2016 Global Identity Summit Pre-Conference Paper Hardening Authentication Technologies

Transcription

1 2016 Global Identity Summit Pre-Conference Paper Hardening Authentication Technologies Paper development coordinated by Cathy Tilton, CSRA

2 This is a community-developed document. Information and viewpoints provided within are not necessarily the opinions of the paper coordinators nor their employers. Special thanks to the MITRE Corporation for their editorial assistance and coordination guidance.

3 Hardening Authentication Technologies The 2016 edition of the Global Identity Summit (GIS) will come at a unique time in federal circles, as it will be 50 days before a presidential election and 123 days before the new President takes office. Clearly, this is a very busy time for all federal officials, as they will be working with transition teams to explain current capabilities and draft plans for the next administration to implement. The GIS Planning Committee is using the 2016 conference to assist agencies during this critically important transition period. This information will be equally useful to the private sector as it develops its future strategies. The Planning Committee s ultimate goal is to gather and publicly post information that explains current capabilities and issues, provides a vision of future capabilities, and develops initial concepts for public and/or private activities for the next five years. The Planning Committee has identified approximately 20 critical identity topics to focus on at the 2016 GIS. Within each topical session, speakers will present information on the current state as well as discuss needs and priorities for the future. The session moderator will then invite feedback from audience members via an open floor and/or targeted workshops. This paper serves as a read-ahead on one of these topics, so that GIS attendees can be prepared to participate in onsite discussions. Level Setting Abstract We hear a lot about strong authentication, but how strong is strong? Strength of authentication is more than just password/key length or number of factors employed it also involves the security surrounding the authentication method(s) and the overall authentication scheme. This session looks at a number of technologies and methods targeted at hardening (increasing the robustness of) user authentication. These include secure elements/trusted execution environments, presentation attack detection/mitigation, multifactor/multibiometric methods, and public key (PK) crypto at scale. Outcomes expected include recommendations for employing these technologies to reduce authentication risks. An ever-increasing amount of services and transactions is offered online, providing both convenience to the user and reduced costs to the provider. However, underlying this is a need for strong, effective security. A key feature of this security, particularly in a remote e-authentication environment, is identity. The service provider must have confidence that the asserted identity belongs to the person attempting to access the service. Depending on the risk level of the transaction, the level of

4 2016 Global Identity Summit confidence required may vary; however, transactions of consequence generally require higher levels of assurance. A variety of authentication factors, methods, and products exist to verify user identity from traditional, secrets-based methods to innovative methods, including biometrics. How the method is implemented, including the security features employed in and around it, greatly affect how formidable or fragile the method is in terms of vulnerability to attack by imposters or hackers. This session takes a look at several techniques aimed at strengthening authentication technologies. Capabilities Four different capabilities with the potential to harden authentication technologies will be investigated. Secure elements and trusted execution environments, to different extents, provide platforms for the secure storage and execution of applications and their associated data, such as cryptographic information. In an authentication context, this allows increased trust in the authentication components and protocols. This is particularly applicable to mobile devices. Biometric authentication requires the user to interact with a biometric sensor (e.g., a fingerprint sensor, camera, or microphone) to capture the biometric features used to match against the biometric reference collected during enrollment/registration. Attackers try to spoof (fool) the sensors and system by presenting to the sensor something other than the biometric of the legitimate user. Countermeasures such as presentation attack detection (PAD) are frequently employed to detect these attacks. Incorporation of PAD increases the strength of biometric methods. Another way to increase authentication strength is to incorporate multiple factors (what you know, have, or are). When biometrics are employed, the use of more than one biometric modality (finger, face, iris, voice) can also increase authentication strength. In each case, the bar is raised for an attacker. Authentication protocols based on public key cryptography are well known, but are sometimes hampered by complexity and ability of the public key infrastructure to scale. Newer, more streamlined schemes are now being incorporated into authentication methods to take advantage of the strength offered by PK crypto in a scalable manner. Landscape Summary Presentations in this session will provide an overview of the technology, how it is used to strengthen authentication, and some implementation examples. Future Requirements We ve described several methods to harden authentication technologies. What is missing? What will it take to get to a point where users are able to authenticate themselves in a way that establishes 2

5 Hardening Authentication Technologies genuine trust in their identity? Is it merely a technology problem, or are there other considerations as well? Future Vision Where do we want to be five years from now in identity authentication? The vision is to have technologies available and in use that: Protect the identity of the user Are simple and convenient to use Minimize vulnerabilities within the authentication stack Provide authentication confidence commensurate with transaction risk Can be used across public and private sector applications Future Planning How do we, as the identity community, help reach these goals? What are the drivers and inhibitors? What role will FIDO play? Where do we see the four technologies trending? How do they contribute to the vision? What other technologies are needed to reduce authentication risk? How might NIST SP , FICAM, NSTIC/IDESG, and certification contribute? Workshop After setting the groundwork on authentication hardening technologies and future requirements, the workshop will dive deeper and focus on crafting a roadmap for how to advance the community from the current state to the desired end vision. Workshop Plans Attendees will break into four groups to participate in a facilitated, interactive discussion around how to incorporate the technologies introduced, as well as others, into a framework that provides strong and secure authentication methods leading to a high level of identity assurance. Gaps will be identified and suggestions for addressing the gaps will be solicited. Many of the questions posed above will be tackled. The roles of academia, industry, and government will be explored. Technology adoption will also be discussed. After 45 minutes of discussion/collaboration, groups will report the highlights of their discussions and their recommendations for going forward. 3