SlideShare uma empresa Scribd logo

Ch04-Computer Security

Attaporn Ninsuwan
Attaporn Ninsuwan

Computer Security

Educação
1 de 10
Baixar para ler offline
1 241-427-SV-2-2553-COE-PSU 1 241-427 Computer Security Chapter IV: Authentication Dr. Sangsuree Vasupongayya 241-427-SV-2-2553-COE-PSU 2 Authentication Why? Not need secrecy but must have integrity E.g., the contents of a will do not need to be encrypted but the contents can not be changed. 2 general types Message authentication protecting the integrity of a message validating identity of the originator Entity authentication Verifying an entity 241-427-SV-2-2553-COE-PSU 3 Message Authentication message authentication is concerned with: protecting the integrity of a message (protection from modification) validating identity of originator non-repudiation of origin (dispute resolution) Three alternative methods can be used: message encryption message authentication code (MAC) hash function 241-427-SV-2-2553-COE-PSU 4 Message Encryption message encryption by itself also provides a measure of authentication if symmetric encryption is used then: receiver know sender must have created it since only sender and receiver now key used the content cannot be altered if message has suitable structure, redundancy or a checksum to detect any changes 241-427-SV-2-2553-COE-PSU 5 Message Encryption (cont.) if public-key encryption is used: encryption provides no confidence of sender since anyone potentially knows public-key however if sender signs message using their private-key then encrypts with recipients public key have both secrecy and authentication again need to recognize corrupted messages but at cost of two public-key uses on message 241-427-SV-2-2553-COE-PSU 6 Message Digest
2 241-427-SV-2-2553-COE-PSU 7 Fingerprint vs. Message digest Document and fingerprint Alice put her fingerprint in the will The contents cannot be changed because Eve cannot forge Alice’s fingerprint Alice’s fingerprint in the will can be compared to Alice’s fingerprint on file (safe from change) Document and fingerprint are physically linked Message and message digest create a compressed image of the message use a cryptographic hash function Message and message digest can be unlinked 241-427-SV-2-2553-COE-PSU 8 Hash Functions condenses arbitrary message to fixed size h = H(M) usually assume that the hash function is public and not keyed hash used to detect changes to message can use in various ways with message most often to create a digital signature 241-427-SV-2-2553-COE-PSU 9 Block Ciphers as Hash Functions can use block ciphers as hash functions using H0=0 and zero-pad of final block compute: Hi = EMi [Hi-1] and use final block as the hash value similar to CBC but without a key resulting hash is too small (64-bit) both due to direct birthday attack and to “meet-in-the-middle” attack other variants also susceptible to attack 241-427-SV-2-2553-COE-PSU 10 Hash Algorithms see similarities in the evolution of hash functions & block ciphers increasing power of brute-force attacks leading to evolution in algorithms from DES to AES in block ciphers from MD4 & MD5 to SHA-1 & RIPEMD-160 in hash algorithms likewise tend to use common iterative structure as do block ciphers 241-427-SV-2-2553-COE-PSU 11 MD5 designed by Ronald Rivest (the R in RSA) latest in a series of MD2, MD4 produces a 128-bit hash value until recently was the most widely used hash algorithm in recent times have both brute-force & cryptanalytic concerns specified as Internet standard RFC1321 241-427-SV-2-2553-COE-PSU 12 MD5 Overview 1. pad message so its length is 448 mod 512 2. append a 64-bit length value to message 3. initialise 4-word (128-bit) MD buffer (A,B,C,D) 4. process message in 16-word (512-bit) blocks: using 4 rounds of 16 bit operations on message block & buffer add output to buffer input to form new buffer value 5. output hash value is the final buffer value
3 241-427-SV-2-2553-COE-PSU 13 MD5 Overview 241-427-SV-2-2553-COE-PSU 14 MD5 Compression Function each round has 16 steps of the form: a = b+((a+g(b,c,d)+X[k]+T[i])<<<s) a,b,c,d refer to the 4 words of the buffer, but used in varying permutations note this updates 1 word only of the buffer after 16 steps each word is updated 4 times where g(b,c,d) is a different nonlinear function in each round (F,G,H,I) T[i] is a constant value derived from sin 241-427-SV-2-2553-COE-PSU 15 Strength of MD5 MD5 hash is dependent on all message bits Rivest claims security is good as can be known attacks are: Berson 92 attacked any 1 round using differential cryptanalysis (but can’t extend) Boer & Bosselaers 93 found a pseudo collision (again unable to extend) Dobbertin 96 created collisions on MD compression function (but initial constants prevent exploit) conclusion is that MD5 looks vulnerable soon 241-427-SV-2-2553-COE-PSU 16 Secure Hash Algorithm SHA was designed by NIST & NSA in 1993, revised 1995 as SHA-1 US standard for use with DSA signature scheme standard is FIPS 180-1 1995, also Internet RFC3174 nb. the algorithm is SHA, the standard is SHS SHA is one of the newer generation of hash functions More resistant to cryptanalysis SHA-512 is a version of SHA Maximum Message size 2128 -1, Block size 1024, Message digest size 512, Number of rounds 80, Word size 64 241-427-SV-2-2553-COE-PSU 17 SHA-512 Overview 241-427-SV-2-2553-COE-PSU 18 Message Authentication Code (MAC) provides assurance that message is unaltered and comes from sender
4 241-427-SV-2-2553-COE-PSU 19 MAC Properties a MAC is a cryptographic checksum MAC = CK(M) condenses a variable-length message M using a secret key K to a fixed-sized authenticator is a many-to-one function potentially many messages have same MAC but finding these needs to be very difficult Security of a MAC depends on the security of the underlying hash algorithm 241-427-SV-2-2553-COE-PSU 20 Using Symmetric Ciphers for MACs can use any block cipher chaining mode and use final block as a MAC Data Authentication Algorithm (DAA) is a widely used MAC based on DES-CBC using IV=0 and zero-pad of final block encrypt message using DES in CBC mode and send just the final block as the MAC or the leftmost M bits (16≤M≤64) of final block but final MAC is now too small for security 241-427-SV-2-2553-COE-PSU 21 Hashing vs. MAC Hashing; as a means to verify data integrity Some hashing algorithms include MD5, SHA1, and SHA256 Message Authentication Codes (MAC); as a means to prevent man in the middle attacks and verify data integrity. 241-427-SV-2-2553-COE-PSU 22 Digital Signatures have looked at message authentication but does not address issues of lack of trust digital signatures provide the ability to: verify author, date & time of signature authenticate message contents be verified by third parties to resolve disputes hence include authentication function with additional capabilities 241-427-SV-2-2553-COE-PSU 23 Digital Signature Properties must depend on the message signed must use information unique to sender to prevent both forgery and denial must be relatively easy to produce must be relatively easy to recognize & verify be computationally infeasible to forge with new message for existing digital signature with fraudulent digital signature for given message be practical save digital signature in storage 241-427-SV-2-2553-COE-PSU 24 Conventional vs. digital Cannot be distinguished unless there is a timestamp can be distinguished between the original signature and the signed signature on the document Duplicity One-to-one (Each signature for each message) One-to-many (Same signature for all messages) Relationship Apply method on message & check Compare with signature on file Verification method Can be separatedIn the documentInclusion DigitalConventionalSignature
5 241-427-SV-2-2553-COE-PSU 25 Direct Digital Signatures involve only sender & receiver assumed receiver has sender’s public-key digital signature made by sender signing entire message or hash with private-key can encrypt using receivers public-key important that sign first then encrypt message & signature security depends on sender’s private-key 241-427-SV-2-2553-COE-PSU 26 Example 241-427-SV-2-2553-COE-PSU 27 Arbitrated Digital Signatures involves use of arbiter A validates any signed message then dated and sent to recipient requires suitable level of trust in arbiter can be implemented with either private or public-key algorithms arbiter may or may not see the message 241-427-SV-2-2553-COE-PSU 28 Example 241-427-SV-2-2553-COE-PSU 29 Attacks on digital signatures Key-only attack Attacker has access to the public key Need to create sender’s signature Know-message attack Attacker has access to one or more message- signature pairs Create another message and forge the sender’s signature Chosen-message attacks Attacker has access to some chosen messages and the sender’s signature on these messages Create another message and forge the sender’s signature 241-427-SV-2-2553-COE-PSU 30 RSA Digital Signature Scheme
6 241-427-SV-2-2553-COE-PSU 31 RSA Digital Signature Scheme The private and public keys of the sender, not the receiver, are used The sender uses her own private key to sign the document The receiver uses the sender’s public key to verify the document 241-427-SV-2-2553-COE-PSU 32 RSA Digital Signature Scheme Key generation Same as key generation in the RSA Signing S = Md mod n Send {M,S} Verifying M’ = Se mod n Compare the value of M’ and M Proof M’ = Se mod n = (Md)e mod n = Mde mod n = M 241-427-SV-2-2553-COE-PSU 33 Entity Authentication Basics Passwords Storage Selection Breaking them Other methods Multiple methods 241-427-SV-2-2553-COE-PSU 34 Entity Authentication Let one party prove the identity of another party Date-origin vs. Entity authentication Most key management protocols use entity authentication protocols Authenticate the entity for the entire duration of a section Only authenticate one message The entity must be online and involved in the process The origin is not needed to be online Entity authenticationData-origin authentication 241-427-SV-2-2553-COE-PSU 35 Establishing Identity Entity must identify himself/herself to the verifier with one of the followings What entity knows (eg. Password, PIN, secret key, private key) What entity processed (eg. Passport, badge, smart card) What entity inherent (eg. Signatures, voice, fingerprints, retinal characteristics, facial characteristic) Where entity is (eg. in front of a terminal, in a specific room) 241-427-SV-2-2553-COE-PSU 36 Password-based authentication The simplest and oldest method Each user has a user identification that is public A password that is private There are two groups Fixed password One-time password
7 241-427-SV-2-2553-COE-PSU 37 Hashing the password Store the hash of password in the password file Possible attack dictionary attack 241-427-SV-2-2553-COE-PSU 38 Salting the password concatenate a random string (salt) to the password E.g., UNIX use a variation of this method 241-427-SV-2-2553-COE-PSU 39 One-time password Password that is used only once Problems Synchronization of user, system Generation of good random passwords Password distribution problem E.g., Lamport one-time password 241-427-SV-2-2553-COE-PSU 40 Problems in password authentication The claimant proves her identity by demonstrating that she knows a secret by revealing the secret which can be intercepted by adversary Solution: a challenge-response authentication The claimant does not send the secret to the verifier The verifier is either has it or finds it Several approaches Symmetric-key encryption Keyed-hash function (MAC) Asymmetric-key cipher Digital signature 241-427-SV-2-2553-COE-PSU 41 Challenge-response: symmetric-key encryption 241-427-SV-2-2553-COE-PSU 42 Challenge-response: Keyed-hash function (MAC) Preserved the integrity of challenge and response messages and at the same time uses a secret, the key
8 241-427-SV-2-2553-COE-PSU 43 Challenge-response: asymmetric-key cipher 241-427-SV-2-2553-COE-PSU 44 Challenge-response: digital signature 241-427-SV-2-2553-COE-PSU 45 Zero-knowledge: motivation Password authentication The secret is revealed (eavesdropping problems) Dishonest verifier uses the revealed secret to impersonate the claimant Challenge-response authentication No secret is sent to the verifier The claimant applies function to challenge that includes her secret The verifier usually know the secret or can extract information about the secret (choosing a preplanned set of challenges) uses the secret to impersonate the claimant 241-427-SV-2-2553-COE-PSU 46 Zero-knowledge: idea The claimant does not reveal anything that might endanger the confidentiality of the secret After the exchanging messages, the verifier only knows that the claimant does or does not know the secret, nothing more E.g., Fiat-Shamir Protocol 241-427-SV-2-2553-COE-PSU 47 Fiat-Shamir Protocol 241-427-SV-2-2553-COE-PSU 48 Fiat-Shamir Protocol: initial Need a trusted third party Choose two large prime numbers p and q Calculate n = p x q Announced n to public Keep p and q secret The claimant chooses a secret number s between 1 and n-1 Calculate v = s2 mod n Keep s secret Register v as the public key
9 241-427-SV-2-2553-COE-PSU 49 Fiat-Shamir Protocol: verification 1. Claimant: choose a random number r between o and n-1; calculate x = r2 mod n send x to the verifier 2. Verifier: send a challenge c (either 0 or 1) to the claimant 3. Claimant: calculate y = rsc send y to the verifier 4. Verifier: Calculate y2 and xvc Compare these two values Proof: y2 = (rsc)2 = r2s2c = r2(s2)c = xvc 241-427-SV-2-2553-COE-PSU 50 Biometrics Measurement of physiological or behavioral features that identify a person The features cannot be guessed, stolen or shared Several components are needed Capturing devices, processors, storage devices Need enrollment The corresponding feature of each person must be available in the database Authentication methods Verification: a person’s features is matched against a single record in the database (one-to-one) to see if she is who she is claiming to be Identification: a person’s features is matched against all records in the database (one-to-many) to see if she has a record in the database 241-427-SV-2-2553-COE-PSU 51 Biometric techniques 241-427-SV-2-2553-COE-PSU 52 Biometric techniques Physiological : measures the physical traits of the human body for verification and identification Fingerprint Iris retina Face Hand Voice DNA Behavioral : measures some human behavior traits and it needs to be monitored to ensure that the claimant behaves normally and does not attempt to impersonate someone else Signature Keystroke walking 241-427-SV-2-2553-COE-PSU 53 Accuracy of biometric techniques Measured using two parameters False rejection: the ratio of false rejection (should be recognized but did not) to the total numbers of attempts False acception: the ratio of false acception (should not be recognized but did) to the total numbers of attempts 241-427-SV-2-2553-COE-PSU 54 Applications Commercial: access facilities time keeping transaction Law enforcement: investigation forensic analysis Border control and immigration control
10 241-427-SV-2-2553-COE-PSU 55 Location If you know where the user is, to validate the identity by seeing if the user is where he/she is Requires special-purpose hardware to locate user GPS (global positioning system) device gives location signature of entity Host uses LSS (location signature sensor) to get signature for entity 241-427-SV-2-2553-COE-PSU 56 Multiple Methods Example: “where you are” also requires entity to have LSS and GPS, so also “what you have” Can assign different methods to different tasks As users perform more and more sensitive tasks, must authenticate in more and more ways (presumably, more stringently) File describes authentication required Also includes controls on access (time of day, etc.), resources, and requests to change passwords Pluggable Authentication Modules 241-427-SV-2-2553-COE-PSU 57 Key Points Authentication is not cryptography You have to consider system components Passwords are here to stay They provide a basis for most forms of authentication Protocols are important They can make masquerading harder Authentication methods can be combined Example: PAM 241-427-SV-2-2553-COE-PSU 58 References W. Stallings, Cryptography and Network Security, 3rd ed, B.A. Forouzan, Cryptograhpy and Network Security, McGraw- Hill, 2008 A.Kahate, Cryptography and network Security, McGraw-Hill, 2003 B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, John Wiley & Sons Inc., 1996

Recomendados

The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)theijes
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Computer security module 3
Computer security module 3Computer security module 3
Computer security module 3Deepak John
 
Pkcs 5
Pkcs 5Pkcs 5
Pkcs 5snakesv
 
Network and computer security-
Network and computer security-Network and computer security-
Network and computer security-Deepak John
 
Cns
CnsCns
CnsArthyR3
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit vArthyR3
 

Recomendados

The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)The International Journal of Engineering and Science (The IJES)
The International Journal of Engineering and Science (The IJES)theijes
 
MAC-Message Authentication Codes
MAC-Message Authentication CodesMAC-Message Authentication Codes
MAC-Message Authentication CodesDarshanPatil82
 
Cs8792 cns - unit iv
Cs8792 cns - unit ivCs8792 cns - unit iv
Cs8792 cns - unit ivArthyR3
 
Computer security module 3
Computer security module 3Computer security module 3
Computer security module 3Deepak John
 
Pkcs 5
Pkcs 5Pkcs 5
Pkcs 5snakesv
 
Network and computer security-
Network and computer security-Network and computer security-
Network and computer security-Deepak John
 
Cns
CnsCns
CnsArthyR3
 
CNS - Unit v
CNS - Unit vCNS - Unit v
CNS - Unit vArthyR3
 
Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
Is unit-4-part-1
Is unit-4-part-1Is unit-4-part-1
Is unit-4-part-1vmuniraja
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key CryptosystemDevakumar Kp
 
Ch09
Ch09Ch09
Ch09Joe Christensen
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptographyRutvik Mehta
 
Pgp smime
Pgp smimePgp smime
Pgp smimeTania Agni
 
Computer security module 4
Computer security module 4Computer security module 4
Computer security module 4Deepak John
 
Message queuing telemetry transport (mqtt) id and other type parameters
Message queuing telemetry transport (mqtt) id and other type parametersMessage queuing telemetry transport (mqtt) id and other type parameters
Message queuing telemetry transport (mqtt) id and other type parametersHamdamboy (함담보이)
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Encryption
EncryptionEncryption
EncryptionVijay Kumar
 
Secured Source Anonymous Message Authentication Using Wireless Sensor Network
Secured Source Anonymous Message Authentication Using Wireless Sensor NetworkSecured Source Anonymous Message Authentication Using Wireless Sensor Network
Secured Source Anonymous Message Authentication Using Wireless Sensor Networkiosrjce
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Ch13
Ch13Ch13
Ch13Joe Christensen
 
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...IJRESJOURNAL
 
DOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITYDOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITYTuhin_Das
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...cscpconf
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its UsesMohsin Ali
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownInformation Security Awareness Group
 
Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network securityMazin Alwaaly
 
Ch11
Ch11Ch11
Ch11Joe Christensen
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptxsandyBS
 

Mais conteúdo relacionado

Mais procurados

Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash functionomarShiekh1
 
Is unit-4-part-1
Is unit-4-part-1Is unit-4-part-1
Is unit-4-part-1vmuniraja
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key CryptosystemDevakumar Kp
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptographyRutvik Mehta
 
Computer security module 4
Computer security module 4Computer security module 4
Computer security module 4Deepak John
 
Message queuing telemetry transport (mqtt) id and other type parameters
Message queuing telemetry transport (mqtt) id and other type parametersMessage queuing telemetry transport (mqtt) id and other type parameters
Message queuing telemetry transport (mqtt) id and other type parametersHamdamboy (함담보이)
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash functionChirag Patel
 
Secured Source Anonymous Message Authentication Using Wireless Sensor Network
Secured Source Anonymous Message Authentication Using Wireless Sensor NetworkSecured Source Anonymous Message Authentication Using Wireless Sensor Network
Secured Source Anonymous Message Authentication Using Wireless Sensor Networkiosrjce
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...IJRESJOURNAL
 
DOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITYDOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITYTuhin_Das
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...cscpconf
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its UsesMohsin Ali
 

Mais procurados (19)

Message authentication and hash function
Message authentication and hash functionMessage authentication and hash function
Message authentication and hash function
 
Is unit-4-part-1
Is unit-4-part-1Is unit-4-part-1
Is unit-4-part-1
 
Public Key Cryptosystem
Public Key CryptosystemPublic Key Cryptosystem
Public Key Cryptosystem
 
Ch09
Ch09Ch09
Ch09
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptography
 
Pgp smime
Pgp smimePgp smime
Pgp smime
 
Computer security module 4
Computer security module 4Computer security module 4
Computer security module 4
 
Message queuing telemetry transport (mqtt) id and other type parameters
Message queuing telemetry transport (mqtt) id and other type parametersMessage queuing telemetry transport (mqtt) id and other type parameters
Message queuing telemetry transport (mqtt) id and other type parameters
 
5. message authentication and hash function
5. message authentication and hash function5. message authentication and hash function
5. message authentication and hash function
 
Encryption
EncryptionEncryption
Encryption
 
Secured Source Anonymous Message Authentication Using Wireless Sensor Network
Secured Source Anonymous Message Authentication Using Wireless Sensor NetworkSecured Source Anonymous Message Authentication Using Wireless Sensor Network
Secured Source Anonymous Message Authentication Using Wireless Sensor Network
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
Ch13
Ch13Ch13
Ch13
 
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...
Provably Secure Authenticated Key Management Protocol Against De-Synchronizat...
 
DOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITYDOCS ON NETWORK SECURITY
DOCS ON NETWORK SECURITY
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...
ASSURED NEIGHBOR BASED COUNTER PROTOCOL ON MAC-LAYER PROVIDING SECURITY IN MO...
 
Principles of public key cryptography and its Uses
Principles of public key cryptography and its UsesPrinciples of public key cryptography and its Uses
Principles of public key cryptography and its Uses
 
Cryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie BrownCryptography and Network Security William Stallings Lawrie Brown
Cryptography and Network Security William Stallings Lawrie Brown
 

Semelhante a Ch04-Computer Security

Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network securityMazin Alwaaly
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptxsandyBS
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MACSou Jana
 
CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21jemtallon
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).pptGnanalakshmiV
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authenticationchauhankapil
 
NSC_Unit-III_final.ppt
NSC_Unit-III_final.pptNSC_Unit-III_final.ppt
NSC_Unit-III_final.pptDrVASAVIBANDE
 
Message authentication between the nodes
Message authentication between the nodesMessage authentication between the nodes
Message authentication between the nodesSelva Raj
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)Mehedi Farazi
 

Semelhante a Ch04-Computer Security (20)

Information and data security cryptography and network security
Information and data security cryptography and network securityInformation and data security cryptography and network security
Information and data security cryptography and network security
 
Ch11
Ch11Ch11
Ch11
 
unit - III.pptx
unit - III.pptxunit - III.pptx
unit - III.pptx
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MAC
 
SSH.ppt
SSH.pptSSH.ppt
SSH.ppt
 
CISSP Week 21
CISSP Week 21CISSP Week 21
CISSP Week 21
 
01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt01204427-Hash_Crypto (1).ppt
01204427-Hash_Crypto (1).ppt
 
Hash_Crypto.ppt
Hash_Crypto.pptHash_Crypto.ppt
Hash_Crypto.ppt
 
Message Authentication
Message AuthenticationMessage Authentication
Message Authentication
 
NSC_Unit-III_final.ppt
NSC_Unit-III_final.pptNSC_Unit-III_final.ppt
NSC_Unit-III_final.ppt
 
Moein
MoeinMoein
Moein
 
Message authentication between the nodes
Message authentication between the nodesMessage authentication between the nodes
Message authentication between the nodes
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Hash crypto
Hash cryptoHash crypto
Hash crypto
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
 

Mais de Attaporn Ninsuwan

Chapter 12 - Computer Forensics
Chapter 12 - Computer ForensicsChapter 12 - Computer Forensics
Chapter 12 - Computer ForensicsAttaporn Ninsuwan
 
Techniques for data hiding p
Techniques for data hiding pTechniques for data hiding p
Techniques for data hiding pAttaporn Ninsuwan
 
Stop badware infected_sites_report_062408
Stop badware infected_sites_report_062408Stop badware infected_sites_report_062408
Stop badware infected_sites_report_062408Attaporn Ninsuwan
 
Steganography past-present-future 552
Steganography past-present-future 552Steganography past-present-future 552
Steganography past-present-future 552Attaporn Ninsuwan
 
Chapter5 - The Discrete-Time Fourier Transform
Chapter5 - The Discrete-Time Fourier TransformChapter5 - The Discrete-Time Fourier Transform
Chapter5 - The Discrete-Time Fourier TransformAttaporn Ninsuwan
 
Chapter4 - The Continuous-Time Fourier Transform
Chapter4 - The Continuous-Time Fourier TransformChapter4 - The Continuous-Time Fourier Transform
Chapter4 - The Continuous-Time Fourier TransformAttaporn Ninsuwan
 
Chapter3 - Fourier Series Representation of Periodic Signals
Chapter3 - Fourier Series Representation of Periodic SignalsChapter3 - Fourier Series Representation of Periodic Signals
Chapter3 - Fourier Series Representation of Periodic SignalsAttaporn Ninsuwan
 
Chapter2 - Linear Time-Invariant System
Chapter2 - Linear Time-Invariant SystemChapter2 - Linear Time-Invariant System
Chapter2 - Linear Time-Invariant SystemAttaporn Ninsuwan
 

Mais de Attaporn Ninsuwan (20)

J query fundamentals
J query fundamentalsJ query fundamentals
J query fundamentals
 
Jquery enlightenment
Jquery enlightenmentJquery enlightenment
Jquery enlightenment
 
Jquery-Begining
Jquery-BeginingJquery-Begining
Jquery-Begining
 
Br ainfocom94
Br ainfocom94Br ainfocom94
Br ainfocom94
 
Chapter 12 - Computer Forensics
Chapter 12 - Computer ForensicsChapter 12 - Computer Forensics
Chapter 12 - Computer Forensics
 
Techniques for data hiding p
Techniques for data hiding pTechniques for data hiding p
Techniques for data hiding p
 
Stop badware infected_sites_report_062408
Stop badware infected_sites_report_062408Stop badware infected_sites_report_062408
Stop badware infected_sites_report_062408
 
Steganography past-present-future 552
Steganography past-present-future 552Steganography past-present-future 552
Steganography past-present-future 552
 
Ch03-Computer Security
Ch03-Computer SecurityCh03-Computer Security
Ch03-Computer Security
 
Ch02-Computer Security
Ch02-Computer SecurityCh02-Computer Security
Ch02-Computer Security
 
Ch01-Computer Security
Ch01-Computer SecurityCh01-Computer Security
Ch01-Computer Security
 
Ch8-Computer Security
Ch8-Computer SecurityCh8-Computer Security
Ch8-Computer Security
 
Ch7-Computer Security
Ch7-Computer SecurityCh7-Computer Security
Ch7-Computer Security
 
Ch6-Computer Security
Ch6-Computer SecurityCh6-Computer Security
Ch6-Computer Security
 
Ch06b-Computer Security
Ch06b-Computer SecurityCh06b-Computer Security
Ch06b-Computer Security
 
Ch5-Computer Security
Ch5-Computer SecurityCh5-Computer Security
Ch5-Computer Security
 
Chapter5 - The Discrete-Time Fourier Transform
Chapter5 - The Discrete-Time Fourier TransformChapter5 - The Discrete-Time Fourier Transform
Chapter5 - The Discrete-Time Fourier Transform
 
Chapter4 - The Continuous-Time Fourier Transform
Chapter4 - The Continuous-Time Fourier TransformChapter4 - The Continuous-Time Fourier Transform
Chapter4 - The Continuous-Time Fourier Transform
 
Chapter3 - Fourier Series Representation of Periodic Signals
Chapter3 - Fourier Series Representation of Periodic SignalsChapter3 - Fourier Series Representation of Periodic Signals
Chapter3 - Fourier Series Representation of Periodic Signals
 
Chapter2 - Linear Time-Invariant System
Chapter2 - Linear Time-Invariant SystemChapter2 - Linear Time-Invariant System
Chapter2 - Linear Time-Invariant System
 

Último

Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Jisc
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxAmanpreet Kaur
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17Celine George
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsMebane Rash
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024Elizabeth Walsh
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfAdmir Softic
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomPooky Knightsmith
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfPoh-Sun Goh
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.MaryamAhmad92
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxPooja Bhuva
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Pooja Bhuva
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Pooja Bhuva
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSCeline George
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...Nguyen Thanh Tu Collection
 

Último (20)

Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptxSKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
SKILL OF INTRODUCING THE LESSON MICRO SKILLS.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
Spatium Project Simulation student brief
Spatium Project Simulation student briefSpatium Project Simulation student brief
Spatium Project Simulation student brief
 
Fostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the ClassroomFostering Friendships - Enhancing Social Bonds in the Classroom
Fostering Friendships - Enhancing Social Bonds in the Classroom
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
Interdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptxInterdisciplinary_Insights_Data_Collection_Methods.pptx
Interdisciplinary_Insights_Data_Collection_Methods.pptx
 
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
Beyond_Borders_Understanding_Anime_and_Manga_Fandom_A_Comprehensive_Audience_...
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
Sensory_Experience_and_Emotional_Resonance_in_Gabriel_Okaras_The_Piano_and_Th...
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
How to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POSHow to Manage Global Discount in Odoo 17 POS
How to Manage Global Discount in Odoo 17 POS
 
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
TỔNG ÔN TẬP THI VÀO LỚP 10 MÔN TIẾNG ANH NĂM HỌC 2023 - 2024 CÓ ĐÁP ÁN (NGỮ Â...
 

Ch04-Computer Security

  • 1. 1 241-427-SV-2-2553-COE-PSU 1 241-427 Computer Security Chapter IV: Authentication Dr. Sangsuree Vasupongayya 241-427-SV-2-2553-COE-PSU 2 Authentication Why? Not need secrecy but must have integrity E.g., the contents of a will do not need to be encrypted but the contents can not be changed. 2 general types Message authentication protecting the integrity of a message validating identity of the originator Entity authentication Verifying an entity 241-427-SV-2-2553-COE-PSU 3 Message Authentication message authentication is concerned with: protecting the integrity of a message (protection from modification) validating identity of originator non-repudiation of origin (dispute resolution) Three alternative methods can be used: message encryption message authentication code (MAC) hash function 241-427-SV-2-2553-COE-PSU 4 Message Encryption message encryption by itself also provides a measure of authentication if symmetric encryption is used then: receiver know sender must have created it since only sender and receiver now key used the content cannot be altered if message has suitable structure, redundancy or a checksum to detect any changes 241-427-SV-2-2553-COE-PSU 5 Message Encryption (cont.) if public-key encryption is used: encryption provides no confidence of sender since anyone potentially knows public-key however if sender signs message using their private-key then encrypts with recipients public key have both secrecy and authentication again need to recognize corrupted messages but at cost of two public-key uses on message 241-427-SV-2-2553-COE-PSU 6 Message Digest
  • 2. 2 241-427-SV-2-2553-COE-PSU 7 Fingerprint vs. Message digest Document and fingerprint Alice put her fingerprint in the will The contents cannot be changed because Eve cannot forge Alice’s fingerprint Alice’s fingerprint in the will can be compared to Alice’s fingerprint on file (safe from change) Document and fingerprint are physically linked Message and message digest create a compressed image of the message use a cryptographic hash function Message and message digest can be unlinked 241-427-SV-2-2553-COE-PSU 8 Hash Functions condenses arbitrary message to fixed size h = H(M) usually assume that the hash function is public and not keyed hash used to detect changes to message can use in various ways with message most often to create a digital signature 241-427-SV-2-2553-COE-PSU 9 Block Ciphers as Hash Functions can use block ciphers as hash functions using H0=0 and zero-pad of final block compute: Hi = EMi [Hi-1] and use final block as the hash value similar to CBC but without a key resulting hash is too small (64-bit) both due to direct birthday attack and to “meet-in-the-middle” attack other variants also susceptible to attack 241-427-SV-2-2553-COE-PSU 10 Hash Algorithms see similarities in the evolution of hash functions & block ciphers increasing power of brute-force attacks leading to evolution in algorithms from DES to AES in block ciphers from MD4 & MD5 to SHA-1 & RIPEMD-160 in hash algorithms likewise tend to use common iterative structure as do block ciphers 241-427-SV-2-2553-COE-PSU 11 MD5 designed by Ronald Rivest (the R in RSA) latest in a series of MD2, MD4 produces a 128-bit hash value until recently was the most widely used hash algorithm in recent times have both brute-force & cryptanalytic concerns specified as Internet standard RFC1321 241-427-SV-2-2553-COE-PSU 12 MD5 Overview 1. pad message so its length is 448 mod 512 2. append a 64-bit length value to message 3. initialise 4-word (128-bit) MD buffer (A,B,C,D) 4. process message in 16-word (512-bit) blocks: using 4 rounds of 16 bit operations on message block & buffer add output to buffer input to form new buffer value 5. output hash value is the final buffer value
  • 3. 3 241-427-SV-2-2553-COE-PSU 13 MD5 Overview 241-427-SV-2-2553-COE-PSU 14 MD5 Compression Function each round has 16 steps of the form: a = b+((a+g(b,c,d)+X[k]+T[i])<<<s) a,b,c,d refer to the 4 words of the buffer, but used in varying permutations note this updates 1 word only of the buffer after 16 steps each word is updated 4 times where g(b,c,d) is a different nonlinear function in each round (F,G,H,I) T[i] is a constant value derived from sin 241-427-SV-2-2553-COE-PSU 15 Strength of MD5 MD5 hash is dependent on all message bits Rivest claims security is good as can be known attacks are: Berson 92 attacked any 1 round using differential cryptanalysis (but can’t extend) Boer & Bosselaers 93 found a pseudo collision (again unable to extend) Dobbertin 96 created collisions on MD compression function (but initial constants prevent exploit) conclusion is that MD5 looks vulnerable soon 241-427-SV-2-2553-COE-PSU 16 Secure Hash Algorithm SHA was designed by NIST & NSA in 1993, revised 1995 as SHA-1 US standard for use with DSA signature scheme standard is FIPS 180-1 1995, also Internet RFC3174 nb. the algorithm is SHA, the standard is SHS SHA is one of the newer generation of hash functions More resistant to cryptanalysis SHA-512 is a version of SHA Maximum Message size 2128 -1, Block size 1024, Message digest size 512, Number of rounds 80, Word size 64 241-427-SV-2-2553-COE-PSU 17 SHA-512 Overview 241-427-SV-2-2553-COE-PSU 18 Message Authentication Code (MAC) provides assurance that message is unaltered and comes from sender
  • 4. 4 241-427-SV-2-2553-COE-PSU 19 MAC Properties a MAC is a cryptographic checksum MAC = CK(M) condenses a variable-length message M using a secret key K to a fixed-sized authenticator is a many-to-one function potentially many messages have same MAC but finding these needs to be very difficult Security of a MAC depends on the security of the underlying hash algorithm 241-427-SV-2-2553-COE-PSU 20 Using Symmetric Ciphers for MACs can use any block cipher chaining mode and use final block as a MAC Data Authentication Algorithm (DAA) is a widely used MAC based on DES-CBC using IV=0 and zero-pad of final block encrypt message using DES in CBC mode and send just the final block as the MAC or the leftmost M bits (16≤M≤64) of final block but final MAC is now too small for security 241-427-SV-2-2553-COE-PSU 21 Hashing vs. MAC Hashing; as a means to verify data integrity Some hashing algorithms include MD5, SHA1, and SHA256 Message Authentication Codes (MAC); as a means to prevent man in the middle attacks and verify data integrity. 241-427-SV-2-2553-COE-PSU 22 Digital Signatures have looked at message authentication but does not address issues of lack of trust digital signatures provide the ability to: verify author, date & time of signature authenticate message contents be verified by third parties to resolve disputes hence include authentication function with additional capabilities 241-427-SV-2-2553-COE-PSU 23 Digital Signature Properties must depend on the message signed must use information unique to sender to prevent both forgery and denial must be relatively easy to produce must be relatively easy to recognize & verify be computationally infeasible to forge with new message for existing digital signature with fraudulent digital signature for given message be practical save digital signature in storage 241-427-SV-2-2553-COE-PSU 24 Conventional vs. digital Cannot be distinguished unless there is a timestamp can be distinguished between the original signature and the signed signature on the document Duplicity One-to-one (Each signature for each message) One-to-many (Same signature for all messages) Relationship Apply method on message & check Compare with signature on file Verification method Can be separatedIn the documentInclusion DigitalConventionalSignature
  • 5. 5 241-427-SV-2-2553-COE-PSU 25 Direct Digital Signatures involve only sender & receiver assumed receiver has sender’s public-key digital signature made by sender signing entire message or hash with private-key can encrypt using receivers public-key important that sign first then encrypt message & signature security depends on sender’s private-key 241-427-SV-2-2553-COE-PSU 26 Example 241-427-SV-2-2553-COE-PSU 27 Arbitrated Digital Signatures involves use of arbiter A validates any signed message then dated and sent to recipient requires suitable level of trust in arbiter can be implemented with either private or public-key algorithms arbiter may or may not see the message 241-427-SV-2-2553-COE-PSU 28 Example 241-427-SV-2-2553-COE-PSU 29 Attacks on digital signatures Key-only attack Attacker has access to the public key Need to create sender’s signature Know-message attack Attacker has access to one or more message- signature pairs Create another message and forge the sender’s signature Chosen-message attacks Attacker has access to some chosen messages and the sender’s signature on these messages Create another message and forge the sender’s signature 241-427-SV-2-2553-COE-PSU 30 RSA Digital Signature Scheme
  • 6. 6 241-427-SV-2-2553-COE-PSU 31 RSA Digital Signature Scheme The private and public keys of the sender, not the receiver, are used The sender uses her own private key to sign the document The receiver uses the sender’s public key to verify the document 241-427-SV-2-2553-COE-PSU 32 RSA Digital Signature Scheme Key generation Same as key generation in the RSA Signing S = Md mod n Send {M,S} Verifying M’ = Se mod n Compare the value of M’ and M Proof M’ = Se mod n = (Md)e mod n = Mde mod n = M 241-427-SV-2-2553-COE-PSU 33 Entity Authentication Basics Passwords Storage Selection Breaking them Other methods Multiple methods 241-427-SV-2-2553-COE-PSU 34 Entity Authentication Let one party prove the identity of another party Date-origin vs. Entity authentication Most key management protocols use entity authentication protocols Authenticate the entity for the entire duration of a section Only authenticate one message The entity must be online and involved in the process The origin is not needed to be online Entity authenticationData-origin authentication 241-427-SV-2-2553-COE-PSU 35 Establishing Identity Entity must identify himself/herself to the verifier with one of the followings What entity knows (eg. Password, PIN, secret key, private key) What entity processed (eg. Passport, badge, smart card) What entity inherent (eg. Signatures, voice, fingerprints, retinal characteristics, facial characteristic) Where entity is (eg. in front of a terminal, in a specific room) 241-427-SV-2-2553-COE-PSU 36 Password-based authentication The simplest and oldest method Each user has a user identification that is public A password that is private There are two groups Fixed password One-time password
  • 7. 7 241-427-SV-2-2553-COE-PSU 37 Hashing the password Store the hash of password in the password file Possible attack dictionary attack 241-427-SV-2-2553-COE-PSU 38 Salting the password concatenate a random string (salt) to the password E.g., UNIX use a variation of this method 241-427-SV-2-2553-COE-PSU 39 One-time password Password that is used only once Problems Synchronization of user, system Generation of good random passwords Password distribution problem E.g., Lamport one-time password 241-427-SV-2-2553-COE-PSU 40 Problems in password authentication The claimant proves her identity by demonstrating that she knows a secret by revealing the secret which can be intercepted by adversary Solution: a challenge-response authentication The claimant does not send the secret to the verifier The verifier is either has it or finds it Several approaches Symmetric-key encryption Keyed-hash function (MAC) Asymmetric-key cipher Digital signature 241-427-SV-2-2553-COE-PSU 41 Challenge-response: symmetric-key encryption 241-427-SV-2-2553-COE-PSU 42 Challenge-response: Keyed-hash function (MAC) Preserved the integrity of challenge and response messages and at the same time uses a secret, the key
  • 8. 8 241-427-SV-2-2553-COE-PSU 43 Challenge-response: asymmetric-key cipher 241-427-SV-2-2553-COE-PSU 44 Challenge-response: digital signature 241-427-SV-2-2553-COE-PSU 45 Zero-knowledge: motivation Password authentication The secret is revealed (eavesdropping problems) Dishonest verifier uses the revealed secret to impersonate the claimant Challenge-response authentication No secret is sent to the verifier The claimant applies function to challenge that includes her secret The verifier usually know the secret or can extract information about the secret (choosing a preplanned set of challenges) uses the secret to impersonate the claimant 241-427-SV-2-2553-COE-PSU 46 Zero-knowledge: idea The claimant does not reveal anything that might endanger the confidentiality of the secret After the exchanging messages, the verifier only knows that the claimant does or does not know the secret, nothing more E.g., Fiat-Shamir Protocol 241-427-SV-2-2553-COE-PSU 47 Fiat-Shamir Protocol 241-427-SV-2-2553-COE-PSU 48 Fiat-Shamir Protocol: initial Need a trusted third party Choose two large prime numbers p and q Calculate n = p x q Announced n to public Keep p and q secret The claimant chooses a secret number s between 1 and n-1 Calculate v = s2 mod n Keep s secret Register v as the public key
  • 9. 9 241-427-SV-2-2553-COE-PSU 49 Fiat-Shamir Protocol: verification 1. Claimant: choose a random number r between o and n-1; calculate x = r2 mod n send x to the verifier 2. Verifier: send a challenge c (either 0 or 1) to the claimant 3. Claimant: calculate y = rsc send y to the verifier 4. Verifier: Calculate y2 and xvc Compare these two values Proof: y2 = (rsc)2 = r2s2c = r2(s2)c = xvc 241-427-SV-2-2553-COE-PSU 50 Biometrics Measurement of physiological or behavioral features that identify a person The features cannot be guessed, stolen or shared Several components are needed Capturing devices, processors, storage devices Need enrollment The corresponding feature of each person must be available in the database Authentication methods Verification: a person’s features is matched against a single record in the database (one-to-one) to see if she is who she is claiming to be Identification: a person’s features is matched against all records in the database (one-to-many) to see if she has a record in the database 241-427-SV-2-2553-COE-PSU 51 Biometric techniques 241-427-SV-2-2553-COE-PSU 52 Biometric techniques Physiological : measures the physical traits of the human body for verification and identification Fingerprint Iris retina Face Hand Voice DNA Behavioral : measures some human behavior traits and it needs to be monitored to ensure that the claimant behaves normally and does not attempt to impersonate someone else Signature Keystroke walking 241-427-SV-2-2553-COE-PSU 53 Accuracy of biometric techniques Measured using two parameters False rejection: the ratio of false rejection (should be recognized but did not) to the total numbers of attempts False acception: the ratio of false acception (should not be recognized but did) to the total numbers of attempts 241-427-SV-2-2553-COE-PSU 54 Applications Commercial: access facilities time keeping transaction Law enforcement: investigation forensic analysis Border control and immigration control
  • 10. 10 241-427-SV-2-2553-COE-PSU 55 Location If you know where the user is, to validate the identity by seeing if the user is where he/she is Requires special-purpose hardware to locate user GPS (global positioning system) device gives location signature of entity Host uses LSS (location signature sensor) to get signature for entity 241-427-SV-2-2553-COE-PSU 56 Multiple Methods Example: “where you are” also requires entity to have LSS and GPS, so also “what you have” Can assign different methods to different tasks As users perform more and more sensitive tasks, must authenticate in more and more ways (presumably, more stringently) File describes authentication required Also includes controls on access (time of day, etc.), resources, and requests to change passwords Pluggable Authentication Modules 241-427-SV-2-2553-COE-PSU 57 Key Points Authentication is not cryptography You have to consider system components Passwords are here to stay They provide a basis for most forms of authentication Protocols are important They can make masquerading harder Authentication methods can be combined Example: PAM 241-427-SV-2-2553-COE-PSU 58 References W. Stallings, Cryptography and Network Security, 3rd ed, B.A. Forouzan, Cryptograhpy and Network Security, McGraw- Hill, 2008 A.Kahate, Cryptography and network Security, McGraw-Hill, 2003 B. Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, John Wiley & Sons Inc., 1996