Boost Fertility New Invention Ups Success Rates.pdf
Authentication (Distributed computing)
1. Authentication Protocols Paul Krzyzanowski [email_address] [email_address] Distributed Systems Except as otherwise noted, the content of this presentation is licensed under the Creative Commons Attribution 2.5 License.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14. Challenge-Response authentication “ alice” Alice network host look up alice’s key, K generate random challenge number C R ’ = f( K , C ) R = f( K , C ) R = R ’ ? “ alice” C R ’ “ welcome” an eavesdropper does not see K
20. SKID2/SKID3 authentication R A Bob R B , H K (R A , R B ,”bob”) Alice Bob chooses a random number (nonce): R B. He computes H K (R A , R B ,”bob”) and sends it to Alice with R B Bob shows that he can encrypt Alice’s nonce
21. SKID2/SKID3 authentication R A Bob R B , H K (R A , R B ,”bob”) Alice Alice receives R B and has R A . Computes: H K (R A , R B ,”bob”) compares result to verify that Bob was able to encrypt data with key K . Authentication is complete as far as Alice is concerned (Bob knows the key).
22. SKID2/SKID3 authentication R A Bob R B , H K (R A , R B ,”bob”) Alice Now Alice has to convince Bob ( mutual authentication ) H K (R B , “alice”) Bob Alice demonstrates that she can encrypt Bob’s nonce
23. SKID2/SKID3 authentication R A Bob R B , H K (R A , R B ,”bob”) Alice Bob computes H K (R B , “alice”) and compares Alice’s message. If they match, he trusts Alice’s identity Key point : Each party permutes data generated by the other. Challenge the other party with data that will be different each time. H K (R B , “alice”) Bob
54. Secure Sockets Layer (SSL) client server 3. Establish session key (for symmetric cryptography) encrypt with server’s public key server decrypts with server’s public key pick a session key E(session key) set cipher mode [optional]
55. Secure Sockets Layer (SSL) client server E S (data) 4. Exchange data (symmetric encryption) encrypt and decrypt with session key and symmetric algorithm (e.g. RC4)