210 likes | 360 Views
CMSC 414 Computer and Network Security Lecture 11. Jonathan Katz. Network Security. Authentication: an Overview. Authentication. Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer
E N D
CMSC 414Computer and Network SecurityLecture 11 Jonathan Katz
Authentication • Verifying the identity of another entity • Computer authenticating to another computer • Person authenticating to a local/remote computer • Important to be clear about what is being authenticated • The user? • The machine? • A specific application on the machine? • What assumptions are being made? • One legitimate user, or many? • Authentication to local machine, or over a network?
Attack taxonomy • Passive attacks • Active attacks • Impersonation • Client impersonation • Server impersonation • Man-in-the-middle (MiTM) • Server compromise • Different attacks may be easier/more difficult in different settings
Ease of carrying out attacks? • Client impersonation (typically trivial) • Passive eavesdropping • Wireless setting, wiretapping • Server impersonation • Phishing • DNS spoofing • Corrupted router • Man-in-the-middle attack • Same as above
Why…? • Why prevent against MiTM attacks? • Attacker should be unable to successfully impersonate the user in the future • Why care about defending against server compromise • Password re-use • Recovery after server reboot • Attacker may only get limited data from server
Authentication • Mutual authentication vs. unidirectional authentication • What happens after authentication? • Need binding between session and authentication • Authentication issues: • What authentication information is used/how authentication information is stored (at both ends) • The authentication protocol itself
Authentication • Authentication may be based on • What you know • What you have • What you are • Examples? Tradeoffs? • Others? • Can also consider two-factor authentication
What you know • (Cryptographic) key • Private- or public-key setting • Password/PIN • Low entropy… • Answers to personal questions
What you have • Token • Magnetic stripe card • User may directly modify contents • RFID tag • Cryptographic smart card • Smartphone • E.g., enter password to device • Still need a secure protocol!
What you have • Several ways hardware tokens can be used, e.g.: • User authenticates to token using PIN; token authenticates to other entity • PIN plus information from token uses to authenticate to other entity • Forms of two-factor authentication • Token and other entity are synchronized; token displays changing PIN/key used to authenticate • Challenge/response
What you are -- biometrics • Tradeoff of cost vs. accuracy • Face (low accuracy, low cost) • Fingerprint/hand print (good accuracy, moderate cost) • Iris scan (high accuracy, high cost) • …
Verification vs. identification • Verification: send (id, biometric) and check whether this ‘matches’ the stored biometric for user id • Better suited for authentication • Identification: Send biometric, find the user whose biometric is the closest match • Comes up in law enforcement
Challenges in using biometrics • Reproducibility • How much entropy is there? • Difficult to estimate • How private are they? • Revocation? • Difficult to use securely • Reproducibility • Non-uniform • Still need a secure protocol…
Reproducibility • Biometric data is not exactly reproducible • Need to check for closeness rather than an exact match • Implies the existence of false positives and negatives • Must trade off one vs. the other… • Implies a reduction in entropy; easier for an attacker to guess a value close to your biometric data
Biometric authentication • How can you securely authenticate yourself to a remote server using your fingerprint? • Trivial solution: User Server close? Can work for ‘local’ authentication… …but completely vulnerable to eavesdropping!
Better(?) solution User Server nonce MAC( , nonce) h= A single-bit difference in the scanned fingerprint results in a failed authentication!
Authentication using biometrics • There exist techniques for secure authentication using biometric data • Resilient to error! • Establish random, shared key • An active research area…
Address-based authentication • Is sometimes used • Generally not very secure • Relatively easy to forge source addresses of network packets • But can be useful if the adversary does not know what IP address to forge • E.g., IP address of a user’s home computer
Location-based authentication • Not authenticating a specific entity, but rather authenticating that an entity is in some location • More interest lately, as computation becomes more ubiquitous • E.g., re-authentication if laptop moves