CS3760 Part 03: Identity verification - PowerPoint PPT Presentation

1 / 27
About This Presentation
Title:

CS3760 Part 03: Identity verification

Description:

The subject is divided into the following two topics: Identification by something known or possessed. Passwords and user tokens ... keys for doors, cabinets, cars, ... – PowerPoint PPT presentation

Number of Views:38
Avg rating:3.0/5.0
Slides: 28
Provided by: Christophe643
Category:

less

Transcript and Presenter's Notes

Title: CS3760 Part 03: Identity verification


1
CS3760 Part 03Identity verification
  • Eimear Gallery
  • e.m.gallery_at_rhul.ac.uk

2
Outline
  • The subject is divided into the following two
    topics
  • Identification by something known or possessed
  • Passwords and user tokens
  • Identification some personal characteristic
  • Biometrics

3
Introductory remarks
  • Need for identity verification
  • computer access,
  • entry to secure areas,
  • financial security (e.g. ATMs, e-commerce).
  • Note difference between identification
    information (unique name) and information to
    verify a claimed identity.

4
Classification
  • Classification of identity verification methods
    into four types
  • by something known,
  • by something possessed,
  • by physical characteristic,
  • by result of involuntary action.
  • We consider first two and last two together.

5
3.1 Verification by something known or possessed
  • E.g. passwords (human/human or human/computer),
    PINs.
  • Obvious security procedures
  • accountability,
  • do not write passwords down,
  • make them hard to guess.
  • Alternative one-time passwords.

6
Password storage
  • How should lists of passwords be stored?
  • If unencrypted then readable by systems staff.
  • Usual solution - hide them using a one-way
    function (easy to compute, difficult to invert).
  • Check password by applying function and comparing
    with list entry.

7
Unix password protection
  • Unix uses a one-way function to protect its
    password list.
  • Two extra features
  • slow encryption (25 iterations of DES),
  • password salting.
  • Salting makes pre-encrypted dictionary attack
    difficult and prevents entire list being attacked
    simultaneously.

8
Unix problems
  • Slow encryption not very slow any more!
  • Cheap data storage makes pre-encrypted dictionary
    attacks possible.
  • Public domain packages exist which can be run
    against password files (they are very
    effective!).
  • Hence passwords must not be guessable.

9
Transmission of passwords
  • If passwords sent across insecure channel then
    they are vulnerable to interception.
  • Simple encipherment is no help.
  • One solution is to use a challenge-response
    process.

10
Challenge-response
Login? User name
Challenge random value R
User
Host
Response f(R,P)
11
Properties
  • User and system must know password P.
  • One-way function f must have property that
    f(R,P), R and f do not reveal P.
  • Insecure if not enough passwords.
  • Users must have means to compute f reasonably
    quickly.

12
Tokens
  • Idea well-established
  • keys for doors, cabinets, cars, ...
  • magnetic stripe cards - used for ATMs, access
    control to secure sites, ...
  • Problems with copying.

13
Magnetic stripe cards
  • Very widely used. ISO 7810 specifies card
    dimensions and magnetic stripe format.
  • User ID on magnetic stripe.
  • Usually used with PIN.
  • Off-line systems - PIN check data on card. N.b.
    PIN check data must be salted.
  • On-line systems - PINs verified centrally.

14
Layout of magnetic stripe card
15
Using magnetic stripe cards
  • Problems arise because of easy forging/copying.
  • Hologram (on card) added to prevent changing
    embossed data.
  • Many schemes devised to make forging/copying
    difficult.

16
Smart cards (IC cards) I
  • Contain micro-processor, RAM and ROM.
  • More memory than magnetic stripe cards.
  • Communicate with reader via plated areas on card
    (positions/protocols standardised in ISO/IEC
    7816, a multi-part standard).
  • Copying much more difficult.
  • 1st generation cards had primitive processors and
    limited memory (8 kbytes).

17
Smart cards II
  • 2nd generation IC cards - more powerful
    processors and more memory.
  • If IC card contains cryptographic function, can
    then be used in an identification process (e.g.
    challenge-response).
  • Typically they also require PIN entry.
  • Increasing range of applications.

18
Smart card applications
  • In some countries (e.g. France) smart cards
    routinely used for credit card transactions.
  • In UK, are being piloted for debit/credit.
  • Used widely in GSM mobile telephones to store
    user identity and user secret keys.
  • Electronic money smart cards.
  • IC cards now able to perform digital signatures
    using RSA.

19
Hand-held ID devices
  • Alternatives to smart cards for ID verification
    include calculator-like devices with
  • key-pad and display,
  • key/password storage,
  • cryptographic calculation facility.
  • Can be used with standard work-stations (no card
    reader required).

20
Watchword
  • Example of hand-held device.
  • Device contains user key, user PIN and one-way
    function f.

21
Watchword protocol
(1) Challenge R
(2) R user PIN
Communications via hand-held keyboard/display
Communications via workstation keyboard/display
Host
Hand-held device
User
(3) f(K,R,PIN)
(4) f(K,R,PIN)
22
Safe 200
  • Another device of Watchword type.
  • Not challenge-response but generates a new
    5-digit password for every identification.
  • One-time password called a Session PIN (SPIN) - a
    one-way function of a secret register value
    updated for every SPIN generation.
  • Any of 3 successive SPINs accepted.

23
Safe 200 system
S200 user device
PIN
5-digit SPIN
1-way function
User
Host
20 decimal digits
20-digit register
update
1-way function
24
S/KEY
  • S/KEY is a public domain one-time password scheme
    (Internet RFC 1760).
  • Based on repeated application of a one-way
    function of a secret key.
  • First apply one-way function N times to secret
    key (to get 1st password), then apply N-1 times
    (to get 2nd password), and so on - giving N
    one-time passwords.

25
S/KEY system
Challenge, N
User
Host
Response, fN(s)
26
Time-based 1-time passwords
  • Another well-established idea is to use a clock
    to generate one-time passwords (also using a
    secret key).
  • At regular intervals, the clock value and secret
    key are input to a one-way function to generate a
    one-time password.
  • The host will accept one password either side
    of the current one.

27
Time-based system
user device
PIN
one-time password
1-way function
Host
User
time-stamp
clock
Write a Comment
User Comments (0)
About PowerShow.com