دانلود فایل پاورپوینت پروتکلهای احراز اصالت Authentication protocols

بخشی از پاورپوینت

--- پاورپوینت شامل تصاویر میباشد ----

اسلاید 1 :

Password Vulnerabilities

• Writing them down
• Stolen passwords (via eavesdropping)

–Trojan Horse

• Poor password choice

–Easy to guess, easy to remember

–People use the same password multiple times

–Passwords changed infrequently

• Offline attacks

–Search through password dictionary

اسلاید 2 :

Survey of 3,289 Passwords

• With no constraints on choice of password

–15 were a single ASCII letter.

–72 were strings of two ASCII letters.

–464 were strings of three ASCII letters.

–47 were strings of four alphanumerics.

–706 were five letters, all upper-case or all lower-case.

–605 were six letters, all lower case.

اسلاید 3 :

Strong Authentication

• In strong authentication, one entity ‘proves’ its identity to another by demonstrating knowledge of a secret known to be associated with that entity, without revealing that secret itself during the protocol.
• Also called `challenge-response’ authentication.
• Use cryptographic mechanisms to protect messages in protocol:

–Encryption.

–Integrity mechanism (e.g. MAC).

–Digital signature.

اسلاید 4 :

Encryption-based Unilateral Authentication

1.A     B:  ‘Hi Bob, I’m Alice’

2.B     A:  R  (challenge)

3.A     B:  {R || B}K  (response)

      (Here, {X}K means string X encrypted under key K, and || means concatenation of strings.)

اسلاید 5 :

Security of the Protocol

• Eve ‘sees’ R and {R || B}K. Because of idealised encryption, she should learn nothing about K.
• Bob gets his challenge R back again, in an encrypted form that only Alice can prepare. This allows him to be sure of origin and integrity of the message.
• But Mallory can impersonate Bob easily: so Bob not authenticated to Alice. Only unilateral authentication (of Alice to Bob).

اسلاید 6 :

Replay Attack

• Mallory can’t prepare the correct response {R || B}K to Bob’s challenge because he doesn’t know K.
• But R must be unpredictable: otherwise Mallory can masquerade as Alice in a subsequent protocol run, replaying Alice’s response.

اسلاید 7 :

• The replay attack shows that origin and integrity checking are not enough – we also need a means of checking freshness of messages and liveness of principals.
• Freshness: assurance that message has not been used previously and originated within an acceptably recent timeframe.
• Liveness: assurance that message sent by a principal within an acceptably recent timeframe.
• Three main methods for providing freshness:

–Nonce (Number used ONCE).

–Sequence numbers

–Time-stamps (clock-based or `logical’ time-stamps).

اسلاید 8 :

Standard bilateral Authentication

• Alice and Bob share (strong) key k
• Simple challenge-response type protocol: (Na,Nb - nonces)

اسلاید 9 :

Attack on Simple Protocol

• “Oracle Attack”

اسلاید 10 :

Protocol Fix?

• Modified challenge-response type protocol: