Downloaded 13 times
More Related Content
authentication.ppt
- 1. Authentication and Authorization •Authentication is the process of verifying a principal’s identity (but how to define “identity”?) – Who the person is – Or, what the person is • Authorization is the process of determining whether a principal can perform certain actions – What the person can do – Typically based on authentication result 1
- 2. Authentication in CyberSpace • Authentication based on what you know. – If you know a secret, then you are linked to an “identity” – The secret needs to be associated with the identity beforehand (authentication state) • Authentication protocol is the process of proving that one knows the secret, a.k.a “credential.” 2
- 3. Simple Password Authentication UserName, Password /etc/shadow Authentication state 3
- 4. Password Verification Hash Function User-entered Password Password hash storedon file e.g. /etc/shadow H1 H1==H2? H2 OK FAIL Y N 4
- 5. Hash function andsalt • A “salt” is used to increase the input space of a hash function – Even though a cryptographic function H is hard to invert, if the number of possible inputs to H is small, a brute-force search can easily find the pre-image from a given hash – If we append the input string with a salt and apply H on the whole string, then the number of possible inputs to the hash function is increased S fold where S is the number of all possible salts. – For password hash, the salt is used to mitigate dictionary attack 5
- 6. What is adictionary attack? • Pre-compute the hash of commonly used passwords • Looking up a password from the hash takes only constant time if the password falls into the dictionary 6
- 7. Password verification withsalt Hash Function Password Salt, Hash on file e.g. /etc/shadow H1==H2? H2 OK FAIL Y N S 7 (S, H1)
- 8. Challenge-Response Protocol • Objective:Bob (prover) convinces Alice (verifier) that he knows the secret, while not leaking the secret to anyone (including Alice) • Threat model: insecure communication channel – Cryptographic primitives unbreakable – Attacker can do anything else: • Intercept messages • Replace messages • Inject messages • Re-order messages • Encrypt/decrypt a message if he knows the keys 8
- 9. Challenge-Response Protocol • Generalprocess – Verifier picks a challenge message and send it to prover. – Prover produces a response using the secret and sends the response back to the verifier – Verifier checks whether the response is valid • Requirements – Protect Verifier: if Bob does not know the secret, the protocol shall fail – Protect Prover: the secret shall not be revealed in the process, not even to the verifier (computationally infeasible to infer) 9
- 10. Using MAC inauthentication protocol Alice Bob Mallory Secret K Secret K m, MAC(m,K) m 10
- 11. Authentication based on symmetricencryption Alice Bob Mallory Secret key K Secret key K 11
- 12. Authentication based on symmetricencryption Alice Bob Mallory Secret key K Secret key K 12 m {m}K
- 13. Two-party authentication protocol basedon public-key crypto Alice Bob Mallory Bob’s private key SK Bob’s public key PK … … 13
- 14. SSH public key-based authentication Securechannel {m}Kpub H(m) H is a cryptographic hash function ~/.ssh/id_dsa Private key Kpriv (Passphrase-protected) Client (Bob) ~/.ssh/.authorized_keys Public key Kpub Server (Alice) 14
- 15. SSH Public Key-based Authentication •What is a secure channel? – Messages sent are encrypted by a shared secret key – Messages are authenticated using MAC – The SSH public key-based authentication is used by the server to authenticate the user at the other end of the secure channel – SSH also supports other kinds of authentication, such as password authentication, which needs a secure channel. • This challenge-response protocol is better than asking the client to sign a challenge message – Server gains zero knowledge – The hash function is to protect the private key from a chosen-ciphertext attack 15
- 16. SSH Agent • Theprivate key must be protected by a passphrase. – The passphrase is used to generate a key to encrypt the private key stored in the file system. • An SSH agent can load the private key into memory and perform the challenge- response protocol on behalf of the user. 16
- 17.
- 18. Using SSH Agent •SSH agent stores private keys in memory and performs crypto calculation – User only needs to enter passphrase when the agent retrieves the private key • Communication between SSH client and agent mediated through file-system protection – An SSH client can only connect to an agent started by the same user, except for user root, who can connect to any user’s agent • Advantage: user does not need to type in passphrase to decrypt the private key every time he wants to log in. 18
- 19.
- 20. Agent Forwarding • Alicecan contact the SSH agent on Bob through the SSH channel if Bob allows his agent connection to be forwarded to Alice – SSH client on Alice becomes “man in the middle” – Useful when the user on Bob wants to login to other machines from Alice – root user can always connect to forwarded agents – Bob’s private key never leaves his machine; when Bob tears down the connection with Alice, root on Alice will no longer be able to impersonate Bob 20
- 21. Exercise after class •Set up public key-based authentication using SSH agent for logging into departmental Linux machines (e.g., grad.csee.usf.edu). – Generate your public/private key pair – Upload your public key to the server – Figure out how to use SSH agent – Find a clever way to start/connect to your SSH agent 21