06_authproto - Authentication Protocols and Key...

Info iconThis preview shows pages 1–11. Sign up to view the full content.

View Full Document Right Arrow Icon
1 Authentication Protocols and Key Establishment Peter Sjödin psj@kth.se Based on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 • Trusted intermediates • Performance & randomness
Background image of page 2
3 Basic Problem ? How do you prove to someone that you are who you claim to be? Any system with access control must solve this problem
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Authentication: first attempt Alice says “I am Alice” and sends her secret password to “prove” it. Failure scenario?? “I’m Alice” Alice’s password OK
Background image of page 4
5 Authentication: Playback Attack Alice says “I am Alice” and sends her secret password to “prove” it. playback attack: Trudy records Alice’s packet and later plays it back to Bob “I’m Alice” Alice’s password OK “I’m Alice” Alice’s password
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 Authentication: yet another try Alice says “I am Alice” and sends her encrypted secret password to “prove” it. Failure scenario?? “I’m Alice” encrypted password OK
Background image of page 6
7 Authentication: another try Alice says “I am Alice” and sends her encrypted secret password to “prove” it. record and playback still works! “I’m Alice” encrypted password OK “I’m Alice” encrypted password
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Authentication by Nonce Challenge Goal: avoid playback attack Failures, drawbacks? Nonce: number (R) used only once–in-a-lifetime Bob sends Alice a nonce R. Alice must return R, encrypted with shared secret key “I am Alice” R K (R) A-B Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! Right?
Background image of page 8
9 Authentication by Nonce Challenge Goal: avoid playback attack Failures, drawbacks? Nonce: number (R) used only once–in-a-lifetime Bob sends Alice a nonce R. Alice must return R, encrypted with shared secret key “I am Alice” R K (R) A-B Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! Right? Bob isn’t authenticated If the key is derived from a password, Trudy can mount a dictionary attack Trudy can hijack connection after authentication, if she can send packets with Alice’s source address! Bob isn’t authenticated If the key is derived from a password, Trudy can mount a dictionary attack Trudy can hijack connection after authentication, if she can send packets with Alice’s source address!
Background image of page 9

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Authentication: yet another try Goal: avoid playback attack, efficiency Failures, drawbacks? Alice encrypts a timestamp with shared secret key
Background image of page 10
Image of page 11
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/16/2011 for the course ICT 2 taught by Professor 2 during the Spring '11 term at Kungliga Tekniska högskolan.

Page1 / 34

06_authproto - Authentication Protocols and Key...

This preview shows document pages 1 - 11. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online