SlideShare a Scribd company logo

AV_CNS__Entity Authentication_CNS_EA.pptx

Download as PPTX, PDF
H
hodcse99

AV_CNS__Entity Authentication

Engineering
1 of 19
Unit 4 – Message Authentication and Integrity Entity Authentication
Entity Authentication • Entity authentication is a technique designed to let one party prove the identity of another party. • An entity can be a person, a process, a client, or a server. • The entity whose identity needs to be proved is called the claimant • The party that tries to prove the identity of the claimant is called the verifier • Biometrics • Passwords • Challenge Response protocols
Entity Authentication - BIOMETRICS • Biometrics is the measurement of physiological or behavioral features that identify a person (authentication by something inherent). • Biometrics measures features that cannot be guessed, stolen, or shared.
Entity Authentication - BIOMETRICS
Entity Authentication - BIOMETRICS
Entity Authentication - BIOMETRICS
Entity Authentication - BIOMETRICS
Entity Authentication - BIOMETRICS
Entity Authentication - PASSWORD The simplest and oldest method of entity authentication is the password-based authentication, where the password is something that the claimant knows. (FIXED, OTP)
Entity Authentication - PASSWORD First Approach Figure User ID and password file Attacks on the first approach Eavesdropping Stealing a password Accessing a password file guessing
Entity Authentication - PASSWORD Second Approach Figure Hashing the password Dictionary attack Create a list of password, calculate the hash value, and search the second-column entries to find a match.
Entity Authentication - PASSWORD Third Approach Figure Salting the password When the password is created, a random string, called the salt, is concatenated to the password. The salted password is then hashed. The Unix OS uses a variation of this method.
Entity Authentication - PASSWORD Fourth Approach [+ OTP] • In the fourth approach, two identification techniques are combined. • A good example of this type of authentication is the use of an ATM card (something possessed) with a PIN (personal identification number) (something known).
Entity Authentication - Challenge Response protocols • In password authentication, the claimant proves her identity by demonstrating that she knows a secret, the password. • In challenge-response authentication, the claimant proves that she knows a secret without sending it. • Using a Symmetric-Key Cipher • Using an Asymmetric-Key Cipher • Using Digital Signature
14.15 In challenge-response authentication, the claimant proves that she knows a secret without sending it to the verifier. Note The challenge is a time-varying value sent by the verifier; the response is the result of a function applied on the challenge. Note
Entity Authentication - Challenge Response protocols 1.Alice ID 2.The challenge from Bob to Alice RB 3.Alice respond and send her challenge RA 4.Bob’s response. RA and RB are switched to prevent a replay attack. Using a Symmetric-Key Cipher
Entity Authentication - Challenge Response protocols Figure Bidirectional, asymmetric-key Using an Asymmetric-Key Cipher
Entity Authentication - Challenge Response protocols Using Digital Signature Figure Digital signature, unidirectional authentication
Entity Authentication - Challenge Response protocols Figure Digital signature, bidirectional authentication Using Digital Signature

Recommended

Cryptography
CryptographyCryptography
CryptographyVeiluvanthal1981
 
Cryptography
CryptographyCryptography
CryptographyVeiluvanthal1981
 
Unit 5
Unit 5Unit 5
Unit 5KRAMANJANEYULU1
 
api-security-Jan23.pptxsdfffffffffffffffffffffffffffff
api-security-Jan23.pptxsdfffffffffffffffffffffffffffffapi-security-Jan23.pptxsdfffffffffffffffffffffffffffff
api-security-Jan23.pptxsdfffffffffffffffffffffffffffffDucAnhLe56
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Ali Raw
 
Information and network security 47 authentication applications
Information and network security 47 authentication applicationsInformation and network security 47 authentication applications
Information and network security 47 authentication applicationsVaibhav Khanna
 
Addressing Top API Security Risks
Addressing Top API Security RisksAddressing Top API Security Risks
Addressing Top API Security RisksNordic APIs
 
Trust elevation-abbie-v1
Trust elevation-abbie-v1Trust elevation-abbie-v1
Trust elevation-abbie-v1Abbie Barbir
 

Recommended

Cryptography
CryptographyCryptography
CryptographyVeiluvanthal1981
 
Cryptography
CryptographyCryptography
CryptographyVeiluvanthal1981
 
Unit 5
Unit 5Unit 5
Unit 5KRAMANJANEYULU1
 
api-security-Jan23.pptxsdfffffffffffffffffffffffffffff
api-security-Jan23.pptxsdfffffffffffffffffffffffffffffapi-security-Jan23.pptxsdfffffffffffffffffffffffffffff
api-security-Jan23.pptxsdfffffffffffffffffffffffffffffDucAnhLe56
 
Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Authentication(pswrd,token,certificate,biometric)
Authentication(pswrd,token,certificate,biometric)Ali Raw
 
Information and network security 47 authentication applications
Information and network security 47 authentication applicationsInformation and network security 47 authentication applications
Information and network security 47 authentication applicationsVaibhav Khanna
 
Addressing Top API Security Risks
Addressing Top API Security RisksAddressing Top API Security Risks
Addressing Top API Security RisksNordic APIs
 
Trust elevation-abbie-v1
Trust elevation-abbie-v1Trust elevation-abbie-v1
Trust elevation-abbie-v1Abbie Barbir
 
Iss lecture 5
Iss lecture 5Iss lecture 5
Iss lecture 5Ali Habeeb
 
Twg 04-04
Twg 04-04Twg 04-04
Twg 04-04Hai Nguyen
 
FirstNet ICAM
FirstNet ICAMFirstNet ICAM
FirstNet ICAMAdam Lewis
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetShivanand Arur
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methodslapao2014
 
Identity Proofing to provision accurately
Identity Proofing to provision accuratelyIdentity Proofing to provision accurately
Identity Proofing to provision accuratelyDavid Kelts, CIPT
 
Broken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptxBroken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptxManahari Darshika Pemarathna
 
Owasp security testing methodlogies –part2
Owasp security testing methodlogies –part2Owasp security testing methodlogies –part2
Owasp security testing methodlogies –part2robin_bene
 
Chapters_1_2.ppt
Chapters_1_2.pptChapters_1_2.ppt
Chapters_1_2.pptJoshCasas1
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerceMohsin Ahmad
 
information security importance and use.ppt
information security importance and use.pptinformation security importance and use.ppt
information security importance and use.pptMuhammadAbdullah311866
 
Lecture15.ppt
Lecture15.pptLecture15.ppt
Lecture15.pptRamaNingaiah
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniquesIGZ Software house
 
Jips v07 no1_paper17_2
Jips v07 no1_paper17_2Jips v07 no1_paper17_2
Jips v07 no1_paper17_2Hai Nguyen
 
Jips v07 no1_paper17_3
Jips v07 no1_paper17_3Jips v07 no1_paper17_3
Jips v07 no1_paper17_3Hai Nguyen
 
Unit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptxUnit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptxPuskar Bhandari
 
Session on Cyber security and Ethical Hacking.pptx
Session on Cyber security and Ethical Hacking.pptxSession on Cyber security and Ethical Hacking.pptx
Session on Cyber security and Ethical Hacking.pptxVicky Tyagi
 
04 application security fundamentals - part 2 - security mechanisms - authe...
04 application security fundamentals - part 2 - security mechanisms - authe...04 application security fundamentals - part 2 - security mechanisms - authe...
04 application security fundamentals - part 2 - security mechanisms - authe...appsec
 
Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...eSAT Journals
 
Electrical shop management system project report.pdf
Electrical shop management system project report.pdfElectrical shop management system project report.pdf
Electrical shop management system project report.pdfKamal Acharya
 
Circuit Breaker arc phenomenon.pdf engineering
Circuit Breaker arc phenomenon.pdf engineeringCircuit Breaker arc phenomenon.pdf engineering
Circuit Breaker arc phenomenon.pdf engineeringKanchhaTamang
 

More Related Content

Similar to AV_CNS__Entity Authentication_CNS_EA.pptx

Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetShivanand Arur
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methodslapao2014
 
Identity Proofing to provision accurately
Identity Proofing to provision accuratelyIdentity Proofing to provision accurately
Identity Proofing to provision accuratelyDavid Kelts, CIPT
 
Owasp security testing methodlogies –part2
Owasp security testing methodlogies –part2Owasp security testing methodlogies –part2
Owasp security testing methodlogies –part2robin_bene
 
Chapters_1_2.ppt
Chapters_1_2.pptChapters_1_2.ppt
Chapters_1_2.pptJoshCasas1
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerceMohsin Ahmad
 
information security importance and use.ppt
information security importance and use.pptinformation security importance and use.ppt
information security importance and use.pptMuhammadAbdullah311866
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor AuthenticationDilip Kr. Jangir
 
Jips v07 no1_paper17_2
Jips v07 no1_paper17_2Jips v07 no1_paper17_2
Jips v07 no1_paper17_2Hai Nguyen
 
Jips v07 no1_paper17_3
Jips v07 no1_paper17_3Jips v07 no1_paper17_3
Jips v07 no1_paper17_3Hai Nguyen
 
Unit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptxUnit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptxPuskar Bhandari
 
Session on Cyber security and Ethical Hacking.pptx
Session on Cyber security and Ethical Hacking.pptxSession on Cyber security and Ethical Hacking.pptx
Session on Cyber security and Ethical Hacking.pptxVicky Tyagi
 
04 application security fundamentals - part 2 - security mechanisms - authe...
04 application security fundamentals - part 2 - security mechanisms - authe...04 application security fundamentals - part 2 - security mechanisms - authe...
04 application security fundamentals - part 2 - security mechanisms - authe...appsec
 
Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...eSAT Journals
 

Similar to AV_CNS__Entity Authentication_CNS_EA.pptx (20)

Iss lecture 5
Iss lecture 5Iss lecture 5
Iss lecture 5
 
Twg 04-04
Twg 04-04Twg 04-04
Twg 04-04
 
FirstNet ICAM
FirstNet ICAMFirstNet ICAM
FirstNet ICAM
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
 
Eds user authenticationuser authentication methods
Eds user authenticationuser authentication methodsEds user authenticationuser authentication methods
Eds user authenticationuser authentication methods
 
Identity Proofing to provision accurately
Identity Proofing to provision accuratelyIdentity Proofing to provision accurately
Identity Proofing to provision accurately
 
Broken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptxBroken Authentication and Authorization(1).pptx
Broken Authentication and Authorization(1).pptx
 
Owasp security testing methodlogies –part2
Owasp security testing methodlogies –part2Owasp security testing methodlogies –part2
Owasp security testing methodlogies –part2
 
Chapters_1_2.ppt
Chapters_1_2.pptChapters_1_2.ppt
Chapters_1_2.ppt
 
Security for e commerce
Security for e commerceSecurity for e commerce
Security for e commerce
 
information security importance and use.ppt
information security importance and use.pptinformation security importance and use.ppt
information security importance and use.ppt
 
Lecture15.ppt
Lecture15.pptLecture15.ppt
Lecture15.ppt
 
Seminar-Two Factor Authentication
Seminar-Two Factor AuthenticationSeminar-Two Factor Authentication
Seminar-Two Factor Authentication
 
Authentication techniques
Authentication techniquesAuthentication techniques
Authentication techniques
 
Jips v07 no1_paper17_2
Jips v07 no1_paper17_2Jips v07 no1_paper17_2
Jips v07 no1_paper17_2
 
Jips v07 no1_paper17_3
Jips v07 no1_paper17_3Jips v07 no1_paper17_3
Jips v07 no1_paper17_3
 
Unit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptxUnit-4-User-Authentication.pptx
Unit-4-User-Authentication.pptx
 
Session on Cyber security and Ethical Hacking.pptx
Session on Cyber security and Ethical Hacking.pptxSession on Cyber security and Ethical Hacking.pptx
Session on Cyber security and Ethical Hacking.pptx
 
04 application security fundamentals - part 2 - security mechanisms - authe...
04 application security fundamentals - part 2 - security mechanisms - authe...04 application security fundamentals - part 2 - security mechanisms - authe...
04 application security fundamentals - part 2 - security mechanisms - authe...
 
Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...Comparative analysis of authentication and authorization security in distribu...
Comparative analysis of authentication and authorization security in distribu...
 

Recently uploaded

Electrical shop management system project report.pdf
Electrical shop management system project report.pdfElectrical shop management system project report.pdf
Electrical shop management system project report.pdfKamal Acharya
 
Circuit Breaker arc phenomenon.pdf engineering
Circuit Breaker arc phenomenon.pdf engineeringCircuit Breaker arc phenomenon.pdf engineering
Circuit Breaker arc phenomenon.pdf engineeringKanchhaTamang
 
Diploma Engineering Drawing Qp-2024 Ece .pdf
Diploma Engineering Drawing Qp-2024 Ece .pdfDiploma Engineering Drawing Qp-2024 Ece .pdf
Diploma Engineering Drawing Qp-2024 Ece .pdfJNTUA
 
Filters for Electromagnetic Compatibility Applications
Filters for Electromagnetic Compatibility ApplicationsFilters for Electromagnetic Compatibility Applications
Filters for Electromagnetic Compatibility ApplicationsMathias Magdowski
 
Artificial Intelligence Bayesian Reasoning
Artificial Intelligence Bayesian ReasoningArtificial Intelligence Bayesian Reasoning
Artificial Intelligence Bayesian Reasoninghotman30312
 
Research Methodolgy & Intellectual Property Rights Series 2
Research Methodolgy & Intellectual Property Rights Series 2Research Methodolgy & Intellectual Property Rights Series 2
Research Methodolgy & Intellectual Property Rights Series 2T.D. Shashikala
 
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdfRESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdfKamal Acharya
 
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...Roi Lipman
 
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfInstruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfEr.Sonali Nasikkar
 
"United Nations Park" Site Visit Report.
"United Nations Park" Site Visit Report."United Nations Park" Site Visit Report.
"United Nations Park" Site Visit Report.MdManikurRahman
 
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdfInvolute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdfJNTUA
 
2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edgePaco Orozco
 
SLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptxSLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptxCHAIRMAN M
 
Interfacing Analog to Digital Data Converters ee3404.pdf
Interfacing Analog to Digital Data Converters ee3404.pdfInterfacing Analog to Digital Data Converters ee3404.pdf
Interfacing Analog to Digital Data Converters ee3404.pdfragupathi90
 
Operating System chapter 9 (Virtual Memory)
Operating System chapter 9 (Virtual Memory)Operating System chapter 9 (Virtual Memory)
Operating System chapter 9 (Virtual Memory)NareenAsad
 
Supermarket billing system project report..pdf
Supermarket billing system project report..pdfSupermarket billing system project report..pdf
Supermarket billing system project report..pdfKamal Acharya
 
Dairy management system project report..pdf
Dairy management system project report..pdfDairy management system project report..pdf
Dairy management system project report..pdfKamal Acharya
 
RM&IPR M5 notes.pdfResearch Methodolgy & Intellectual Property Rights Series 5
RM&IPR M5 notes.pdfResearch Methodolgy & Intellectual Property Rights Series 5RM&IPR M5 notes.pdfResearch Methodolgy & Intellectual Property Rights Series 5
RM&IPR M5 notes.pdfResearch Methodolgy & Intellectual Property Rights Series 5T.D. Shashikala
 
Lesson no16 application of Induction Generator in Wind.ppsx
Lesson no16 application of Induction Generator in Wind.ppsxLesson no16 application of Induction Generator in Wind.ppsx
Lesson no16 application of Induction Generator in Wind.ppsxmichaelprrior
 
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringC Sai Kiran
 

Recently uploaded (20)

Electrical shop management system project report.pdf
Electrical shop management system project report.pdfElectrical shop management system project report.pdf
Electrical shop management system project report.pdf
 
Circuit Breaker arc phenomenon.pdf engineering
Circuit Breaker arc phenomenon.pdf engineeringCircuit Breaker arc phenomenon.pdf engineering
Circuit Breaker arc phenomenon.pdf engineering
 
Diploma Engineering Drawing Qp-2024 Ece .pdf
Diploma Engineering Drawing Qp-2024 Ece .pdfDiploma Engineering Drawing Qp-2024 Ece .pdf
Diploma Engineering Drawing Qp-2024 Ece .pdf
 
Filters for Electromagnetic Compatibility Applications
Filters for Electromagnetic Compatibility ApplicationsFilters for Electromagnetic Compatibility Applications
Filters for Electromagnetic Compatibility Applications
 
Artificial Intelligence Bayesian Reasoning
Artificial Intelligence Bayesian ReasoningArtificial Intelligence Bayesian Reasoning
Artificial Intelligence Bayesian Reasoning
 
Research Methodolgy & Intellectual Property Rights Series 2
Research Methodolgy & Intellectual Property Rights Series 2Research Methodolgy & Intellectual Property Rights Series 2
Research Methodolgy & Intellectual Property Rights Series 2
 
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdfRESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
RESORT MANAGEMENT AND RESERVATION SYSTEM PROJECT REPORT.pdf
 
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
The battle for RAG, explore the pros and cons of using KnowledgeGraphs and Ve...
 
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdfInstruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
Instruct Nirmaana 24-Smart and Lean Construction Through Technology.pdf
 
"United Nations Park" Site Visit Report.
"United Nations Park" Site Visit Report."United Nations Park" Site Visit Report.
"United Nations Park" Site Visit Report.
 
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdfInvolute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
Involute of a circle,Square, pentagon,HexagonInvolute_Engineering Drawing.pdf
 
2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge2024 DevOps Pro Europe - Growing at the edge
2024 DevOps Pro Europe - Growing at the edge
 
SLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptxSLIDESHARE PPT-DECISION MAKING METHODS.pptx
SLIDESHARE PPT-DECISION MAKING METHODS.pptx
 
Interfacing Analog to Digital Data Converters ee3404.pdf
Interfacing Analog to Digital Data Converters ee3404.pdfInterfacing Analog to Digital Data Converters ee3404.pdf
Interfacing Analog to Digital Data Converters ee3404.pdf
 
Operating System chapter 9 (Virtual Memory)
Operating System chapter 9 (Virtual Memory)Operating System chapter 9 (Virtual Memory)
Operating System chapter 9 (Virtual Memory)
 
Supermarket billing system project report..pdf
Supermarket billing system project report..pdfSupermarket billing system project report..pdf
Supermarket billing system project report..pdf
 
Dairy management system project report..pdf
Dairy management system project report..pdfDairy management system project report..pdf
Dairy management system project report..pdf
 
RM&IPR M5 notes.pdfResearch Methodolgy & Intellectual Property Rights Series 5
RM&IPR M5 notes.pdfResearch Methodolgy & Intellectual Property Rights Series 5RM&IPR M5 notes.pdfResearch Methodolgy & Intellectual Property Rights Series 5
RM&IPR M5 notes.pdfResearch Methodolgy & Intellectual Property Rights Series 5
 
Lesson no16 application of Induction Generator in Wind.ppsx
Lesson no16 application of Induction Generator in Wind.ppsxLesson no16 application of Induction Generator in Wind.ppsx
Lesson no16 application of Induction Generator in Wind.ppsx
 
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical EngineeringIntroduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
Introduction to Machine Learning Unit-4 Notes for II-II Mechanical Engineering
 

AV_CNS__Entity Authentication_CNS_EA.pptx

  • 1. Unit 4 – Message Authentication and Integrity Entity Authentication
  • 2. Entity Authentication • Entity authentication is a technique designed to let one party prove the identity of another party. • An entity can be a person, a process, a client, or a server. • The entity whose identity needs to be proved is called the claimant • The party that tries to prove the identity of the claimant is called the verifier • Biometrics • Passwords • Challenge Response protocols
  • 3. Entity Authentication - BIOMETRICS • Biometrics is the measurement of physiological or behavioral features that identify a person (authentication by something inherent). • Biometrics measures features that cannot be guessed, stolen, or shared.
  • 9. Entity Authentication - PASSWORD The simplest and oldest method of entity authentication is the password-based authentication, where the password is something that the claimant knows. (FIXED, OTP)
  • 10. Entity Authentication - PASSWORD First Approach Figure User ID and password file Attacks on the first approach Eavesdropping Stealing a password Accessing a password file guessing
  • 11. Entity Authentication - PASSWORD Second Approach Figure Hashing the password Dictionary attack Create a list of password, calculate the hash value, and search the second-column entries to find a match.
  • 12. Entity Authentication - PASSWORD Third Approach Figure Salting the password When the password is created, a random string, called the salt, is concatenated to the password. The salted password is then hashed. The Unix OS uses a variation of this method.
  • 13. Entity Authentication - PASSWORD Fourth Approach [+ OTP] • In the fourth approach, two identification techniques are combined. • A good example of this type of authentication is the use of an ATM card (something possessed) with a PIN (personal identification number) (something known).
  • 14. Entity Authentication - Challenge Response protocols • In password authentication, the claimant proves her identity by demonstrating that she knows a secret, the password. • In challenge-response authentication, the claimant proves that she knows a secret without sending it. • Using a Symmetric-Key Cipher • Using an Asymmetric-Key Cipher • Using Digital Signature
  • 15. 14.15 In challenge-response authentication, the claimant proves that she knows a secret without sending it to the verifier. Note The challenge is a time-varying value sent by the verifier; the response is the result of a function applied on the challenge. Note
  • 16. Entity Authentication - Challenge Response protocols 1.Alice ID 2.The challenge from Bob to Alice RB 3.Alice respond and send her challenge RA 4.Bob’s response. RA and RB are switched to prevent a replay attack. Using a Symmetric-Key Cipher
  • 17. Entity Authentication - Challenge Response protocols Figure Bidirectional, asymmetric-key Using an Asymmetric-Key Cipher
  • 18. Entity Authentication - Challenge Response protocols Using Digital Signature Figure Digital signature, unidirectional authentication
  • 19. Entity Authentication - Challenge Response protocols Figure Digital signature, bidirectional authentication Using Digital Signature