CIS 433/533 - Computer and Network Security Authentication

Size: px
Start display at page:

Download "CIS 433/533 - Computer and Network Security Authentication"

Transcription

1 CIS 433/533 - Computer and Network Security Authentication Professor Butler Winter 2011 Computer and Information Science

2 What is Authentication? Short answer: establishes identity Answers the question: To whom am I speaking? Long answer: evaluates the authenticity of identity proving credentials Credential is proof of identity Evaluation process that assesses the correctness of the association between credential and claimed identity for some purpose under some policy (what constitutes a good cred.?) 2

3 Why authentication? Well, we live in a world of rights, permissions, and duties? Authentication establishes our identity so that we can obtain the set of rights E.g., we establish our identity with Tiffany s by providing a valid credit card which gives us rights to purchase goods ~ physical authentication system Q: How does this relate to security? 3

4 Why authentication? (cont.) Same in online world, just different constraints Vendor/customer are not physically co-located, so we must find other ways of providing identity e.g., by providing credit card number ~ electronic authentication system Risks (for customer and vendor) are different Q: How so? Computer security is crucially dependent on the proper design, management, and application of authentication systems. 4

5 What is Identity? That which gives you access which is largely determined by context We all have lots of identities Pseudo-identities Really, determined by who is evaluating credential Driver s License, Passport, SSN prove Credit cards prove Signature proves Password proves Voice proves Exercise: Give an example of bad mapping between identity and the purpose for which it was used. 5

6 Credentials are evidence used to prove identity Credentials can be Something I am Something I have Something I know 6

7 Something you know Passport number, mothers maiden name, last 4 digits of your social security, credit card number Passwords and pass-phrases Note: passwords are generally pretty weak University of Michigan: 5% of passwords were goblue Passwords used in more than one place Not just because bad ones selected: If you can remember it, then a computer can guess it Computers can often guess very quickly Easy to mount offline attacks Easy countermeasures for online attacks 7

8 Something you have Tokens (transponders, ) Speedpass, EZ-pass SecureID Smartcards Unpowered processors Small NV storage Tamper resistant Digital Certificates (used by Websites to authenticate themselves to customers) More on this later 8

9 Something you are Biometrics measure some physical characteristic Fingerprint, face recognition, retina scanners, voice, signature, DNA Can be extremely accurate and fast Active biometrics authenticate Passive biometrics recognize Issues with biometrics? Revocation lost fingerprint? fuzzy credential, e.g., your face changes based on mood... Great for physical security, not feasible for on-line systems 9

10 Web Authentication Authentication is a bi-directional process Client Server Mutual authentication Several standard authentication tools Basic (client) Digest (client) Secure Socket Layer (server, mutual) Cookies (indirect, persistent) Q: Are cookies good credentials? 10

11 How Basic Authentication Works CLIENT GET /protected/index.html HTTP/1.0 CLIENT HTTP/ Unauthorized WWW-Authenticate: Basic realm= Private GET /protected/index.html HTTP/1.0 Authorization: Basic JA87JKAs3NbBDs CLIENT 11

12 Setting up Basic auth in Apache File in directory to protect (.htacess)!!authtype Basic!!AuthName Kevin s directories (User ID=butler)"!!AuthUserFile /usr/butler/www-etc/.htpw1!!authgroupfile /dev/null!!require valid-user In /usr/butler/www-etc/.htpw1!! butler:l7fwweqjyzmno generated using htpasswd program Can use different.htaccess files for different directories 12

13 Basic Authentication Problems Passwords easy to intercept Passwords easy to guess Just base-64 encoded Passwords easy to share No server authentication Easy to fool client into sending password to malicious server One intercepted password gives eavesdropper access to many documents 13

14 Digest Authentication CLIENT CLIENT GET /protected/index.html HTTP/1.1 HTTP/ Unauthorized WWW-Authenticate: Digest realm= Private nonce= 98bdc1f9f017.. GET /protected/index.html HTTP/1.1 Authorization: Digest username= lstein realm= Private nonce= 98bdc1f9f017.. response= 5ccc069c4.. CLIENT 14

15 Challenge and Response Challenge ( nonce ): any changing string e.g. MD5(IP address:timestamp:server secret) Response: challenge hashed with user s name & password MD5(MD5(name:realm:password):nonce:MD5(request)) Server-specific implementation options One-time nonces Time-stamped nonces Method authentication digests 15

16 Advantages of Digest over Basic Cleartext password never transmitted across network Cleartext password never stored on server Replay attacks difficult Intercepted response only valid for a single URL Shared disadvantages Vulnerable to man-in-the-middle attacks Document itself can be sniffed 16

17 Password Attacks Use of passwords in, for example, Kerberos is susceptible to offline cracking Process: User enters password for Kerberized client Request (w/o password) forwarded to KDC Response is encrypted in key derived from user s passwd Client generates key from password for decryption Attack: If you know what the message should say, you can guess and test passwords PSU: we did this, recovered 35% of CSE passwds Can also spoof logins to recover passwds 17

18 Password Attacks Dictionary attack Users not so good at picking high-entropy passwords Gawker: password qwerty 498 abc monkey consumer 376 letmein dragon 307 trustno1 Rainbow Table precomputed hash values: big 18

19 A petard... The rule of seven plus or minus two. George Miller observed in 1956 that most humans can remember about 5-9 things more or less at once. Thus is a kind of maximal entropy that one can hold in your head. This limits the complexity of the passwords you can securely use, i.e., not write on a sheet of paper. A perfectly random 8-bit password has less entropy than a 56-bit key. Implication? 19

20 A question? Is there going to come a day where all passwords are useless? Suppose I can remember 16 bytes of entropy (possible?) Won t there come a day when all passwords are useless? Moore s law and its corollaries? 20

21 Answer: no Nope, you just need to make the process of checking passwords more expensive. For example, you can repeat the salted hash many times... Linear cost speedup? 21

22 Kerberos History: from UNIX to Networks (late 80s) Solves: password eavesdropping Online authentication Variant of Needham-Schroeder protocol Easy application integration API First single sign-on system (SSO) Genesis: rsh, rcp authentication via assertion Most widely used (non-web) centralized password system in existence (and lately only...) Now: part of Windows 2K/XP/Vista network authentication 22

23 An aside Authentication Assessing identity of users By using credentials Authorization Determining if users have the right to perform requested action (e.g., write a file, query a database, etc.) Kerberos authenticates users, but does not perform any authorization functions beyond identify user as part of Realm Typically done by application. Q: Do you use any Kerberized programs? How do you know? 23

24 The setup The players Principal - person being authenticated Service (verifier) - entity requiring authentication (e.g, AFS) Key Distribution Center (KDC) Trusted third party for key distribution Each principal and service has a Kerberos password known to KDC, which is munged to make a password key, e.g., k A Ticket granting server Server granting transient authentication The objectives Authenticate Alice (Principal) to Bob (Service) Negotiate a symmetric (secret) session key k AB 24

25 The protocol A two-phase process 1. User authentication/obtain session key (and ticket granting ticket) key from Key Distribution Center 2. Authenticate Service/obtain session key for communication with service Setup Every user and service get certified and assigns password 25

26 A Kerberos Ticket A Kerberos ticket is a token where Alice is the only one that can open it Contains a session key for Alice/Bob (K AB ) Contains inside it a token that can only be opened by Bob Bob s Ticket contains Alice s identity The session key (K AB ) Ticket (K AB ) Ticket (K AB ) Locked by K B Locked by K A Q: What if issuing service is not trusted? 26

27 The protocol (obtaining a TGT) Time exp - time of expiration n - nonce (random, one-use value: e.g., timestamp) 1 [A,TGS,Time exp,n] Alice 2 KDC E(k A,[k A,TGS,TGS,Time exp,n]),e(k TGS,[A, k A,TGS, Time exp ],) TGT 27

28 The protocol (performing authentication) [B,Time exp,n,e(k A,TGS,[B,Time exp,n])], E(K TGS,[A,k A,TGS,Time exp ])] Alice 1 2 TGS 3 E(k A,TGS,[k A,B,B,Time exp,n]), E(k B,[A,k A,B,Time exp ]) E(k B,[A,k A,B,Time exp ]), E(k A,B,[A,Time exp,n]) Bob Authenticator 28

29 Cross-Realm Kerberos Extend philosophy to more servers Obtain ticket from TGS for foreign Realm Supply to TGS of foreign Realm Rinse and repeat as necessary UW Oregon Stanford OSU UCB There is no problem so hard in computer science that it cannot be solved by another layer of indirection. David Wheeler, Cambridge University (circa 1950) 29

30 Kerberos Reality V4 was supposed to be replaced by V5 But wasn t because interface was ugly, complicated, and encoding was infuriating Assumes trusted path between user and Kerberos Widely used in UNIX domains Robust and stable implementation Problem: trust ain t transitive, so not so good for large collections of autonomous enterprises 30

31 Meeting Someone New Anywhere in the Internet 31

32 What is a certificate? A certificate makes an association between a user identity/job/ attribute and a private key contains public key information {e,n} has a validity period is signed by some certificate authority (CA)... identity may have been vetted by a registration authority (RA) Issued by CA for some purpose Verisign is in the business of issuing certificates People trust Verisign to vet identity 32

33 What is a certificate? A certificate makes an association between a user identity/job/ attribute and a private key contains public key information {e,n} has a validity period is signed by some certificate authority (CA)... identity may have been vetted by a registration authority (RA) Issued by CA for some purpose Verisign is in the business of issuing certificates People trust Verisign to vet identity 32

34 Why do I trust the certificate? A collections of root CA certificates baked into your browser vetted by the browser manufacturer supposedly closely guarded (yeah, right) Root certificates used to validate certificate Vouches for certificate s authenticity CA (signs) Certificate Signature 33

35 Public Key Infrastructure System to securely distribute public keys (certificates) Q: Why is that hard? Terminology: Alice signs a certificate for Bob s name and key Alice is issuer, and Bob is subject Alice wants to find a path to Bob s key Alice is verifier, and Bob is target Anything that has a public key is a principal Anything trusted to sign certificates is a trust anchor Its certificate is a root certificate 34

36 What is a PKI? Rooted tree of CAs Cascading issuance Root Any CA can issue cert CAs issue certs for children CA1 CA2 CA3 CA11 CA12 CA1n CA21 CA31 Cert11a Cert11b Cert11c 35

37 Certificate Validation Root CA1 CA2 CA3 Certificate Signature CA11 CA12 CA1n CA21 CA22 Cert11a Cert11b Cert11c 36

38 Certificate Validation Root CA1 CA2 CA3 Certificate Signature CA11 CA12 CA1n CA21 CA22 Cert11a Cert11b Cert11c 36

39 Certificate Validation Root CA1 CA2 CA3 Certificate Signature CA11 CA12 CA1n CA21 CA22 Cert11a Cert11b Cert11c 36

40 PKI and Revocation Certificate may be revoked before expiration Lost private key Compromised Owner no longer authorized Revocation is hard The anti-matter problem Verifiers need to check revocation state Loses the advantage of off-line verification Revocation state must be authenticated 37

41 PKI (Circa 2009/2010) Verisign Web.com Google.com Amazon.com... x.com 38

42 10 Risks of PKI This is an overview of one of many perspectives of PKI technologies PKI was, like many security technologies, claimed to be a panacea It was intended to solve a very hard problem: build trust on a global level Running a CA -- license to print money Basic premise: Assertion #1 - e-commerce does not need PKI Assertion #2 - PKI needs e-commerce Really talking about a full PKI (everyone has certs.) 39

43 Risk 1 - Who do we trust, and for what? Argument: CA is not inherently trustworthy Why do/should you trust a CA? In reality, they defer all legal liability for running a bad CA Risk in the hands of the certificate holder Counter-Argument: Incentives Any CA caught misbehaving is going to be out of business tomorrow This scenario is much worse than getting sued Risk held by everybody, which is what you want Everyone has reason to be diligent 40

44 Risk 2 - Who is using my key? Argument: key is basically insecure Your key is vulnerable, deal with it In some places, you are being held responsible after a compromise Counter-Argument: this is the price of technology You have to accept some responsibility in order to get benefit Will encourage people to use only safe technology Q: what would happen if same law applied to VISA? 41

45 Aside: TEMPEST Transient Electromagnetic Pulse Surveillance Technology Monitor EMF emanations to reconstruct signal For example, a video monitor normally exist at around MHz, and can be picked up as far as one kilometer away.... or by a guy in a van across the street, e.g., steal private key. Generally, this is the domain of spy/national security issues Much classified work on signal eavesdropping and prevention 42

46 Risk 3 - How secure is the verif(ier)? Argument: the computer that verifies your credential is fundamentally vulnerable Everything is based on the legitimacy of the verifier root public key (integrity of certificate files) Browsers transparently use certificates Counter-Argument: this is the price of technology You have to accept some risk in order to get benefit Will encourage people to use only safe technology Q: What s in your browser? 43

47 Risk 4 - Which John Robinson is he? Argument: identity in PKI is really too loosely defined No standards for getting credential No publicly known unique identifiers for people So, how do you tell people apart Think about Microsoft certificate Counter-Argument: due diligence Only use certificates in well known circumstances When in doubt, use other channels to help Q: Is this true of other valued items (checks?) 44

48 Risk 5 - Is the CA an authority? Argument: there are things in certificates that claim authenticity and authorization of which they have no dominion rights (such as the right to perform SSL) - this confuses authorization authority with authentication authority DNS, attributes -- the CA is not the arbiter of these things Counter-Argument: this is OK, because it is part of the implicit charge we give our CA -- we implicitly accept the CA as authority in several domains 45

49 Risks 6 and 7 6 : Is the user part of the design? Argument: too many things hidden in use, user has no ability to affect or see what is going on Ex.: Hosted website has cert. of host(er), not page Counter-Argument: too sophisticated for user to understand 7 : Was it one CA or CA+RA? Argument: separation of registration from issuance allows forgery e.g., RA handles vetting, CA makes certificates, so, you better have good binding between these entities or bad things can happen Counter-Argument: this is an artifact of organization, only a problem when CA is bad (you are doomed anyway) 46

50 Risks 8 and 9 8 : How was the user authenticated? Argument: CAs do not have good information to work with, so real identification is poor (as VISA) Counter-Argument: It has worked well in the physical work, why not here? 9 : How secure are the certificate practices? Argument: people don t use them correctly, and don t know the implications of what they do use Point in fact: revocation and expiration are largely ignored in real system deployments Counter-Argument: most are pretty good now, probably won t burn us anytime soon 47

51 Risk 9 - How secure cert. practices? Argument: certificates have to be used properly to be secure Everything is based on the legitimacy of the verifier root public key, protection of its key Lifetime & revocation have to be done Counter-Argument: this is the price of technology You have to accept some risk in order to get benefit Will encourage people to use only safe technology Q: What s in your browser? 48

52 Risk 10 - Why are we using PKI? Argument: We are trying to solve a painful problem: authenticating users. However, certificates don t really solve the problem, just give you another tool to implement it Hence, it is not a panacea Not delivered on its promises Counter-argument? 49

Module: Authentication. Professor Trent Jaeger Fall 2010. CSE543 - Introduction to Computer and Network Security

Module: Authentication. Professor Trent Jaeger Fall 2010. CSE543 - Introduction to Computer and Network Security CSE543 - Introduction to Computer and Network Security Module: Authentication Professor Trent Jaeger Fall 2010 1 What is Authentication? Short answer: establishes identity Answers the question: To whom

More information

CS 6262 - Network Security: Public Key Infrastructure

CS 6262 - Network Security: Public Key Infrastructure CS 6262 - Network Security: Public Key Infrastructure Professor Patrick Traynor Fall 2011 Meeting Someone New 2 What is a certificate? A certificate makes an association between a user identity/job/ attribute

More information

CS 6262 - Network Security: Public Key Infrastructure

CS 6262 - Network Security: Public Key Infrastructure CS 6262 - Network Security: Public Key Infrastructure Professor Patrick Traynor 1/30/13 Meeting Someone New 2 What is a certificate? A certificate makes an association between a user identity/job/ attribute

More information

CSE543 - Introduction to Computer and Network Security. Module: Public Key Infrastructure

CSE543 - Introduction to Computer and Network Security. Module: Public Key Infrastructure CSE543 - Introduction to Computer and Network Security Module: Public Key Infrastructure Professor Trent Jaeger 1 Meeting Someone New Anywhere in the Internet 2 What is a certificate? A certificate makes

More information

CSC574 - Computer and Network Security Module: Public Key Infrastructure

CSC574 - Computer and Network Security Module: Public Key Infrastructure CSC574 - Computer and Network Security Module: Public Key Infrastructure Prof. William Enck Spring 2013 1 Meeting Someone New Anywhere in the Internet 2 What is a certificate? A certificate makes an association

More information

A presentation on. CCIS Northeastern University

A presentation on. CCIS Northeastern University A presentation on Guided by Riccardo Pucella Assistant Prof. University Presented by Harsha Suleballe Jagadish Introduction The Certificate Components of a PKI PKI examples Ten risks of the PKI Sep 2009-Dec

More information

Lecture 10 - Authentication

Lecture 10 - Authentication Lecture 10 - Authentication CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12/ Kerberos: What to know 1) Alice T rent : {Alice + Bob

More information

Lecture 10 - Authentication

Lecture 10 - Authentication CSE497b Introduction to Computer and Network Security - Spring 2007 - Professor Jaeger Lecture 10 - Authentication CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/

More information

Authentication Types. Password-based Authentication. Off-Line Password Guessing

Authentication Types. Password-based Authentication. Off-Line Password Guessing Authentication Types Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4:

More information

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries Chapter 2: Security Techniques Background Secret Key Cryptography Public Key Cryptography Hash Functions Authentication Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application

More information

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008 Contents Authentication and Identity Assurance The Identity Assurance continuum Plain Password Authentication

More information

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn. CSC 490 Special Topics Computer and Network Security Key Management Dr. Xiao Qin Auburn University http://www.eng.auburn.edu/~xqin xqin@auburn.edu Slide 09-1 Overview Key exchange Session vs. interchange

More information

KERBEROS. Kerberos Authentication Service

KERBEROS. Kerberos Authentication Service KERBEROS 1 Kerberos Authentication Service Developed at MIT under Project Athena in mid 1980s Versions 1-3 were for internal use; versions 4 and 5 are being used externally Version 4 has a larger installed

More information

Authentication Applications

Authentication Applications Authentication Applications will consider authentication functions developed to support application-level authentication & digital signatures will consider Kerberos a private-key authentication service

More information

Basic network security threats

Basic network security threats Basic network security threats Packet sniffing Packet forgery (spoofed from address) DNS spoofing wrong IP address for hostname Assume bad guy controls network - Can read all your packets - Can tamper

More information

Authentication Applications

Authentication Applications Authentication Applications CSCI 454/554 Authentication Applications will consider authentication functions developed to support application-level authentication & digital signatures Kerberos a symmetric-key

More information

Authentication. Agenda. IT Security course Lecture April 14 th 2003. Niels Christian Juul 2. April 14th, 2003

Authentication. Agenda. IT Security course Lecture April 14 th 2003. Niels Christian Juul 2. April 14th, 2003 Authentication IT Security course Lecture April 14 th 2003 Niels Christian Juul Computer Science, building 42.1 Roskilde University Universitetsvej 1 P.O. Box 260 DK-4000 Roskilde Denmark Phone: +45 4674

More information

Computer and Network Security. Outline

Computer and Network Security. Outline Computer and Network Security Lecture 10 Certificates and Revocation Outline Key Distribution Certification Authorities Certificate revocation 1 Key Distribution K A, K B E KA ( K AB, E KB (KAB) ) K A

More information

Authentication. Computer Security. Authentication of People. High Quality Key. process of reliably verifying identity verification techniques

Authentication. Computer Security. Authentication of People. High Quality Key. process of reliably verifying identity verification techniques Computer Security process of reliably verifying identity verification techniques what you know (eg., passwords, crypto key) what you have (eg., keycards, embedded crypto) what you are (eg., biometric information)

More information

Network Security: Public Key Infrastructure. Key Distribution - Secret Keys. Key Distribution - Secret Keys

Network Security: Public Key Infrastructure. Key Distribution - Secret Keys. Key Distribution - Secret Keys Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security Slides adapted from Radia Perlman s slides Key Distribution - Secret Keys What if

More information

SSL/TLS: The Ugly Truth

SSL/TLS: The Ugly Truth SSL/TLS: The Ugly Truth Examining the flaws in SSL/TLS protocols, and the use of certificate authorities. Adrian Hayter CNS Hut 3 Team adrian.hayter@cnsuk.co.uk Contents Introduction to SSL/TLS Cryptography

More information

CSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity

CSC 474 -- Network Security. User Authentication Basics. Authentication and Identity. What is identity? Authentication: verify a user s identity CSC 474 -- Network Security Topic 6.2 User Authentication CSC 474 Dr. Peng Ning 1 User Authentication Basics CSC 474 Dr. Peng Ning 2 Authentication and Identity What is identity? which characteristics

More information

Authentication Application

Authentication Application Authentication Application KERBEROS In an open distributed environment servers to be able to restrict access to authorized users to be able to authenticate requests for service a workstation cannot be

More information

ARCHIVED PUBLICATION

ARCHIVED PUBLICATION ARCHIVED PUBLICATION The attached publication, NIST Special Publication 800-63 Version 1.0.2 (dated April 2006), has been superseded and is provided here only for historical purposes. For the most current

More information

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

More information

Chapter 4. Authentication Applications. COSC 490 Network Security Annie Lu 1

Chapter 4. Authentication Applications. COSC 490 Network Security Annie Lu 1 Chapter 4 Authentication Applications COSC 490 Network Security Annie Lu 1 OUTLINE Kerberos X.509 Authentication Service COSC 490 Network Security Annie Lu 2 Authentication Applications authentication

More information

Authentication CSC 790 WAKE FOREST. U N I V E R S I T Y Department of Computer Science. Fall 2015

Authentication CSC 790 WAKE FOREST. U N I V E R S I T Y Department of Computer Science. Fall 2015 Authentication CSC 790 WAKE FOREST U N I V E R S I T Y Department of Computer Science Fall 2015 What is authentication? Simple answer: establishes identity Answers the question: to whom am I speaking?

More information

Key Management (Distribution and Certification) (1)

Key Management (Distribution and Certification) (1) Key Management (Distribution and Certification) (1) Remaining problem of the public key approach: How to ensure that the public key received is really the one of the sender? Illustration of the problem

More information

Public Key Infrastructure

Public Key Infrastructure UT DALLAS Erik Jonsson School of Engineering & Computer Science Public Key Infrastructure Murat Kantarcioglu What is PKI How to ensure the authenticity of public keys How can Alice be sure that Bob s purported

More information

Computer Systems Security 2013/2014. Single Sign-On. Bruno Maia ei09095@fe.up.pt. Pedro Borges ei09063@fe.up.pt

Computer Systems Security 2013/2014. Single Sign-On. Bruno Maia ei09095@fe.up.pt. Pedro Borges ei09063@fe.up.pt Computer Systems Security 2013/2014 Single Sign-On Bruno Maia ei09095@fe.up.pt Pedro Borges ei09063@fe.up.pt December 13, 2013 Contents 1 Introduction 2 2 Explanation of SSO systems 2 2.1 OpenID.................................

More information

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Secure Sockets Layer (SSL) / Transport Layer Security (TLS) Brad Karp UCL Computer Science CS GZ03 / M030 19 th November 2014 What Problems Do SSL/TLS Solve? Two parties, client and server, not previously

More information

Kerberos and Single Sign-On with HTTP

Kerberos and Single Sign-On with HTTP Kerberos and Single Sign-On with HTTP Joe Orton Red Hat Introduction The Problem Current Solutions Future Solutions Conclusion Overview Introduction WebDAV: common complaint of poor support for authentication

More information

Basic network security threats

Basic network security threats Basic network security threats Packet sniffing Packet forgery (spoofed from address) DNS spoofing wrong IP address for hostname Assume bad guy controls network - Can read all your packets - Can tamper

More information

Is your data safe out there? -A white Paper on Online Security

Is your data safe out there? -A white Paper on Online Security Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects

More information

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn Web Payment Security A discussion of methods providing secure communication on the Internet Group Members: Peter Heighton Zhao Huang Shahid Kahn 1. Introduction Within this report the methods taken to

More information

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Using etoken for SSL Web Authentication. SSL V3.0 Overview Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents

More information

KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE. Mihir Bellare UCSD 1

KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE. Mihir Bellare UCSD 1 KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE Mihir Bellare UCSD 1 The public key setting Alice M D sk[a] (C) Bob pk[a] C C $ E pk[a] (M) σ $ S sk[a] (M) M, σ Vpk[A] (M, σ) Bob can: send encrypted data

More information

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution.

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution. Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution. 1 Opening quote. 2 The topics of cryptographic key management

More information

Introduction to Network Security Key Management and Distribution

Introduction to Network Security Key Management and Distribution Introduction to Network Security Key Management and Distribution Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology cetinkayae@mst.edu http://web.mst.edu/~cetinkayae/teaching/cpe5420fall2015

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 9: Authentication protocols, digital signatures Ion Petre Department of IT, Åbo Akademi University 1 Overview of

More information

Key Management and Distribution

Key Management and Distribution Key Management and Distribution Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-11/

More information

Chapter 16: Authentication in Distributed System

Chapter 16: Authentication in Distributed System Chapter 16: Authentication in Distributed System Ajay Kshemkalyani and Mukesh Singhal Distributed Computing: Principles, Algorithms, and Systems Cambridge University Press A. Kshemkalyani and M. Singhal

More information

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 10 Authentication and Account Management Objectives Describe the three types of authentication credentials Explain what single sign-on

More information

IceWarp Server - SSO (Single Sign-On)

IceWarp Server - SSO (Single Sign-On) IceWarp Server - SSO (Single Sign-On) Probably the most difficult task for me is to explain the new SSO feature of IceWarp Server. The reason for this is that I have only little knowledge about it and

More information

TOPIC HIERARCHY. Distributed Environment. Security. Kerberos

TOPIC HIERARCHY. Distributed Environment. Security. Kerberos KERBEROS TOPIC HIERARCHY Distributed Environment Security Privacy Authentication Authorization Non Repudiation Kerberos ORIGIN MIT developed Kerberos to protect network services. Developed under the Project

More information

CSE331: Introduction to Networks and Security. Lecture 29 Fall 2006

CSE331: Introduction to Networks and Security. Lecture 29 Fall 2006 CSE331: Introduction to Networks and Security Lecture 29 Fall 2006 Announcements Project 3 is due Today Can submit electronically (mail savi@seas) By midnight Project 4 will be on the web this afternoon

More information

Federated Identity and Single-Sign On

Federated Identity and Single-Sign On CS 6393 Lecture 5 Federated Identity and Single-Sign On Prof. Ravi Sandhu Executive Director and Endowed Chair February 15, 2013 ravi.sandhu@utsa.edu www.profsandhu.com Ravi Sandhu 1 The Web Today User

More information

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Understanding Digital Certificates and Secure Sockets Layer (SSL) Understanding Digital Certificates and Secure Sockets Layer (SSL) Author: Peter Robinson January 2001 Version 1.1 Copyright 2001-2003 Entrust. All rights reserved. Digital Certificates What are they?

More information

Client Server Registration Protocol

Client Server Registration Protocol Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are

More information

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0 Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust

More information

Security Issues in Web Programming. Robert M. Dondero, Ph.D. Princeton University

Security Issues in Web Programming. Robert M. Dondero, Ph.D. Princeton University Security Issues in Web Programming Robert M. Dondero, Ph.D. Princeton University 1 Objectives You will learn about: Authentication and authorization Secure storage of usernames and passwords Secure data

More information

Chapter 9 Key Management 9.1 Distribution of Public Keys 9.1.1 Public Announcement of Public Keys 9.1.2 Publicly Available Directory

Chapter 9 Key Management 9.1 Distribution of Public Keys 9.1.1 Public Announcement of Public Keys 9.1.2 Publicly Available Directory There are actually two distinct aspects to the use of public-key encryption in this regard: The distribution of public keys. The use of public-key encryption to distribute secret keys. 9.1 Distribution

More information

Security Digital Certificate Manager

Security Digital Certificate Manager System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure

More information

Kerberos. Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530 520 BC. From Italy (?).

Kerberos. Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530 520 BC. From Italy (?). Kerberos Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530 520 BC. From Italy (?). 1 Kerberos Kerberos is an authentication protocol and a software suite implementing this

More information

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public

More information

Leverage Active Directory with Kerberos to Eliminate HTTP Password

Leverage Active Directory with Kerberos to Eliminate HTTP Password Leverage Active Directory with Kerberos to Eliminate HTTP Password PistolStar, Inc. PO Box 1226 Amherst, NH 03031 USA Phone: 603.547.1200 Fax: 603.546.2309 E-mail: salesteam@pistolstar.com Website: www.pistolstar.com

More information

The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions

The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions May 3, 2004 TABLE OF CONTENTS GENERAL PKI QUESTIONS... 1 1. What is PKI?...1 2. What functionality is provided by a

More information

Network Security: Public Key Infrastructure

Network Security: Public Key Infrastructure Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu CSG254: Network Security Slides adapted from Radia Perlman s slides Key Distribution - Secret Keys

More information

Using Entrust certificates with VPN

Using Entrust certificates with VPN Entrust Managed Services PKI Using Entrust certificates with VPN Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust is a trademark or a registered trademark

More information

CS 4803 Computer and Network Security

CS 4803 Computer and Network Security Many-to-Many Authentication CS 4803 Computer and Network Security s? Servers Alexandra (Sasha) Boldyreva Kerberos How do users prove their identities when requesting services from machines on the network?

More information

Transport Layer Security Protocols

Transport Layer Security Protocols SSL/TLS 1 Transport Layer Security Protocols Secure Socket Layer (SSL) Originally designed to by Netscape to secure HTTP Version 2 is being replaced by version 3 Subsequently became Internet Standard known

More information

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Module 8. Network Security. Version 2 CSE IIT, Kharagpur Module 8 Network Security Lesson 2 Secured Communication Specific Instructional Objectives On completion of this lesson, the student will be able to: State various services needed for secured communication

More information

Web Security. Crypto (SSL) Client security Server security 2 / 40. Web Security. SSL Recent Changes in TLS. Protecting the Client.

Web Security. Crypto (SSL) Client security Server security 2 / 40. Web Security. SSL Recent Changes in TLS. Protecting the Client. 1 / 40 Crypto () Client security Server security 2 / 40 Trusting The Server s Client SET The Failure of SET Aside: The SET Root Certificate The Client s Server Who Issues Web Certificates? Mountain America

More information

WHITE PAPER Usher Mobile Identity Platform

WHITE PAPER Usher Mobile Identity Platform WHITE PAPER Usher Mobile Identity Platform Security Architecture For more information, visit Usher.com info@usher.com Toll Free (US ONLY): 1 888.656.4464 Direct Dial: 703.848.8710 Table of contents Introduction

More information

Network Security Protocols

Network Security Protocols Network Security Protocols EE657 Parallel Processing Fall 2000 Peachawat Peachavanish Level of Implementation Internet Layer Security Ex. IP Security Protocol (IPSEC) Host-to-Host Basis, No Packets Discrimination

More information

Security: Focus of Control. Authentication

Security: Focus of Control. Authentication Security: Focus of Control Three approaches for protection against security threats a) Protection against invalid operations b) Protection against unauthorized invocations c) Protection against unauthorized

More information

Lecture 13. Public Key Distribution (certification) PK-based Needham-Schroeder TTP. 3. [N a, A] PKb 6. [N a, N b ] PKa. 7.

Lecture 13. Public Key Distribution (certification) PK-based Needham-Schroeder TTP. 3. [N a, A] PKb 6. [N a, N b ] PKa. 7. Lecture 13 Public Key Distribution (certification) 1 PK-based Needham-Schroeder TTP 1. A, B 4. B, A 2. {PKb, B}SKT B}SKs 5. {PK a, A} SKT SKs A 3. [N a, A] PKb 6. [N a, N b ] PKa 7. [N b ] PKb B Here,

More information

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication Security+ Guide to Network Security Fundamentals, Third Edition Chapter 8 Authentication Objectives Define authentication Describe the different types of authentication credentials List and explain the

More information

Institute of Computer Technology - Vienna University of Technology. L96 - SSL, PGP, Kerberos

Institute of Computer Technology - Vienna University of Technology. L96 - SSL, PGP, Kerberos SSL, PGP, Kerberos Secure Socket Layer (Web Security), Pretty Good Privacy (Email Security) and Authentication Agenda SSL PGP Kerberos SSL, PGP, Kerberos, v4.4 2 Page 96-1 SSL versus IPsec Application

More information

Chapter 15 User Authentication

Chapter 15 User Authentication Chapter 15 User Authentication 2015. 04. 06 Jae Woong Joo SeoulTech (woong07@seoultech.ac.kr) Table of Contents 15.1 Remote User-Authentication Principles 15.2 Remote User-Authentication Using Symmetric

More information

Take-home points. Distributed Systems Security II. Remember digital signatures. Today: Auth protocols 15-440

Take-home points. Distributed Systems Security II. Remember digital signatures. Today: Auth protocols 15-440 Distributed Systems Security II 5-440 Take-home points What does using public-key for our authentication buy us? Compare kerberos (needham-schroeder) and SSL with a certificate authority Metrics: Scaling,

More information

Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 15.1

Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 15.1 Chapter 15 Key Management Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 15.1 Symmetric-key Distribution Symmetric-key cryptography is more efficient than asymmetric-key

More information

Security Digital Certificate Manager

Security Digital Certificate Manager IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,

More information

TELE 301 Network Management. Lecture 16: Remote Terminal Services

TELE 301 Network Management. Lecture 16: Remote Terminal Services TELE 301 Network Management Lecture 16: Remote Terminal Services Haibo Zhang Computer Science, University of Otago TELE301 Lecture 16: Remote Terminal Services 1 Today s Focus Remote Terminal Services

More information

White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication

White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication White Paper Preventing Man in the Middle Phishing Attacks with Multi-Factor Authentication Page 1 of 8 Introduction As businesses and consumers grow increasingly reliant on the Internet for conducting

More information

ITL BULLETIN FOR JULY 2012. Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance

ITL BULLETIN FOR JULY 2012. Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance ITL BULLETIN FOR JULY 2012 Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance Paul Turner, Venafi William Polk, Computer Security Division, Information

More information

PASSWORD MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region

PASSWORD MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region PASSWORD MANAGEMENT February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without

More information

Digital certificates and SSL

Digital certificates and SSL Digital certificates and SSL 20 out of 33 rated this helpful Applies to: Exchange Server 2013 Topic Last Modified: 2013-08-26 Secure Sockets Layer (SSL) is a method for securing communications between

More information

Kerberos: An Authentication Service for Computer Networks by Clifford Neuman and Theodore Ts o. Presented by: Smitha Sundareswaran Chi Tsong Su

Kerberos: An Authentication Service for Computer Networks by Clifford Neuman and Theodore Ts o. Presented by: Smitha Sundareswaran Chi Tsong Su Kerberos: An Authentication Service for Computer Networks by Clifford Neuman and Theodore Ts o Presented by: Smitha Sundareswaran Chi Tsong Su Introduction Kerberos: An authentication protocol based on

More information

Overview. Certification Authority. PKI Clients. Registration Authority. Public Key Infrastructure. Public Key Infrastructure

Overview. Certification Authority. PKI Clients. Registration Authority. Public Key Infrastructure. Public Key Infrastructure Public Key Infrastructure Overview Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@csc.lsu.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc4601-07/ Public

More information

SSL A discussion of the Secure Socket Layer

SSL A discussion of the Secure Socket Layer www.harmonysecurity.com info@harmonysecurity.com SSL A discussion of the Secure Socket Layer By Stephen Fewer Contents 1 Introduction 2 2 Encryption Techniques 3 3 Protocol Overview 3 3.1 The SSL Record

More information

Lecture Notes for Advanced Web Security 2015

Lecture Notes for Advanced Web Security 2015 Lecture Notes for Advanced Web Security 2015 Part 6 Web Based Single Sign-On and Access Control Martin Hell 1 Introduction Letting users use information from one website on another website can in many

More information

Why you need secure email

Why you need secure email Why you need secure email WHITE PAPER CONTENTS 1. Executive summary 2. How email works 3. Security threats to your email communications 4. Symmetric and asymmetric encryption 5. Securing your email with

More information

SSL Overview for Resellers

SSL Overview for Resellers Web Security Enterprise Security Identity Verification Services Signing Services SSL Overview for Resellers What We ll Cover Understanding SSL SSL Handshake 101 Market Opportunity for SSL Obtaining an

More information

Key Management and Distribution

Key Management and Distribution Key Management and Distribution Overview Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu udio/video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-14/

More information

Secure Remote Password (SRP) Authentication

Secure Remote Password (SRP) Authentication Secure Remote Password (SRP) Authentication Tom Wu Stanford University tjw@cs.stanford.edu Authentication in General What you are Fingerprints, retinal scans, voiceprints What you have Token cards, smart

More information

The Case For Secure Email

The Case For Secure Email The Case For Secure Email By Erik Kangas, PhD, President, Lux Scientiae, Incorporated http://luxsci.com Contents Section 1: Introduction Section 2: How Email Works Section 3: Security Threats to Your Email

More information

Web Application Entity Session Management using the eid Card Frank Cornelis 03/03/2010. Fedict 2010. All rights reserved

Web Application Entity Session Management using the eid Card Frank Cornelis 03/03/2010. Fedict 2010. All rights reserved Web Application Entity Session Management using the eid Card Frank Cornelis 03/03/2010 Fedict 2010. All rights reserved What is Entity Authentication? Entity authentication is the process whereby one party

More information

Lecture VII : Public Key Infrastructure (PKI)

Lecture VII : Public Key Infrastructure (PKI) Lecture VII : Public Key Infrastructure (PKI) Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University 2 Problems with Public

More information

NIST ITL July 2012 CA Compromise

NIST ITL July 2012 CA Compromise NIST ITL July 2012 CA Compromise Prepared for: Intelligent People paul.turner@venafi.com 1 NIST ITL Bulletin on CA Compromise http://csrc.nist.gov/publications/nistbul/july-2012_itl-bulletin.pdf These

More information

4.2: Kerberos Kerberos V4 Kerberos V5. Chapter 5: Security Concepts for Networks. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme

4.2: Kerberos Kerberos V4 Kerberos V5. Chapter 5: Security Concepts for Networks. Lehrstuhl für Informatik 4 Kommunikation und verteilte Systeme Chapter 2: Security Techniques Background Chapter 3: Security on Network and Transport Layer Chapter 4: Security on the Application Layer Secure Applications Network Authentication Service: Kerberos 4.2:

More information

Server-Assisted Generation of a Strong Secret from a Password

Server-Assisted Generation of a Strong Secret from a Password Server-Assisted Generation of a Strong Secret from a Password Warwick Ford, VeriSign, Inc. (Joint research with Burt Kaliski, RSA Laboratories) Requirement! User who roams between client terminals needs

More information

CHAPTER 5 ACO BASED MOBILE AGENT FOR SECURED KEY MANAGEMENT

CHAPTER 5 ACO BASED MOBILE AGENT FOR SECURED KEY MANAGEMENT 112 CHAPTER 5 ACO BASED MOBILE AGENT FOR SECURED KEY MANAGEMENT 5.1 Related Work Security in ad hoc network becomes a critical issue for the past few decades. Attacks will be avoided by authenticating

More information

Dashlane Security Whitepaper

Dashlane Security Whitepaper Dashlane Security Whitepaper November 2014 Protection of User Data in Dashlane Protection of User Data in Dashlane relies on 3 separate secrets: The User Master Password Never stored locally nor remotely.

More information

PUF Physical Unclonable Functions

PUF Physical Unclonable Functions Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication

More information

What Are Certificates?

What Are Certificates? The Essentials Series: Code-Signing Certificates What Are Certificates? sponsored by by Don Jones W hat Are Certificates?... 1 Digital Certificates and Asymmetric Encryption... 1 Certificates as a Form

More information

CS 392/681 - Computer Security

CS 392/681 - Computer Security CS 392/681 - Computer Security Module 3 Key Exchange Algorithms Nasir Memon Polytechnic University Course Issues HW 3 assigned. Any lab or course issues? Midterm in three weeks. 8/30/04 Module 3 - Key

More information

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security

Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Presented 2009-05-29 by David Strauss Thinking Securely Security is a process, not

More information