information system security Đại học quốc gia tphcm – Đại học bách khoa khoa khoa...
TRANSCRIPT
Information System Security
Đại học Quốc Gia TPHCM – Đại học Bách KhoaKhoa Khoa học và Kỹ thuật Máy Tính
Information System Security
Đại học Quốc Gia TPHCM – Đại học Bách KhoaKhoa Khoa học và Kỹ thuật Máy Tính
Thành viên :
Huỳnh Lưu Triết 50702593
Nguyễn Hoàng Tùng 50702853
Information System Security
Something you know
Something you have
Something you are
Information System Security
: Password
: Smartcard
: Fingerprint, Iris Scan
Identification
Authentication
Information System Security
~ Who is someone ?
~ Is something genuine ?
Something you know
Something you have
Something you are
Information System Security
Information System Security
Password
Group A Group B Group C
>= 6 characters Passphrases 8 randomly characters
Password verification
Other password issues
Information System Security
Information System Security
Password verification Compare with the correct password
Password x y = h(x) store y verify z h(z) compare h(z) with y
Crack : Trudy has “dictionary” h(x0,x1,…xN-
1) compare each with y
Salt value (s) y = h(x, s) store (s, y) verify z h(z, s) compare h(z, s) with y from (s, y)
Other password issues
Information System Security
Social engineering
Keystroke logging software and spyware
Number password
Cracking tools
Something you know
Something you have
Something you are
Information System Security
Information System Security
Like credit card, includes a small amount of memory and computing resources
Something you know
Something you have
Something you are
Information System Security
Types of errors
Biometric examples
Biometric error rates
Biometric conclusions
Information System Security
Types of errors
Fraud rate
Insult rate
Information System Security
Types of errors
Information System Security
Alice
Fraud rate
Types of errors
Information System Security
Not Alice
Insult rate
Biometrics ExamplesFingerprints
Information System Security
- Used in ancient China- 1798, J. C. Mayer fingerprints may unique- 1823, Purkinje nine “fingerprint patterns”- 1883, Mark Twain “Life on the Mississippi”- 1892, Sir Francis Galton “minutia” systems
Biometric examples Fingerprints
Information System Security
Biometric examples Hand geometry
Information System Security
- The width and length of the hand and fingers- Hand geometry is easy and quick to measure
Biometric examples Hand geometry
Information System Security
Biometric examples Iris scan
Information System Security
- The best for authentication- 1936, Frank Burch suggest using it- The 1980s, resurfaced in James Bond films- 1994, John Daugman - a researcher at Cambridge University, patented iris scan- A black and white photo of the eye transform a 256-byte (2048 bit) “iris code”
Biometric examples Iris scan
Information System Security
- Alice : x ; iris scan stored : y- d(x, y) = non-match bits/bits compared.- d(x, y), same is 0.08 and difference is 0.50- A match : d (x, y) <= 0.32- How to attack ?- Picture of Alice How to prevent ???
Biometric examples Iris scan
Information System Security
Biometric error rates Fraud rate = Insult rate Fingerprints (5%) Hand geometry (0.1%) Iris scan (0.001%)
Information System Security
Biometric conclusions
Difficult to attack Expensive
Information System Security
Information System Security
Difficult to attack ~ Expensive Attack :
Biometrics < Smartcard < Password Cost :
Password < Smartcard < Biometrics
AUTHENTICATION PROTOCOLSAUTHENTICATION PROTOCOLS
I. SIMPLE AUTHENTICATION PROTOCOLS
II. REAL-WORLD SECURITY PROTOCOLS
Information System Security
SIMPLE SIMPLE AUTHENTICATIONPROTOCOLSAUTHENTICATIONPROTOCOLS
1. Introduction2. Simple Security Protocols3. Authentication Protocols Authentication Using Symmetric
Keys Session Keys Timestamps
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
1. Introduction
What is Protocol? Security Protocol? Differences between Authentication
Method and Authentication Protocol A seemingly innocuous change can
make a significant difference in a protocol
Security protocol must meet the specified security requirements
Information System Security
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
2.Simple Security Protocols Entering into a secure facility, such
as the National SecurityAgency Withdraw money from an ATM
machine Identify Friend or Foe, or IFF
Information System Security
Identify Friend or Foe, or IFF
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocols
◦Efficient?Trudy can later replay the messagesAlice’s password is sent in the clearBob must know Alice’s password
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
How to solve?
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocols
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Authentication Using Symmetric Keys
Encrypting plaintext P with key K to obtain ciphertext C is C = E(P,K)
Decrypting ciphertext C with key K to recover the plaintext P is P = D(C,K).
Alice and Bob share symmetric key KAB
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Authentication Using Symmetric
Keys
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Authentication Using Symmetric
Keys
Is subject to a man-in-the-middle attacks.
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Authentication Using Symmetric Keys
Man in the Middle
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Authentication Using Symmetric Keys Conclusion: One-way authentication protocol may
not be secure for mutual Authentication.
Protocols and attacks on protocols can be subtle.
“Obvious” changes to protocols can raise serious security issues
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Authentication Using Symmetric Keys
Lesson: Don’t have the two sides do exactly the same
thing Small changes to a protocol can result in big
changes in security
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Session Keys Encrypt data within each connection Limits the data encrypted with one particular
key Limits the damage if one session key is
compromised Used for confidentiality or integrity protection.
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Session Keys
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Session Keys
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Session Keys
Sign and Encrypt Mutual Authentication
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol Session Keys
Is Sign and Encrypt Mutual Authentication better?
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol TimeStamp Contains the current time Timestamp can be used in place of a nonce Benefit: don’t need to waste any messages exchanging nonces
Used in many real-world security protocols, such as Kerberos
Timestamps create some security concerns
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol TimeStamp
Reduced the number of messages by a third Using timestamp with the sign and encrypt is secure
What about encrypt and sign?
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3.Authentication Protocol TimeStamp
Unfortunately, the protocol is subject to attack
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
3. Authentication Protocol TimeStamp
Timestamp with the sign and encrypt is secure
Timestamp with encrypt and sign is not So we can never take anything for granted
SIMPLE AUTHENTICATION SIMPLE AUTHENTICATION PROTOCOLSPROTOCOLS
Information System Security
Information System Security
REAL-WORLD SECURITY PROTOCOLS
KERBEROS
Kerberized Login Kerberos Ticket Kerberos Security
Information System Security
REAL-WORLD SECURITY PROTOCOLS
KERBEROS An authentication system that uses
symmetric key cryptography Designed for smaller scale use, such as on
a local area network With N users:Public key cryptography: requires N key
pairs Symmetric keys: requires N2 keysKerberos: requires N keys
Information System Security
REAL-WORLD SECURITY PROTOCOLS
KERBEROS• Relying on a trusted third party, or TTP.• Employs a Key Distribution Center, or KDC, that
acts as the TTP• The KDC has a master key KKDC, known only to
the KDC• KDC issues various types of tickets: Ticket-
Granting Ticket, or TGT• TGT is encrypted with KKDC sending to the
recipient• TGT can only be read by the KDC
Information System Security
REAL-WORLD SECURITY PROTOCOLS
KERBEROSKerberized Login
TGT = E(“Alice”,SA;KKDC).
Information System Security
REAL-WORLD SECURITY PROTOCOLS
KERBEROSKerberos Ticket
REQUEST = (TGT, authenticator) authenticator = E(timestamp,SA)
REPLY = E(“Bob”,KAB, ticket to Bob; SA)
ticket to Bob = E(“Alice”,KAB;KB)
Information System Security
REAL-WORLD SECURITY PROTOCOLS
KERBEROSKerberos Security Minor Flaw: KDC sends E(SA,TGT;KA) ,
Where TGT = E(“Alice”,SA;KKDC). KDC does not need to know who is making
the REQUEST why is “ticket to Bob” sent to Alice? how does Kerberos prevent replay attacks?
Information System Security
Information System Security