{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

06_authproto

# 06_authproto - Authentication Protocols and Key...

This preview shows pages 1–11. Sign up to view the full content.

1 Authentication Protocols and Key Establishment Peter Sjödin Based on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
2 • Trusted intermediates • Performance & randomness
3 Basic Problem ? How do you prove to someone that you are who you claim to be? Any system with access control must solve this problem

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
4 Authentication: first attempt Alice says “I am Alice” and sends her secret password to “prove” it. Failure scenario?? “I’m Alice” Alice’s password OK
5 Authentication: Playback Attack Alice says “I am Alice” and sends her secret password to “prove” it. playback attack: Trudy records Alice’s packet and later plays it back to Bob “I’m Alice” Alice’s password OK “I’m Alice” Alice’s password

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
6 Authentication: yet another try Alice says “I am Alice” and sends her encrypted secret password to “prove” it. Failure scenario?? “I’m Alice” encrypted password OK
7 Authentication: another try Alice says “I am Alice” and sends her encrypted secret password to “prove” it. record and playback still works! “I’m Alice” encrypted password OK “I’m Alice” encrypted password

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
8 Authentication by Nonce Challenge Goal: avoid playback attack Failures, drawbacks? Nonce: number (R) used only once–in-a-lifetime Bob sends Alice a nonce R. Alice must return R, encrypted with shared secret key “I am Alice” R K (R) A-B Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! Right?
9 Authentication by Nonce Challenge Goal: avoid playback attack Failures, drawbacks? Nonce: number (R) used only once–in-a-lifetime Bob sends Alice a nonce R. Alice must return R, encrypted with shared secret key “I am Alice” R K (R) A-B Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! Right? Bob isn’t authenticated If the key is derived from a password, Trudy can mount a dictionary attack Trudy can hijack connection after authentication, if she can send packets with Alice’s source address! Bob isn’t authenticated If the key is derived from a password, Trudy can mount a dictionary attack Trudy can hijack connection after authentication, if she can send packets with Alice’s source address!

This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document
Authentication: yet another try Goal: avoid playback attack, efficiency Failures, drawbacks? Alice encrypts a timestamp with shared secret key
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

### Page1 / 34

06_authproto - Authentication Protocols and Key...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document
Ask a homework question - tutors are online