User authentication

icg.isy.liu.se
  • No tags were found...

User authentication

Computer security Lecture 2Identification and Authentication


User authentication◮ Authentication is the process of verifying a users identity◮ There are two reasons to do this:◮ To make access control decisions◮ To enable audit trails◮ Authorisation is sometimes based based on role, not identity◮ Accountability is based on identity, since groupaccountability is ineffective


Authentication procedure◮ The most commonprocedure is as follows:◮ An individual arrives at acheckpoint (login dialog)◮ The individual claims anidentity (username)◮ The individual presentsthe item needed to provethe identity (password)


Authentication of users can use◮ Something you know(passwords, . . . )◮ Something you carry(badges with magneticstripes, . . . )◮ Something you are,biometrics (handwriting,fingerprints, retinapatterns, . . . )


Authentication of users can use◮ Something you know(passwords, . . . )◮ Something you carry(badges with magneticstripes, . . . )◮ Something you are,biometrics (handwriting,fingerprints, retinapatterns, . . . )◮ Something you do(handwriting, . . . )◮ Where you are


Authentication of users can use◮ Something you know(passwords, . . . )◮ Something you carry(badges with magneticstripes, . . . )◮ Something you are,biometrics (handwriting,fingerprints, retinapatterns, . . . )◮ Something you do(handwriting, . . . )◮ Where you are


“Where you are”?◮ does not verify identity, unless only one person can enterthat location◮ could reduce the number of possible identities◮ but should rather be thought of as access restriction, thanan authentication mechanism


Authentication of users can use◮ Something you know(passwords, . . . )◮ Something you carry(badges with magneticstripes, . . . )◮ Something you are,biometrics (handwriting,fingerprints, retinapatterns, . . . )◮ Something you do(handwriting, . . . )◮ Where you are


Authentication modes◮ Something you know(passwords, . . . )◮ Something you carry(badges with magneticstripes, . . . )◮ Something you are,biometrics (handwriting,fingerprints, iris patterns,. . . )


Something you know: Passwords◮ Username+password is the standard first line of defense◮ Widely accepted, not too difficult to implement◮ Can be expensive to manage password securely◮ Obtaining a valid password is a common attack


Maintaining passwordsAs Angela Sasse puts it: it is hard to think of a worseauthentication mechanism than passwords◮ People can’t remember infrequently used, frequentlychanged, many similar items◮ We can’t forget on demand◮ Recall is harder than recognition◮ Non-meaningful words are more difficult to remember


Ways for an attacker to obtain a validpassword◮ Intercept it at creation◮ Guess it◮ Steal the note where it is written down◮ Watch user enter it, or use a keylogger◮ Eavesdrop on transmission◮ Find it in a memory buffer◮ Find it through a spoofing program, through phishing, ormore general social engineering◮ Find it reused in another system


Example: PIN (Personal identificationnumber)◮ Financial PINs are often four digits◮ Some banks force PIN on the user, other allows you tochoose◮ Avoid 1111, 2222, and 1234, 2345, or birthdates andsuchlike◮ Many systems allow three attempts before locking card,giving a 0.06% chance of guessing it◮ PIN generation through the IBM 3624 standard uses theaccount number to generate the PIN (through encryption)◮ Despite the encryption key being secret, the connection tothe account number allows guessing the PIN on the averagein 15 attempts (Zielinski and Bond, 2002)


Example: Building entry codes◮ These are also four digits◮ There is no limit to the number ofattempts◮ You can even try several at once bytyping 111122223333. . .◮ There is a “general code” that is 10003digits long that will open any door (a“de Bruijn sequence”)◮ If four buttons are more worn/less dirty, the de Bruijnsequence is 4 4 + 3 = 259 digits long (!)11112 11131 11411 22112 31124 11321 13311 34114 21143 1144121213 12141 22212 23122 41232 12331 23412 42124 31244 1313141322 13231 32413 32133 31334 13421 34313 44141 42214 2314241432 14331 43414 42144 31444 22223 22242 23322 34224 3224423232 42333 23342 34323 44242 43324 34244 32444 33334 3344343444 4111


Example: CVV (Card Verification Value)◮ These are three digits◮ Used to verify that the card is held bythe buyer at purchase over the web◮ Printed, not embossed on the card, so can be erased◮ Difference to card number: merchant is not allowed to storeCVV number once transaction is approved◮ Does not protect against phishing/staff with good memorythat handled your card◮ Not all merchants use the CVV


Password bootstrap◮ To be really secure, only establishpassword in person◮ Send by courier with personal delivery(“rekommenderat brev”)◮ Call back through previously knownphone number◮ If not on secure channel, send one-time password◮ Request out-of-band confirmation, e.g., via SMS to apreviously known phone number


Password management◮ Should take care of password bootstrap◮ This can take some time, for examplefor new employees◮ Resetting a password can be more timecritical◮ Requires proper routines, properly trained staff, mayberound-the-clock helpdesk◮ This can become a cost factor that needs to be taken intoaccount


Guessing passwords◮ Exhaustive search◮ Intelligent search◮ dictionary◮ words associated with userDefences◮ Use long passwords◮ Mix upper and lower case, digits,symbols◮ Change default passwords◮ Avoid obvious passwords


Password security helpers◮ Password checkers: Use intelligentsearch at password creation◮ Password generators: Software toolsto produce secure (random, oftenpronouncable) passwords◮ Password aging: Force users to change password atregular intervals◮ Limit login attempts: Either hard limit (three attempts),or delay after failed attempt


Common advice on passwordsPasswords should◮ be long enough, and◮ . . . have enough variationto make guessing hard◮ be easy to remember,without violating thepoints above◮ be changed at reasonableintervalsshould not◮ be anything you revealoutside authentication◮ be the same for two sites◮ if one site is moresensitive◮ if one site is less trusted◮ be stored in plaintext◮ be sent in plaintext◮ be connectable to you


Common advice on passwordsPasswords should◮ be long enough, and◮ . . . have enough variationto make guessing hard◮ be easy to remember,without violating thepoints above◮ be changed at reasonableintervalsshould not◮ be anything you revealoutside authentication◮ be the same for two sites◮ if one site is moresensitive◮ if one site is less trusted◮ be stored in plaintext◮ be sent in plaintext◮ be connectable to youChoose a password you can’t rememberand don’t write it down


Password selectionSchneier1. Generate (a real) random password2. Write it on a piece of paper3. Keep the now valuable piece of paper with the othervaluable pieces of paper you own in your wallet


Password selectionxkcd.org


Is naive password choice really a problem?(Yes!)◮ An old study by D. Klein found that 25% of passwordscould be guessed, roughly◮ Dictionary words: 7.4%◮ Common names: 4%◮ Combination of user and account name: 2.7%◮ . . .◮ (sf-specific words: 0.4%)◮ (sports terms: 0.2%)◮ Frequent password changes often backfire◮ monthly changes: alice01, alice02, . . .◮ checking against old passwords: rapid changes until the oldpassword can be used◮ . . . post-it notes on the screen . . .


Example: PIN (Personal identificationnumber)◮ Financial PINs are often four digits◮ Some banks force PIN on the user, other allows you tochoose◮ Avoid 1111, 2222, and 1234, 2345, or birthdates andsuchlike◮ Many systems allow three attempts before locking card,giving a 0.06% chance of guessing Estimate it circa -00:1/3 use a birthdate◮ PIN generation through the IBM 3624 standard uses theaccount number to generate the PIN (through encryption)◮ Despite the encryption key being secret, the connection tothe account number allows guessing the PIN on the averagein 15 attempts (Zielinski and Bond, 2002)


Phishing, spoofing, and social engineering◮ Phishing: Ask user for login and password under falsepretense◮ Spoofing: Present false but genuine-looking login screen◮ Other social engineering: Directed personal attacksaimed to extract password, often aimed at support staff◮ One problem is that even big banks (or indeed PayPal)train customers in unsafe behaviour


Phishing, spoofing, and social engineering


Defense against phishing, spoofing, andsocial engineeringEducate users, or even better: don’t miseducate them◮ Check the English (better English)◮ Look for the lock symbol (use SSL or put a lock symbol onthe page)◮ Look for the last four numbers in your account number(put the first four numbers there)◮ Don’t click on URLs but pictures are OK (hide executablesunder pictures)◮ Use mouse hover to show the real URL (insert nonprintingchars, or use extremely long URLs)


Protecting the password storage◮ Cryptographic protection◮ Access control protection◮ . . . or both◮ Use a one-way function: given x it is easy to compute f (x),but given f (x) it is hard to compute x◮ Examples:◮ modified DES in ECB mode with password as key (earlyUNIX systems), 8 chars max◮ SHA256 or SHA512 in modern *nixes◮ LM hash (DES-based) in early Windows, 14 chars max◮ NT hash (MD4) in later Windows (>1993)◮ A salt increases the resistance to dictionary attacks


Protecting the password storage◮ Cryptographic protection◮ Access control protection◮ . . . or both◮ In UNIX, /etc/passwd is world-readable◮ Instead use shadow passwords (in /etc/shadow) whereonly root can read them◮ Windows NT stores passwords in a proprietary format◮ This does not help much


The need for repeated authentication◮ Some systems require repeated authentication◮ This is to stop attackers from using an already logged-incomputer, later◮ This can also be used to authenticate again when a userwants to perform a security-critical operation◮ The book mentions TOCTTOU,time-of-check-to-time-of-use


Authentication modes◮ Something you know(passwords, . . . )◮ Something you carry(badges with magneticstripes, . . . )◮ Something you are,biometrics (handwriting,fingerprints, iris patterns,. . . )


Something you carry: keys and tokens◮ can be stolen◮ can be found by others, if lost◮ can be copied, if you know their correct properties◮ skimming◮ guessing valid properties◮ radio eavesdropping on RFID◮ taking photos of metal keys


Example: keys to NYC


Secure objects◮ connect to somethingadditional, like a PIN orbiometrics◮ make copying difficult◮ hide a secret in them anduse active(challenge-response)authentication


Secure object example: Yubikey◮ Connects as a USB keyboard◮ Issues one-time passwords◮ Contains secret AES key used to encrypt a counter◮ The AES key cannot be retrieved, so the key cannot becopied◮ Slightly better security than a physical, ordinary key


Challenge - response◮ Needs a one-way function f◮ Each user i has a secret, x i◮ The server has the whole set X = {x i }◮ The user says “Hello, I am i ”◮ The server sends a random nonce r◮ Both user and server calculate f (x i , r) = y◮ The user sends his y◮ The user is OK if this matches the server y


Authentication modes◮ Something you know(passwords, . . . )◮ Something you carry(badges with magneticstripes, . . . )◮ Something you are,biometrics (handwriting,fingerprints, iris patterns,. . . )


Something you are: Biometrics◮ Vary each time you measure them◮ Scheme must allow variation◮ Can deny access to legitimate users◮ Can allow access to illegitimate users◮ Can be copied


How is the biometric represented?◮ The image is stored, together with the minutiae points◮ Minutiae points are used for searching◮ The result is a score, not yes/no


How is the biometric represented?+◮ Register the biometric for a user (“enrol”)◮ Simplify it into a collection of numeric values


How is the biometric represented?+++◮ Register more users◮ Simplify their data too


How is the biometric represented?++x+◮ Now, at authentication:◮ Who is it?


How is the biometric represented?+ + +++++ + +◮ Take several readings◮ . . . to check the natural variation


How is the biometric represented?+ + +++++ + +◮ Take several readings◮ . . . to determine what variation is acceptable


How is the biometric represented?++++ +x+ + +◮ Now, you can tell who it was◮ In lab 1, this is what you’ll do (using 3 “dimensions”)


Biometrics: two kinds of failure◮ Denying access to legitimate users is called falserejection/negative/non-match (False Non-Match Rate,FNMR)◮ Allowing access to illegitimate users is called falseacceptance/positive/match (False Match Rate, FMR)◮ The probabilities of these two failures decide the quality ofthe biometric systemfalse acceptance ratefalse rejection ratethreshold


False rejection (False non-match rate)◮ False rejection rate drops when threshold is lowered◮ False rejection is a threat against availability◮ High false rejection is a problem◮ “False rejection rate” is also known as “insult rate”false acceptance ratefalse rejection ratethreshold


False acceptance (False match rate)◮ False acceptance rate drops when threshold is increased◮ False acceptance is a threat against data integrity andconfidentiality◮ High false acceptance is a problemfalse acceptance ratefalse rejection ratethreshold


Example: US-VISIT (2004)◮ Uses both index fingers◮ 6 million bad guys in database◮ False match rate was 0.31%, false non-match rate was 4%◮ Clearly a problem, we have now moved to all ten fingersfalse acceptance ratefalse rejection ratethreshold


Enrolment failures◮ Some people don’t have fingerprints (truly!): Some peopledon’t have a right-hand index finger, for example◮ Worn fingertips can make the fingerprints unusable◮ An injury can makeauthentication impossible◮ Recent studies indicatethat the human irischanges with age


Attacks on biometrics◮ Gelatin fingerprint copies still defeat many readers◮ These are simpler to make than one might think◮ Fingerprints can be lifted by old-fashioned dusting and tape◮ The pattern can then be photographically transferred andetched onto ordinary circuit board◮ This can then be used as a mold for a gelatin fingerprint


The first laboratory session◮ On digitized handwritten signatures◮ Uses tablet+pen+matlab◮ Lab instructions on the course web page◮ Hand in a written report (PDF) via email to lab assistant◮ The report does not need to be very long, but must answerthe questions in the instructions


The system used in the labThe system captures three signals:◮ x(t), y(t) is the position as it varies with time◮ z(t) is the pressure as it varies with time


Signal is translated into frequency domain◮ The three signals x(t), y(t), z(t) cannot be compareddirectly between two different signatures◮ They will simply be too different◮ For this reason, we look at the energy distribution in thefrequency components


Signal is translated into frequency domain◮ The method is called Power Spectral Density◮ The laboration uses 11 frequency regions, so in total 33values◮ This means there would be 33 dimensions to analyze


The most important dimensions are now used◮ These 33 dimensions are now reduced to 3 using PrincipalComponen Analysis◮ This removes “unneeded” variations (decreasing FNMR andincreasing FMR)◮ The distance is then measured in these three dimensions++++ +x+ + +


The lab schedule◮ There are eighteen slots in the schedule◮ Nine for the biometry lab, and nine for the power analysislab◮ You should register for ONE OF EACH at the course webpage◮ Groups of two, send email to me if you don’t have a labpartner

More magazines by this user
Similar magazines