Chapter 5 Authentication and Basic Cryptography

12/06/56

1

Chapter 5 Authentication

and Basic Cryptography

Dr.Sukchatri PRASOMSUK

School of Information Technology and Communication,

University of Phayao

1

IS and Network Security

Resource from : Chapter 8 & 11

Authentication

Security+ Guide to Network Security Fundamentals, Third Edition

Define authentication

Authentication credentials

Authentication models

Authentication servers

Extended authentication protocols

Virtual Private Network (VPN)

Slide 2


12/06/56

2

Slow guessing and botnets conceal the attacks Countermeasures การตอบโต ้

Strong password policy, restricting access to server by source IP, two-factor authentication

Link Ch 8a

Slide 3


Definition of Authentication 4


12/06/56

3

Authentication can be defined in two contexts The first is viewing authentication as it relates to

access control

The second is to look at it as one of the three key elements of security:

Authentication การรับรอง Authorization การอนุญาต

Accounting การบญัชี

Slide 5


Access control is the process by which resources or services are granted or denied

Identification The presentation of credentials or identification

Authentication The verification of the credentials to ensure that

they are genuine and not fabricated (ประดิษฐ)์ Authorization

Granting permission for admittance

Access is the right to use specific resources

Slide 6


12/06/56

4

Authentication in AAA provides a way of identifying a user

Typically with a password

Authorization determines whether the user has the authority to carry out certain tasks

The process of enforcing policies

Accounting measures the resources a user “consumes” during each network session

Slide 7


To find evidence of problems

For billing

For planning

AAA servers

Servers dedicated to performing AAA functions

Can provide significant advantages in a network

Slide 8


12/06/56

5

Authentication Credentials (การรับรองตวัตน)

9


Credentials are something you have, something you are, or something you know

Types of authentication credentials

Passwords

One-time passwords

Standard biometrics

Behavioral biometrics

Cognitive biometrics

Slide 10


12/06/56

6

Standard passwords are typically static in nature

One-time passwords (OTP) Dynamic passwords that change frequently

Systems using OTPs generate a unique password on demand that is not reusable

The most common type is a time-synchronized OTP Used in conjunction with a token

The token and a corresponding authentication server share the same algorithm Each algorithm is different for each user’s token

Slide 11


Slide 12


12/06/56

7

Slide 13


Authentication server displays a challenge (a random number) to the user

User then enters the challenge number into the token Which then executes a special algorithm to generate

a password

Because the authentication server has this same algorithm, it can also generate the password and compare it against that entered by the user

Slide 14


12/06/56

8

Uses a person’s unique characteristics for authentication (what he is)

Examples: fingerprints, faces, hands, irises, retinas

Types of fingerprint scanners Static fingerprint scanner

Dynamic fingerprint scanner (more secure)

Disadvantages Costs

Readers are not always foolproof

How can you change your password it it's your fingerprint?

Slide 15


Slide 16


12/06/56

9

Authenticates by normal actions that the user performs

Keystroke dynamics

Attempt to recognize a user’s unique typing rhythm

Keystroke dynamics uses two unique typing variables Dwell time อาศัยเวลา

Flight time เวลาเที่ยวบิน

Slide 17


Slide 18


12/06/56

10

Slide 19


Voice recognition

Uses unique characteristics of a person’s voice

Phonetic cadence

Speaking two words together in a way that one word “bleeds” into the next word

Becomes part of each user’s speech pattern

Computer footprint

When and from where a user normally accesses a system

Slide 20


12/06/56

11

A simple form of two-factor authentication

Required by the US now

Links Ch 8b, c, d

Slide 21


Related to the perception, thought process, and understanding of the user

Easier for the user to remember because it is based on the user’s life experiences

One example of cognitive biometrics is based on a life experience that the user remembers

Another example of cognitive biometrics requires the user to identify specific faces

Slide 22


12/06/56

12

Slide 23


Authentication Models 24


12/06/56

13

One-factor authentication Using only one authentication credential, such

as a password

Two-factor authentication Enhances security, particularly if different types

of authentication methods are used (password and token)

Three-factor authentication Requires that a user present three different

types of authentication credentials

Slide 25


Identity management Using a single authenticated ID to be shared

across multiple networks

Federated identity management (FIM) When those networks are owned by different

organizations

One application of FIM is called single sign-on (SSO) Using one authentication to access multiple

accounts or applications

Slide 26


12/06/56

14

Originally introduced in 1999 as .NET Passport

When the user wants to log into a Web site that supports Windows Live ID

The user will first be redirected to the nearest authentication server

Once authenticated, the user is given an encrypted time-limited “global” cookie

Never became widely used

Slide 27


New Windows feature

Users control digital identities with digital ID cards

Types of cards

Managed cards

Personal cards

Slide 28


12/06/56

15

A decentralized open source FIM

Does not require specific software to be installed on the desktop

An OpenID identity is only a URL backed up by a username and password

OpenID provides a means to prove that the user owns that specific URL

Not very secure--dependent on DNS

Slide 29


Authentication Servers 30


12/06/56

16

Authentication can be provided on a network by a dedicated AAA or authentication server

The most common type of authentication and AAA servers are

RADIUS

Kerberos

TACACS+

Generic servers built on the Lightweight Directory Access Protocol (LDAP)

Slide 31


Developed in 1992

The industry standard with widespread support

Suitable for what are called “high-volume service control applications”

With the development of IEEE 802.1x port security for both wired and wireless LANs

RADIUS has recently seen even greater usage

Slide 32


12/06/56

17

A RADIUS client is typically a device such as a dial-up server or wireless access point (AP) Responsible for sending user credentials and

connection parameters in the form of a RADIUS message to a RADIUS server

The RADIUS server authenticates and authorizes the RADIUS client request Sends back a RADIUS message response

RADIUS clients also send RADIUS accounting messages to RADIUS servers

Slide 33


Slide 34


12/06/56

18

An authentication system developed by the Massachusetts Institute of Technology (MIT)

Used to verify the identity of networked users

Kerberos authentication server issues a ticket to the user

The user presents this ticket to the network for a service

The service then examines the ticket to verify the identity of the user

Slide 35


Developed by Cisco to replace RADIUS

More secure and reliable than RADIUS

The centralized server can either be a TACACS+ database

Or a database such as a Linux or UNIX password file with TACACS protocol support

Slide 36


12/06/56

19

Directory service A database stored on the network itself that contains

information about users and network devices Can be used with RADIUS

X.500 A standard for directory services Created by ISO

White-pages service Capability to look up information by name

Yellow-pages service Browse and search for information by category

Slide 37


The information is held in a directory information base (DIB)

Entries in the DIB are arranged in a tree structure called the directory information tree (DIT)

Directory Access Protocol (DAP) Protocol for a client application to access an

X.500 directory

DAP is too large to run on a personal computer

Slide 38


12/06/56

20

Lightweight Directory Access Protocol (LDAP) Sometimes called X.500 Lite A simpler subset of DAP

Primary differences LDAP was designed to run over TCP/IP LDAP has simpler functions LDAP encodes its protocol elements in a less

complex way than X.500

LDAP is an open protocol

Slide 39


Extended Authentication Protocols (EAP)

40


12/06/56

21

In IEEE 802.1x, EAP is the "envelope" that carries data used for authentication

Three EAP protocol categories:

Authentication legacy protocols

EAP weak protocols

EAP strong protocols

Slide 41


Slide 42


12/06/56

22

No longer extensively used for authentication

Password Authentication Protocol (PAP)

Sends passwords in the clear

Challenge-Handshake Authentication Protocol (CHAP)

Safer than PAP, but vulnerable (link Ch 8g)

Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP)

Slide 43


Still used but have security vulnerabilities

Extended Authentication Protocol–MD5 (EAP-MD5)

Vulnerable to offline dictionary attacks

Lightweight EAP (LEAP)

Also vulnerable to offline dictionary attacks

Can be cracked faster than WEP

Link Ch 8h

Slide 44


12/06/56

23

EAP with Transport Layer Security (EAP-TLS)

Uses certificates for both client and server

Used in large Windows networks

EAP with Tunneled TLS (EAP-TTLS) and Protected EAP (PEAP)

No client-side certificate

Easier to implement than EAP-TLS

Slide 45


Remote Authentication and Security

46


12/06/56

24

Important to maintain strong security for remote communications Transmissions are routed through networks or

devices that the organization does not manage and secure

Managing remote authentication and security usually includes: Using remote access services

Installing a virtual private network

Maintaining a consistent remote access policy

Slide 47


Any combination of hardware and software that enables access to remote users to a local internal network

Provides remote users with the same access and functionality as local users

Slide 48


12/06/56

25

One of the most common types of RAS

Uses an unsecured public network, such as the Internet, as if it were a secure private network

Encrypts all data that is transmitted between the remote device and the network

Common types of VPNs Remote-access VPN or virtual private dial-up

network (VPDN)

Site-to-site VPN

Slide 49


Slide 50


12/06/56

26

VPN transmissions are achieved through communicating with endpoints

Endpoint End of the tunnel between VPN devices

VPN concentrator Aggregates hundreds or thousands of multiple

connections

Depending upon the type of endpoint that is being used, client software may be required on the devices that are connecting to the VPN

Slide 51


VPNs can be software-based or hardware-based

Software-based VPNs offer the most flexibility in how network traffic is managed Hardware-based VPNs generally tunnel all traffic

they handle regardless of the protocol

Generally, software based VPNs do not have as good performance or security as a hardware-based VPN

Slide 52


12/06/56

27

Cost savings (no long-distance phone call)

Scalability (easy to add more users)

Full protection (all traffic is encrypted)

Speed (faster than direct dial-up)

Transparency (invisible to the user)

Authentication (only authorized users can connect)

Industry standards

Slide 53


Management

Availability and performance

Interoperability

Additional protocols

Performance impact

Expense

Slide 54


12/06/56

28

Establishing strong remote access policies is important

Some recommendations for remote access policies: Remote access policies should be consistent for all

users

Remote access should be the responsibility of the IT department

Form a working group and create a standard that all departments will agree to

Slide 55


Basic Cryptography

56


12/06/56

29

Define cryptography Describe hashing List the basic symmetric cryptographic

algorithms Describe how asymmetric cryptography

works List types of file and file system

cryptography Explain how whole disk encryption works

Slide 57


Cryptography - scrambles data

The science of transforming information into an unintelligible form while it is being transmitted or stored so that unauthorized users cannot access it

Steganography - hides data

Hides the existence of the data

What appears to be a harmless image can contain hidden data embedded within the image

Can use image files, audio files, or even video files to contain hidden information

Slide 58


12/06/56

30

Slide 59


Used by Julius Caesar

Caesar shifted each letter of his messages to his generals three places down in the alphabet

So BURN THE BRIDGE becomes

EXUQ WKH EUKFIG

A D

B E

C F

D G

E H

F I

G J

H K

Slide 60


12/06/56

31

Encryption

Changing the original text to a secret message using cryptography

Decryption

Change the secret message back to its original form

Slide 61


Slide 62


12/06/56

32

Cryptography can provide:

Confidentiality of information

Integrity of the information

Availability of the data

To users with the key

Guarantee Authenticity of the sender

Enforce Non-repudiation

Sender cannot deny sending the message

Slide 63


Slide 64


12/06/56

33

Cryptographic Algorithms 65


There are three categories of cryptographic algorithms:

Hashing algorithms

Symmetric encryption algorithms

Asymmetric encryption algorithms

Slide 66


12/06/56

34

Hashing Algorithms 67


Hashing is a one-way process

Converting a hash back to the original data is difficult or impossible

A hash is a unique “signature” for a set of data

This signature, called a hash or digest, represents the contents

Hashing is used only for integrity to ensure that:

Information is in its original form

No unauthorized person or malicious software has altered the data

Common hash algorithms

MD5, SHA-1

Slide 68


12/06/56

35

Slide 69


Link Ch 11a

Slide 70


12/06/56

36

A hashing algorithm is considered secure if:

The ciphertext hash is a fixed size

Two different sets of data cannot produce the same hash, which is known as a collision

It should be impossible to produce a data set that has a desired or predefined hash

The resulting hash ciphertext cannot be reversed to find the original data

Slide 71


Slide 72


12/06/56

37

Hash values are often posted on Internet sites

In order to verify the file integrity of files that can be downloaded

Slide 73


Slide 74


12/06/56

38

Message Digest (MD) algorithm One common hash

algorithm

Three versions Message Digest 2

(MD2) Message Digest 4

(MD4) Message Digest 5

(MD5)

Suffer from collisions Not secure

See links Ch 11b, c, d

Slide 75


More secure than MD

A family of hashes

SHA-1

Patterned after MD4, but creates a hash that is 160 bits in length instead of 128 bits

SHA-2

Comprised of four variations, known as SHA-224, SHA-256, SHA-384, and SHA-512

Considered to be a secure hash

Slide 76


12/06/56

39

Link Ch 11d

Slide 77


A relatively recent cryptographic hash function

Has received international recognition and adoption by standards organizations

Creates a hash of 512 bits

Slide 78


12/06/56

40

Another use for hashes is in storing passwords When a password for an account is created, the

password is hashed and stored

The Microsoft NT family of Windows operating systems hashes passwords in two different forms LM (LAN Manager) hash NTLM (New Technology LAN Manager) hash

Most Linux systems use password-hashing algorithms such as MD5

Apple Mac OS X uses SHA-1 hashes

Slide 79


Symmetric Cryptographic Algorithms

80


12/06/56

41

Symmetric cryptographic algorithms Use the same single key to encrypt and decrypt a

message

Also called private key cryptography

Stream cipher Takes one character and replaces it with one character

WEP (Wired Equivalent Protocol) is a stream cipher

Substitution cipher The simplest type of stream cipher

Simply substitutes one letter or character for another

Slide 81


Slide 82


12/06/56

42

Slide 83


With most symmetric ciphers, the final step is to combine the cipher stream with the plaintext to create the ciphertext

The process is accomplished through the exclusive OR (XOR) binary logic operation

One-time pad (OTP)

Combines a truly random key with the plaintext

Slide 84


12/06/56

43

Slide 85


Manipulates an entire block of plaintext at one time

Plaintext message is divided into separate blocks of 8 to 16 bytes And then each block is encrypted independently

Stream cipher advantages and disadvantages

Fast when the plaintext is short

More prone to attack because the engine that generates the stream does not vary

Block ciphers are more secure than stream ciphers

Slide 86


12/06/56

44

Slide 87


Data Encryption Standard (DES)

Declared as a standard by the U.S Government

DES is a block cipher and encrypts data in 64-bit blocks

Uses 56-bit key, very insecure

Has been broken many times

Triple Data Encryption Standard (3DES) Uses three rounds of DES encryption

Effective key length 112 bits

Considered secure

Slide 88


12/06/56

45

Slide 89


Approved by the NIST in late 2000 as a replacement for DES

Official standard for U.S. Government

Considered secure--has not been cracked

Slide 90


12/06/56

46

Link Ch 11e

Slide 91


Several other symmetric cryptographic algorithms are also used:

Rivest Cipher (RC) family from RC1 to RC6

International Data Encryption Algorithm (IDEA)

Blowfish

Twofish

Slide 92


12/06/56

47

Asymmetric Cryptographic Algorithms

93


Asymmetric cryptographic algorithms

Also known as public key cryptography

Uses two keys instead of one The public key is known to everyone and can

be freely distributed

The private key is known only to the recipient of the message

Asymmetric cryptography can also be used to create a digital signature

Slide 94


12/06/56

48

Slide 95


A digital signature can:

Verify the sender

Prove the integrity of the message

Prevent the sender from disowning the message (non-repudiation)

A digital signature does not encrypt the message, it only signs it

Slide 96


12/06/56

49

Slide 97


Slide 98


12/06/56

50

The most common asymmetric cryptography algorithm

RSA makes the public and private keys by multiplying two large prime numbers p and q To compute their product (n=pq) It is very difficult to factor the number n to find p

and q Finding the private key from the public key would

require a factoring operation RSA is complex and slow, but secure 100 times slower than DES

Slide 99


A key exchange algorithm, not an encryption algorithm

Allows two users to share a secret key securely over a public network

Once the key has been shared

Then both parties can use it to encrypt and decrypt messages using symmetric cryptography

Slide 100


12/06/56

51

Secure Web Pages typically use RSA, Diffie-Hellman, and a symmetric algorithm like RC4

RSA is used to send the private key for the symmetric encryption

Slide 101


Slide 102


12/06/56

52

Slide 103


An elliptic curve is a function drawn on an X-Y axis as a gently curved line

By adding the values of two points on the curve, you can arrive at a third point on the curve

The public aspect of an elliptic curve cryptosystem is that users share an elliptic curve and one point on the curve

Not common, but may one day replace RSA

Slide 104


12/06/56

53

Using Cryptography on Files and Disks

105


Pretty Good Privacy (PGP)

One of the most widely used asymmetric cryptography system for files and e-mail messages on Windows systems

GNU Privacy Guard (GPG)

A similar open-source program

PGP and GPG use both asymmetric and symmetric cryptography

Slide 106


12/06/56

54

Part of Windows

Uses the Windows NTFS file system

Because EFS is tightly integrated with the file system, file encryption and decryption are transparent to the user

EFS encrypts the data as it is written to disk

On Macs, Filevault encrypts a user's home folder

Slide 107


Windows BitLocker

A hardware-enabled data encryption feature

Can encrypt the entire Windows volume

Includes Windows system files as well as all user files

Encrypts the entire system volume, including the Windows Registry and any temporary files that might hold confidential information

TrueCrypt

Open-source, free, and can encrypt folders or files

Slide 108


12/06/56

55

A chip on the motherboard of the computer that provides cryptographic services

If the computer does not support hardware-based TPM then the encryption keys for securing the data on the hard drive can be stored by BitLocker on a USB flash drive

Slide 109


Can defeat all currently available whole disk encryption techniques (link Ch 11i)

Slide 110


12/06/56

56


Slide 111

Chapter 5 Authentication and Basic Cryptography

Documents

Transcript of Chapter 5 Authentication and Basic Cryptography