Module Two

N voice print distinguishing differences in peoples

Info iconThis preview shows pages 3–5. Sign up to view the full content.

View Full Document Right Arrow Icon
n Voice Print: Distinguishing differences in people’s speech sounds and patterns. n Signature Dynamics: Electrical signals of speed and time that can be captured when a person writes a signature. n Keyboard Dynamics: Captures the electrical signals when a person types a certain phrase. n Hand Topology: Looks at the size and width of an individual’s hand and fingers. Single Sign On Kerberos n Symmetric key encryption n KDC – Kerberos-trusted Key Distribution Center n TGS – Ticket Granting Service n AS – Authentication Server Kerberos 1. KDC knows secret keys of Client and Server 2. KDC exchanges info with the Client and the Server using symmetric keys 3. Using TGS grants temporary symmetric key 4. Client and Server communicate using the temporary session key Initial Exchange Client sends Hash Password to the TGS Server, TGS verifies with the Auth. Server
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
TGS Server responds with: 1) Key for Client and TGS server encrypted with Client Key [K(c,tgs)]Kc 2) Ticket Granting Ticket (TGT) = [K(c, tgs), c,a,v]K(tgs) Request for Service Client sends request for service to TGS with 1) TGT = [K(c, tgs), c,a,v]K(tgs) 2) Authenticator K(c, tgs) TGS Issues Ticket for Service TGS sends Client back ticket for server and authenticator for server 1) Ticket T(c,s) = [s,c,a,v,K(c,s)]Ks 2) [K(c,s)]K(c,tgs) Receive Service from Server Client sends Server 1) Ticket T(c,s) = [s,c,a,v,K(c,s)]Ks 2) authenticator = [c,t,key]K(c,s) Kerberos weaknesses n Replay is possible within time frame n TGS and Auth server are vulnerable as they know everything n Initial exchange passed on password authentication n Keys are vulnerable SESAME – Secure European System for Applications in a Multi-vendor Environment n Uses Needham-Schroeder protocol n Uses public key cryptography n Supports MD5 and CRC32 Hashing n Uses two tickets 1) One contains authentication 2) One contains the access rights to the client SESAME weaknesses n Only authenticates by using first block of message n Initial exchange passed on password authentication n SESAME incorporates two certificates or tickets: One certificate provides authentication as in Kerberos and the other certificate defines the access privileges that are assigned to a client. KryptoKnight n Peer to peer relationship between KDC – Key Distribution Center and parties (Client and Server) n NetSP is based on KryptoKnight n Supported by RACF n Authentication n Key Distribution n Data Privacy n Data Integrity n Single Sign-On n Administration Access Control - Centralized and Decentralized Centralized n RADIUS - Remote Access Dial-In User Service (incorporates an AS and dynamic password) n TACACS – Terminal Access Controller Access Control System (for network applications, static pwd) n TACACS+ – Terminal Access Controller Access Control System Plus, supports token authentication
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

Page3 / 6

n Voice Print Distinguishing differences in peoples speech...

This preview shows document pages 3 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online