CMSC 414
Computer and Network Security
Lecture 11
Jonathan Katz
Network Security
Authentication: an Overview
Authentication
 Verifying the identity of another entity
– Computer authenticating to another computer
– Person authenticating to a local/remote computer
 Important to be clear about what is being
authenticated
– The user?
– The machine?
– A specific application on the machine?
 What assumptions are being made?
– One legitimate user, or many?
– Authentication to local machine, or over a network?
Attack taxonomy
 Passive attacks
 Active attacks
– Impersonation
• Client impersonation
• Server impersonation
– Man-in-the-middle (MiTM)
 Server compromise
 Different attacks may be easier/more difficult in
different settings
Ease of carrying out attacks?
 Client impersonation (typically trivial)
 Passive eavesdropping
– Wireless setting, wiretapping
 Server impersonation
– Phishing
– DNS spoofing
– Corrupted router
 Man-in-the-middle attack
– Same as above
Why…?
 Why prevent against MiTM attacks?
– Attacker should be unable to successfully impersonate
the user in the future
 Why care about defending against server
compromise
– Password re-use
– Recovery after server reboot
– Attacker may only get limited data from server
Authentication
 Mutual authentication vs. unidirectional
authentication
 What happens after authentication?
– Need binding between session and authentication
 Authentication issues:
– What authentication information is used/how
authentication information is stored (at both ends)
– The authentication protocol itself
Authentication
 Authentication may be based on
– What you know
– What you have
– What you are
– Examples? Tradeoffs?
– Others?
 Can also consider two-factor authentication
What you know
 (Cryptographic) key
– Private- or public-key setting
 Password/PIN
– Low entropy…
 Answers to personal questions
What you have
 Token
 Magnetic stripe card
– User may directly modify contents
 RFID tag
 Cryptographic smart card
 Smartphone
– E.g., enter password to device
 Still need a secure protocol!
What you have
 Several ways hardware tokens can be used, e.g.:
– User authenticates to token using PIN; token
authenticates to other entity
– PIN plus information from token uses to authenticate to
other entity
• Forms of two-factor authentication
– Token and other entity are synchronized; token displays
changing PIN/key used to authenticate
– Challenge/response
What you are -- biometrics
 Tradeoff of cost vs. accuracy
 Face (low accuracy, low cost)
 Fingerprint/hand print (good accuracy, moderate
cost)
 Iris scan (high accuracy, high cost)
…
Verification vs. identification
 Verification: send (id, biometric) and check
whether this ‘matches’ the stored biometric for
user id
– Better suited for authentication
 Identification: Send biometric, find the user whose
biometric is the closest match
– Comes up in law enforcement
Challenges in using biometrics
 Reproducibility
 How much entropy is there?
– Difficult to estimate
 How private are they?
 Revocation?
 Difficult to use securely
– Reproducibility
– Non-uniform
– Still need a secure protocol…
Reproducibility
 Biometric data is not exactly reproducible
– Need to check for closeness rather than an exact match
– Implies the existence of false positives and negatives
• Must trade off one vs. the other…
– Implies a reduction in entropy; easier for an attacker to
guess a value close to your biometric data
Biometric authentication
 How can you securely authenticate yourself to a
remote server using your fingerprint?
 Trivial solution:
User
Server
close?
Can work for ‘local’ authentication…
…but completely vulnerable to eavesdropping!
Better(?) solution
User
nonce
h=MAC(
Server
, nonce)
A single-bit difference in the scanned fingerprint
results in a failed authentication!
Authentication using biometrics
 There exist techniques for secure authentication
using biometric data
– Resilient to error!
– Establish random, shared key
 An active research area…
Address-based authentication
 Is sometimes used
 Generally not very secure
– Relatively easy to forge source addresses of network
packets
 But can be useful if the adversary does not know
what IP address to forge
– E.g., IP address of a user’s home computer
Location-based authentication
 Not authenticating a specific entity, but rather
authenticating that an entity is in some location
 More interest lately, as computation becomes more
ubiquitous
– E.g., re-authentication if laptop moves