 4096 possible encryptions of same password string. • With Salt two users may have the same password but the “encrypted” versions would look different.

  11. Brute force attack • Known as the dictionary attack • To find a user’s password from the encrypted password • Search through all passwords is better then all the possible keys • Password can be found by encrypting dictionary of possible passwords with all possible salts and comparing the result. • Total number of passwords can be large (708) • Set of typical passwords is surprisingly small! • Why?

  12. md5 passwords • md5-crypt • salt 8 to 48 bits • 1000 iterations • passwords can be 256 in length. • Doesn't slow down dictionary attacks as much as needed. • Some security experts even recommend not using it!

  13. Improvements? • Keep encryption algorithm secret • Security by obscurity rarely works, see Windows. • Keep password file hidden from non-privileged users • Widely used. Shadow file in Unix. • Only works on local machines, see perl stuff, even then doesn't "hide" passwords. • Enforce better passwords?!

  14. Windows • NT, W2k, and WXP • Passwords stored in encrypted form in SAM database which is effectively part of the registry. • Can be accessed separately with tools • There are actually two encrypted passwords • LAN Manager and NT password

  15. LAN Manager Password • Developed by Microsoft for OS/2 • Algorithm: • Truncate/Pad password to 14 characters and upper case everything • Split the password into two 7-byte halves • using DES, build {c}k1 + {c}k2 , c a constant • Very weak and easily broken!!!!!!!!! • They are in the registry, boot dos/linux disk then read the file, and/or capture passwords over the network (wincrack).

  16. Cracking LAN Manager Passwords • This hashing implementation means that an attacker needs only to complete the trivial task of cracking two seven-character, upper-case passwords to gain authenticated access to your system. • Since the complexity of cracking hashes increases geometrically with the length of the hash, each seven-character string is at least an order of magnitude simpler to attack by brute-force than would a combined fourteen-character string. • Since all strings are exactly seven characters (including spaces) and entirely upper-case, a dictionary-style attack is also simplified.

  17. Network Login • Using LAN Manager passwords for remote logon is even weaker. • susceptible to replay and man-in-middle attacks • Need a challenge system, so the information changes.

  18. NT Remote Login Challenge-Response Mechanism • User enters password, client calculates its 16 byte hash (LM and NT) and remembers for future use. • When client connects to server, the server generates an 8-byte random value which it sends to the client. • Client pads 16-byte hash with 5 null bytes to get 3 56-bit DES keys. 8-byte random challenge DES encrypted with each DES key, generating a 24-byte response. • Server compares response to that generated by user's hash values from it's password database. • Someone sniffing only sees 8-byte challenge and 24-byte response. To obtain original hash attacker must perform three brute force DES attacks. • Not really

  19. Brute forcing NT Remote Login • NOTE: • Hashed password (uncracked) is the password equivalent! • Client does not actually need to know the clear text password. It only needs to know the hashed password! The regular client software has the end user input his/her password and calculates the hashed password from the manually entered original password. • If you have a modified client which has access to a stolen copy of uncracked Windows/NT password database, • Then the client can look up hash value to use to calculate response. The client can get authenticated without knowing the original (clear text) password! • This means that even a good password (dictionary attack resistant) can be misused!

  20. CHAP • Challenge Handshake Authentication Protocol (RFC 1334 and 1994). • Without going into the ugly details, it suffers many of the same problems of NT and LAN Hashes. • Stronger, but still pretty easy to break.

  21. CHAP v2 • much stronger version and harder to break. • Except! • Version Rollback Attack • Since Microsoft has attempted to retain some backwards compatibility with MS-CHAPv1, it is possible for an attacker to mount a "version rollback attack" • In this attack, the attacker convinces both the Client and the Server not to negotiate the more secure MS-CHAPv2 protocol, but to use the less secure MS-CHAPv1 protocol.

  22. Windows 7 • Server side of LAN manager removed • Client can still be as used as fall back • Kerberos authentication protocol used. • Research project: • Windows 7 password authentication • How does it work, weakness and strengths.

  23. References and tools • John the Ripper http://www.openwall.com/john/ (crack for windows and *nix) • LC6 (L0phtcrack version 5) http://www.atstake.com/products/lc/index.html • L0pht Heavy Industries http://www.l0pht.com/ (NT password security and cracker) • Unix password security http://www.ja.net/CERT/Belgers/NIX-password-security.html

  24. Authentication Tokens • What you have • Smart cards: • Challenge/response • Cryptographic calculator: • Interaction through a user (typing ...)

  25. Biometrics • Accuracy: • False acceptance rate. • False rejection rate. • Can adversary select imposters? • Identical twins, family members, etc. • Retinal scanner, fingerprint reader, handprint reader, voiceprint, keystroke timing, signature.

  26. Fingerprints • Vulnerability: • Dummy fingers and dead fingers • Suitability and stability: • Not for people with high probability of damaged fingerprints • Not for kids growing up

  27. Voice Recognition • Single phrase: • Can use tape recorder to fake • Stability: • Background noise • Any sickness/thing that effects your voice. • Use in public

  28. Keystroke Timing • Each person has a distinct typing timing/style • Hand/finger movements • Suitability: • Best done for “local” authentication • Avoid network traffic delay

  29. Signatures • Machines can’t match human experts in recognizing shapes of signatures • Add information of timing (dynamics) of movements • Signing or an electronic tablet • It should be noted that people very rarely sign their name the same way. • There are numerous environmental factors that change how people write at any given point. • The signature is the same, then most consider it to be a fake!

  30. Q A &

More Related