Windows authentication methods and pitfalls
|
|
- Isabel Wells
- 5 years ago
- Views:
Transcription
1 Windows authentication methods and pitfalls hashes and protocols vulnerabilities attacks P. Veríssimo All rights reserved. Reproduction only by permission 1 EXAMPLE: Windows authentication methods Windows stores hashes of locally entered passwords: LM or NTLM hashes historically, network authent. method has evolved: LAN Manager auth. protocol with LM Hash (< Windows NT) NTLMv1 auth. protocol with NTLM Hash (Windows NT) NTLMv2 auth. protocol with NTLM Hash (Windows NT SP4) Kerberos auth. protocol, with NTLM or pure ( Windows 2000) Windows 7: Default: LM & NTLMv1 disabled, NTLMv2 enabled User s password (NTLM hash) is converted to a pre-authentication encrypted key that is stored in the workstation's credential cache and can be used by whatever authentication provider is indicated for the logon type. Pure Kerberos possible with NTLM auth. completely disabled 2
2 Windows authentication methods (a long history of vulnerabilities) 3 EXAMPLE: Windows authentication (LM LAN Manager password hash) How the LM hash of a password is computed: 1. The user s password is converted into all uppercase letters 2. The password has null characters added to it until it equals 14 characters 3. The new password is split into two 7 character halves 4. These values are used to create two DES encryption keys, one from each half with a parity byte added to each to create 64bit keys. 5. Each DES key is used to encrypt a preset ASCII string (KGS!@#$%), resulting in two 8- byte (64bit) ciphertext values 6. The two 8-byte ciphertext values are combined to form a 16-byte (128bit) value, which is the complete LM hash 0. PassWord PASSWORD PASSWORD PASSWOR D PASSWOR1 D E52CAC67419A9A A852F61 6. E52CAC67419A9A A852F61 4
3 EXAMPLE: Windows authentication (LM hash vulnerabilities) encryption is based on DES weak key length password is converted to all uppercase, padded to fourteen characters, and split into two seven character halves from universe of possible passwords one gets to 69 7 LM passwords incredibly vulnerable to brute force cracking attempts 5 EXAMPLE: Windows authentication (NTLM NT LAN Manager password hash) How the NTLM hash of a password is computed: 1. The user s (case-sensitive) password passes three times through a hash function, to form a 16-byte (128bit) value, which is the complete NTLM hash NB: NTLM hash uses MD4 NB2: max password length 127-characters 0. PassWord h P = H 3 (PassWord123) = D5B87105D7FEC0F3BF500B33 6
4 EXAMPLE: Windows authentication (NTLM hash vulnerabilities) MD4 not perfect but stronger than DES, allows for longer password lengths, and for distinction between uppercase and lowercase letters and it does not split the password into smaller, easier to crack chunks. Number of 127-character passwords 4.9* objective: EXAMPLE: Windows authentication protocol: 1. A wants to login to server S 2. S sends nonce Xs 3. A computes two sets of 3 DES keys from the hpx Pad = 128b+40b = 3x56b 4. A computes two 24B=192b=3x64b LM and NT responses RLM, RNT, each encrypting Xs three times with K1,2,3 5. A sends RLM and RNT responses to S 6. S performs the operations in 3 and 4 on its stored hpx hashes and Xs and checks (NTLMv1 login) unilateral authentication by cryptographic checksum between A and S remote authentication used in Windows notation : A has secret password P symmetric crypto (DES) is used to encrypt challenge and response material A and S share two secrets, the password hashes hpl and hpn respectively the LM- and NThash (LM used for legacy), and hence the three DES keys derived from each of them (K1L, K2L, K3L and K1N, K2N, K3N) S generates random nonce Xs secret hpl and hpn,pad is 5 0-bytes 1. A S <A, login> 2. S A Xs 3. A hpl Pad K1L K2L K3L hpn Pad K1N K2N K3N 4. A RLM= f(hpl,xs)= E K1L(Xs) E K2L(Xs) E K3L (Xs) RNT= f(hnt,xs)= E K1N(Xs) E K2N(Xs) E K3N (Xs) 5. A S RLM RNT 6. S RLM RNT ok? 7. S A You re logged on 8
5 EXAMPLE: Windows authentication (NTLMv1 vulnerabilities) unilateral, challenge only defined by server, allows spoofing attack and reflection attack pre-computation attacks possible 10 objective: EXAMPLE: Windows authentication (NTLMv2 login) mutual authentication by cryptographic checksum between A and S remote authentication used in Windows notation : A has secret password P in domain D, global time available HMAC-MD5 is used to process challenge and response material (H in protocol listing) A and S share one secret, the NTLM password hash hpn A and S generate random 64-bit nonces Xa and Xs protocol: 1. A wants to login to server S 2. S sends nonce Xs 3. A computes NTv2-hash with HMAC-MD5 using NT-hash hpn as key. 4. A computes two response blocks with HMAC- MD5 using hntv2 as key. 24B LMv2 and 16B NTv2. 5. They are sent concatenated with Ablob containing nonce Xa, timestamp Ta, domain D, and header data 6. S performs the operations in 3 and 4 on its stored hpn hash, Xs, Ablob and checks secret hpn, Ablob= <Xa, Ta, D, header> 1. A S <A, login> 2. S A Xs 3. A hntv2 = H(hPN, A D) 4. A LMv2= H(hNTv2, Xs Xa) Xa NTv2= H(hNTv2, Xs Ablob) 5. A S LMv2 NTv2 Ablob 6. S LMv2 NTv2 Ablob ok? 7. S A You re logged on 11
6 EXAMPLE: Windows authentication (NTLMv2 vulnerabilities) immune to replay attacks due to timestamp partially mitigates reflection attack due to (keyed) crypto checksum and cli ID included therein Windows don t use salting: worthwhile to break passwords in one machine expecting to escalate to other machines in domain, e.g. using rainbow tables but pre-computation attacks more difficult because hashed response depends both on srv and cli nonce (and current time for NTv2 resp.) but see work of Ochoa on weak nonces 13 Windows authentication methods (attacks) 14
7 RECALL: Spoofing (interposition) Alice Spoofer Malicious Code Bob Modus operandi: malicious host intercepts communications between two participants, reading and/or changing its contents dynamically Some examples: e.g., insertion/deletion or replay of whole messages on-the-fly modification of message content appending malicious code to downloads or messages 15 Windows authentication NTLMv1 vulnerability and attack : (THREAT: spoofed server) challenge is unilaterally chosen by server spoofed server M will have its own rainbow table of DES Ek(X)=f(K) for a fixed X, i.e. the result of Ek(X) for all or many possible keys K spoofer M chooses and sends conveniently Xs=X, receives the several E Kxy(X) responses solution: use NTLMv2, where server and client mutually exchange challenges 1. A M <A, login> 2. M A X secret hpl and hpn,pad is 5 0-bytes 3. A hpl Pad K1L K2L K3L hpn Pad K1N K2N K3N 4. A R1= E K1L(X) E K2L(X) E K3L (X) R2= E K1N(X) E K2N(X) E K3N (X) 5. A M R1 R2 6. M Looks up each E Kxy(X) in table and recovers all Kxy 7. M all Kxy + Pad => hpl, hpn disclosed 16
8 Windows authentication NTLMv1 (THREAT: spoofed server) Mallory creates a rainbow table preparing for attack Mallory impersonates Trent, an honest server, and attacks A trying to get access to its password hashes hpl, hpn rainbow table for X K Y 1. E1(X) 2. E2(X) k Ek(X) [X] spoofed session (A to M) 1. A M <A, login> 2. M A X secret hpl and hpn,pad is 5 0-bytes 3. A hpl Pad K1L K2L K3L hpn Pad K1N K2N K3N 4. A R1= E K1L(X) E K2L(X) E K3L (X) R2= E K1N(X) E K2N(X) E K3N (X) 5. A M R1 R2 6. M Looks up each E Kxy(X) in table and recovers all Kxy 7. M all Kxy + Pad => hpl, hpn disclosed 17 RECALL: Reflection (challenge-challenge-response) Trudy <Xs?> <Xs?> <Xs> Server <Xs!> Modus operandi : malicious host resends messages sent by peer, or initiates cross-coupled sessions, trying to confuse its peer into mistakenly giving access or info Some examples : challenge-response authentication on a server 18
9 Windows authentication NTLMv1 vulnerability and attack : (THREAT: reflection attack) challenge is unilaterally chosen by server malicious server M poses as actual server accepting client A connection request meantime, M opens reflected session posing as client to the actual client A M uses challenge received from A as its own challenge to A in primitive session, and waits for A s response M uses A s response as its own response in reflected session since response is f(hpl,xa), A will check positively, and grants access to M solution: use NTLMv2, where server and client mutually exchange challenges and client ID is hashed inside HMAC 1. A S <A, login> 2. S A Xs secret hpl and hpn,pad is 5 0-bytes 3. A hpl Pad K1L K2L K3L hpn Pad K1N K2N K3N 4. A RLM= f(hpl,xs)= E K1L(Xs) E K2L(Xs) E K3L (Xs) RNT= f(hnt,xs)= E K1N(Xs) E K2N(Xs) E K3N (Xs) 5. A S RLM RNT 6. S RLM RNT ok? 7. S A You re logged on 19 Windows authentication NTLMv1 (THREAT: reflection attack) Mallory impersonates Trent, Mallory attacks A trying an honest server to get access spoofed session (A to M) reflected session (M to A) 1. A M <A, login> 2. M A Xa secret hpl and hpn,pad is 5 0-bytes Mallory Mallory suspends continues this session this session 3. A hpl Pad K1L K2L K3L hpn Pad K1N K2N K3N 4. A RLM= f(hpl,xa)= E K1L(Xa) E K2L(Xa) E K3L (Xa) RNT= f(hnt, Xa)= E K1N(Xa) E K2N(Xa) E K3N (Xa) 5. A M RLM RNT 6. RLM RNT ok? 7. M A You re logged on 1. M A <M, login> 2. A M Xa 5. M A RLM RNT... and starts another one... : secret hpl and hpn,pad is 5 0-bytes hpl Pad K1L K2L K3L hpn Pad K1N K2N K3N RLM= f(hpl,xa)= E K1L(Xa) E K2L(Xa) E K3L (Xa) RNT= f(hnt, Xa)= E K1N(Xa) E K2N(Xa) E K3N (Xa) 6. A RLM RNT ok? 7. A M You re logged on Mallory finishes attack 20
10 Getting LM,NTLM hashes hpl or hpn where from: Memory: during process run time Disk: available throughout a reboot of the operating system Network: sniffing encrypted LM/NTLM dialogues by whom: Admin-level privileges on a machine Local Security Authority Security Accounts Manager enabling scenarios: 1. Accounts that are on the system (e.g. initial set-up, incl. sys_admins who have logged on previously) 2. User B who uses workstation of user A (physical access) 3. User B who uses workstation of user A (remote desktop) 4. User B who uses VNC to remotely access session of user A 5. Credentials provided for "run as..." 6. Credentials provided for mounting a share ( net use...") 22 Using LM,NTLM hashes Brute-Force, Dictionary-Attack may take a long time (TYP: LM hashes are cracked within a few hours and NTLM hashes within a few days or weeks) Rainbow-Table Attack pre-computed hashes stored in online files, can be looked up within seconds. Pass-The-Hash Attack immediate, ready-to-use credentials, no need to recover the plaintext password as previous two 23
11 Pass-the-hash attack on Windows Pass-the-hash allows an attacker to use LM & NTLM hashes to authenticate to a remote host (using NTLM auth) without having to brute-force those hashes to obtain the cleartext password was we saw earlier, Windows domain computers keep a cache of the LM & NTLM hashes used in previous logons, either/both in LASS and SAM, so that in offline-mode the user can still logon 24 RECALL: Spoofing (credential forwarding) Alice Spoofer h(pbob) ACCbob h(pbob) I m Bob. Modus operandi : malicious host steals/recovers/extracts stored or transmitted credencials from legitimate users and passes them on to third parties, impersonating those users Some examples : pass-the-hash attack 27
12 Windows authentication NTLMvx (THREAT: pass-the-hash-attack) Alice 3. User supplies Username and Password 1. Client attempts to access resource 2. Server sends authentication challenge Server 4. Supplied Password is transformed into hash 5. Response composed from hash sent to server f(hp(alice)) 7. Server grants access to resource 6. Server checks response against its stored hash copy 28 Windows authentication NTLMvx (THREAT: pass-the-hash-attack) Mallory 3. Mallory supplies Username and stolen hp(alice) 1. Client attempts to access resource 2. Server sends authentication challenge Server 5. Response composed from hash sent to server f(hp(alice)) 7. Server grants access to resource to Mallory, thinking it s Alice 6. Server checks response against its stored hash copy (of Alice) 29
13 Windows authentication methods (mitigation) very difficult to defend against there are countless exploits in Windows and applications running on Windows that can be used by an attacker to elevate their privileges and then carry out the hash harvesting that facilitates the attack However, better than nothing is Least-privilege security principle low privileges to normal users separate accounts for admins to log on regular machines Monitoring Privilege Use (System Log) Anti-Virus Process Education checklists of do s and don ts in admin work 30 Windows authentication methods (mitigation) Protect your password hash Patch-Management (prevent first compromise) Hardening (limit exposure, disable at least LM, NTLMv1) Cached Domain Logons Number of previous logons to cache: 1 Logon Local SAM Credentials Do not store LAN Manager hash value on next password change Active LSA Session Credentials Send NTLMv2 response only. Refuse LM & NTLM Windows 7, Windows 2008 R2: NTLM can be disabled altogether 31
User Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationMike Pilkington. SANS Forensics and IR Summit June, 2011
Mike Pilkington SANS Forensics and IR Summit June, 2011 Since graduating from UT- for a large oil and gas services company Systems Admin, Network Admin, and Security Analyst My current role focuses on
More informationUser Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
More informationPASSWORDS & ENCRYPTION
PASSWORDS & ENCRYPTION Villanova University Department of Computing Sciences D. Justin Price Fall 2014 CRYPTOGRAPHY Hiding the meaning of a message from unintended recipients. Open source algorithms are
More informationCryptographic Checksums
Cryptographic Checksums Mathematical function to generate a set of k bits from a set of n bits (where k n). k is smaller then n except in unusual circumstances Example: ASCII parity bit ASCII has 7 bits;
More informationTest 2 Review. (b) Give one significant advantage of a nonce over a timestamp.
Test 2 Review Name Student ID number Notation: {X} Bob Apply Bob s public key to X [Y ] Bob Apply Bob s private key to Y E(P, K) Encrypt P with symmetric key K D(C, K) Decrypt C with symmetric key K h(x)
More informationCSCI 667: Concepts of Computer Security. Lecture 9. Prof. Adwait Nadkarni
CSCI 667: Concepts of Computer Security Lecture 9 Prof. Adwait Nadkarni 1 Derived from slides by William Enck, Micah Sherr, Patrick McDaniel, Peng Ning, and Vitaly Shmatikov Authentication Alice? Bob?
More informationTest 2 Review. 1. (10 points) Timestamps and nonces are both used in security protocols to prevent replay attacks.
Test 2 Review Name Student ID number Notation: {X} Bob Apply Bob s public key to X [Y ] Bob Apply Bob s private key to Y E(P, K) Encrypt P with symmetric key K D(C, K) Decrypt C with symmetric key K h(x)
More information1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
More informationOutline. Login w/ Shared Secret: Variant 1. Login With Shared Secret: Variant 2. Login Only Authentication (One Way) Mutual Authentication
Outline Security Handshake Pitfalls (Chapter 11 & 12.2) Login Only Authentication (One Way) Login i w/ Shared Secret One-way Public Key Lamport s Hash Mutual Authentication Shared Secret Public Keys Timestamps
More informationPost-Exploitation with WCE v1.2
Post-Exploitation with WCE v1.2 Pass-the-Hash. Pass-the-ticket & more Date: 01-07-2011 Author: Hernan Ochoa Windows Authentication h1 = LMHash( pwd1 ) h2 = NTHash( pwd1 ) SAM
More informationOS Security. Authentication. Radboud University Nijmegen, The Netherlands. Winter 2014/2015
OS Security Authentication Radboud University Nijmegen, The Netherlands Winter 2014/2015 What does an OS do? Definition An operating system (OS) is a computer program that manages access of processes (programs)
More informationComputer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
More informationOS Security. Authentication. Radboud University Nijmegen, The Netherlands. Winter 2014/2015
OS Security Authentication Radboud University Nijmegen, The Netherlands Winter 2014/2015 What does an OS do? Definition An operating system (OS) is a computer program that manages access of processes (programs)
More informationWhat is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.
P1L4 Authentication What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource. Authentication: Who are you? Prove it.
More information0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken
0/41 Alice Who? Authentication Protocols Andreas Zeller/Stephan Neuhaus Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken The Menu 1/41 Simple Authentication Protocols The Menu 1/41 Simple
More informationServer. Client LSA. Winlogon LSA. Library SAM SAM. Local logon NTLM. NTLM/Kerberos. EIT060 - Computer Security 2
Local and Domain Logon User accounts and groups Access tokens Objects and security descriptors The Register Some features in Windows 7 and Windows 8 Windows XP evolved from Windows 2000 Windows 10, 8,
More informationOptimized Attack for NTLM2 Session Response
Optimized Attack for NTLM2 Session Response Daiji Sanai & Hidenobu Seki SecurityFriday.com 2004.10.15 Topics of Discussion Is Windows authentication really weak? Learn more about Windows authentications.
More informationn Describe the CEH hacking methodology and system hacking steps n Describe methods used to gain access to systems
Outline n Describe the CEH hacking methodology and system hacking steps n Describe methods used to gain access to systems n Describe methods used to escalate privileges Chapter #5: n Describe methods used
More informationSecurity Handshake Pitfalls
Security Handshake Pitfalls 1 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: Authenticate each other Establish sessions keys This process may
More informationLecture 1 Applied Cryptography (Part 1)
Lecture 1 Applied Cryptography (Part 1) Patrick P. C. Lee Tsinghua Summer Course 2010 1-1 Roadmap Introduction to Security Introduction to Cryptography Symmetric key cryptography Hash and message authentication
More informationOverview. Terminology. Password Storage
Class: CSG254 Network Security Team: Enigma (team 2) Kevin Kingsbury Tejas Parikh Tony Ryan Shenghan Zhang Assignment: PS3 Secure IM system Overview Our system uses a server to store the passwords, and
More informationUser Authentication Protocols Week 7
User Authentication Protocols Week 7 CEN-5079: 2.October.2017 1 Announcement Homework 1 is posted on the class webpage Due in 2 weeks 10 points (out of 100) subtracted each late day CEN-5079: 2.October.2017
More informationPassword. authentication through passwords
Password authentication through passwords Human beings Short keys; possibly used to generate longer keys Dictionary attack: adversary tries more common keys (easy with a large set of users) Trojan horse
More informationUser Authentication Protocols
User Authentication Protocols Class 5 Stallings: Ch 15 CIS-5370: 26.September.2016 1 Announcement Homework 1 is due today by end of class CIS-5370: 26.September.2016 2 User Authentication The process of
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to talk so much?!? Content taken from the following:
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2017 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationWhen the admin fails on security Christoph Falta ITSECX
When the admin fails on security Christoph Falta ITSECX 2012 09.11.2012 What s this all about? Point out common vulnerabilities in a windows environmnet Point out attack scenarios that leverage these vulnerabilities
More informationCS Computer Networks 1: Authentication
CS 3251- Computer Networks 1: Authentication Professor Patrick Traynor 4/14/11 Lecture 25 Announcements Homework 3 is due next class. Submit via T-Square or in person. Project 3 has been graded. Scores
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationMCSM:Directory2012 MCM:Directory2008 MVP:Enterprise Security Certified Ethical Hacker CISA.
NTLM Ing. Ondřej Ševeček GOPAS a.s. MCSM:Directory2012 MCM:Directory2008 MVP:Enterprise Security Certified Ethical Hacker CISA ondrej@sevecek.com www.sevecek.com GOPAS: info@gopas,cz www.gopas.cz www.facebook.com/p.s.gopas
More informationNetwork Security: Kerberos. Tuomas Aura
Network Security: Kerberos Tuomas Aura Kerberos authentication Outline Kerberos in Windows domains 2 Kerberos authentication 3 Kerberos Shared-key protocol for user login authentication Uses passwords
More informationHomework 2: Symmetric Crypto Due at 11:59PM on Monday Feb 23, 2015 as a PDF via websubmit.
Homework 2: Symmetric Crypto February 17, 2015 Submission policy. information: This assignment MUST be submitted as a PDF via websubmit and MUST include the following 1. List of collaborators 2. List of
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationWhat did we talk about last time? Public key cryptography A little number theory
Week 4 - Friday What did we talk about last time? Public key cryptography A little number theory If p is prime and a is a positive integer not divisible by p, then: a p 1 1 (mod p) Assume a is positive
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationCIS 6930/4930 Computer and Network Security. Topic 7. Trusted Intermediaries
CIS 6930/4930 Computer and Network Security Topic 7. Trusted Intermediaries 1 Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC) Representative
More informationCIS 4360 Secure Computer Systems Applied Cryptography
CIS 4360 Secure Computer Systems Applied Cryptography Professor Qiang Zeng Spring 2017 Symmetric vs. Asymmetric Cryptography Symmetric cipher is much faster With asymmetric ciphers, you can post your Public
More informationLecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.
15-441 Lecture Nov. 21 st 2006 Dan Wendlandt Worms & Viruses Phishing End-host impersonation Denial-of-Service Route Hijacks Traffic modification Spyware Trojan Horse Password Cracking IP Spoofing DNS
More informationCYB 610 Project 1 Workspace Exercise
CYB 610 Project 1 Workspace Exercise I. Project Overview Your deliverables for Project 1 are described below. You will submit your work at the end of Step 6 of Project 1 in your ELM classroom. 1. Non-Technical
More informationIMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP
IMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP North America Latin America Europe 877.224.8077 info@coalfire.com coalfire.com Coalfire sm and CoalfireOne sm are registered service
More informationCS 470 Spring Security. Mike Lam, Professor. a.k.a. Why on earth do Alice and Bob need to share so many secrets?!?
50fb6be35f4c3105 9d4ed08fb86d8887 b746c452a9c9443b 15b22f450c76218e CS 470 Spring 2018 9df7031cdbff9d10 b700a92855f16328 5b757e66d2131841 62fedd7d9131e42e Mike Lam, Professor Security a.k.a. Why on earth
More informationCS 161 Computer Security
Paxson Spring 2017 CS 161 Computer Security Discussion 6 Week of March 6, 2017 Question 1 Password Hashing (10 min) When storing a password p for user u, a website randomly generates a string s (called
More informationCS 393 Network Security. Nasir Memon Polytechnic University Module 13 Virtual Private Networks
CS 393 Network Security Nasir Memon Polytechnic University Module 13 Virtual Private Networks Course Logistics HW due Monday. HW 6 posted. Due in a week. Questions regarding homework are best answered
More informationProtocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh
Protocols II Computer Security Lecture 12 David Aspinall School of Informatics University of Edinburgh 17th February 2011 Outline Introduction Shared-key Authentication Asymmetric authentication protocols
More informationThis presentation covers Gen Z s Security capabilities.
This presentation covers Gen Z s Security capabilities. 1 2 Gen Z architecture assumes every component is an attack vector. This is critical to appreciate, as time and again cyber attacks have exploited
More informationComputer Security 3/20/18
Authentication Identification: who are you? Authentication: prove it Computer Security 08. Authentication Authorization: you can do it Protocols such as Kerberos combine all three Paul Krzyzanowski Rutgers
More informationComputer Security. 08. Authentication. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Authentication Paul Krzyzanowski Rutgers University Spring 2018 1 Authentication Identification: who are you? Authentication: prove it Authorization: you can do it Protocols such
More informationHOST Authentication Overview ECE 525
Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication in real-time
More informationIntroduction. Trusted Intermediaries. CSC/ECE 574 Computer and Network Security. Outline. CSC/ECE 574 Computer and Network Security.
Trusted Intermediaries CSC/ECE 574 Computer and Network Security Topic 7. Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center () Representative solution:
More information9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng Basic concepts in cryptography systems Secret cryptography Public cryptography 1 2 Encryption/Decryption Cryptanalysis
More informationKey Establishment and Authentication Protocols EECE 412
Key Establishment and Authentication Protocols EECE 412 1 where we are Protection Authorization Accountability Availability Access Control Data Protection Audit Non- Repudiation Authentication Cryptography
More informationCryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng
Cryptography Basics IT443 Network Security Administration Slides courtesy of Bo Sheng 1 Outline Basic concepts in cryptography systems Secret key cryptography Public key cryptography Hash functions 2 Encryption/Decryption
More informationCryptography and Network Security
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Chapter 14 Authentication Applications We cannot enter into alliance with neighbouring princes until
More information10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms
Authentication IT443 Network Security Administration Instructor: Bo Sheng Authentication Mechanisms Key Distribution Center and Certificate Authorities Session Key 1 2 Authentication Authentication is
More informationGoals. Understand UNIX pw system. Understand Lamport s hash and its vulnerabilities. How it works How to attack
Last Updated: Nov 7, 2017 Goals Understand UNIX pw system How it works How to attack Understand Lamport s hash and its vulnerabilities History of UNIX passwords Originally the actual passwords were stored
More informationSecurity context. Technology. Solution highlights
Code42 CrashPlan Security Code42 CrashPlan provides continuous, automatic desktop and laptop backup. Our layered approach to security exceeds industry best practices and fulfills the enterprise need for
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationSecurity Handshake Pitfalls
Hello Challenge R f(k, R f(k, R Problems: 1. Authentication is not mutual only authenticates Anyone can send the challenge R. f(k, R Problems: 1. Authentication is not mutual only authenticates Anyone
More informationPasswords. CS 166: Introduction to Computer Systems Security. 3/1/18 Passwords J. Liebow-Feeser, B. Palazzi, R. Tamassia, CC BY-SA 2.
Passwords CS 166: Introduction to Computer Systems Security 1 Source: https://shop.spectator.co.uk/wp-content/uploads/2015/03/open-sesame.jpg 2 Password Authentication 3 What Do These Passwords Have in
More informationCS 361S - Network Security and Privacy Spring Homework #1
CS 361S - Network Security and Privacy Spring 2017 Homework #1 Due: 11am CST (in class), February 13, 2017 YOUR NAME: Collaboration policy No collaboration is permitted on this assignment. Any cheating
More informationChapter 9: Key Management
Chapter 9: Key Management Session and Interchange Keys Key Exchange Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures Slide #9-1 Overview Key exchange Session vs. interchange
More informationEndpoint Security - what-if analysis 1
Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File
More informationDavid Wetherall, with some slides from Radia Perlman s security lectures.
David Wetherall, with some slides from Radia Perlman s security lectures. djw@cs.washington.edu Networks are shared: Want to secure communication between legitimate participants from others with (passive
More informationOracle authentication. László Tóth
Oracle authentication László Tóth donctl@gmail.com Disclaimer The views expressed in this presentation are my own and not necessarily the views of my current, past or future employers. Content Introduction
More informationAuthentication. Strong Password Protocol. IT352 Network Security Najwa AlGhamdi
Authentication Strong Password Protocol 1 Strong Password Protocol Scenario : Alice uses any workstation to log to the server B, using a password to authenticate her self. Various way to do that? Use Ur
More informationCSC 474/574 Information Systems Security
CSC 474/574 Information Systems Security Topic 3.3: Security Handshake Pitfalls CSC 474/574 Dr. Peng Ning 1 Authentication Handshakes Secure communication almost always includes an initial authentication
More informationCode42 Security. Tech Specs Data Protection & Recovery
Tech Specs Data Protection & Recovery Code42 Security Code42 provides continuous, automatic desktop and laptop backup. Our layered approach to security exceeds industry best practices and fulfills the
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationSecurity Handshake Pitfalls
Security Handshake Pitfalls Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr 1 Cryptographic Authentication Password authentication is subject to eavesdropping Alternative: Cryptographic challenge-response
More informationAn Analysis of Local Security Authority Subsystem
An Analysis of Local Security Authority Subsystem Shailendra Nigam Computer Science & Engineering Department DIET, Kharar Mohali(Punjab) India. Sandeep Kaur Computer Science & Engineering Department BBSBEC,
More informationComputer Networks & Security 2016/2017
Computer Networks & Security 2016/2017 Network Security Protocols (10) Dr. Tanir Ozcelebi Courtesy: Jerry den Hartog Courtesy: Kurose and Ross TU/e Computer Science Security and Embedded Networked Systems
More informationBojan Ždrnja, CISSP, GCIA, GCIH, GWAPT INFIGO IS
Laterally pwning Windows Bojan Ždrnja, CISSP, GCIA, GCIH, GWAPT Bojan.Zdrnja@infigo.hr INFIGO IS http://www.infigo.hr Who am I? Senior information security consultant at INFIGO IS Penetration testing (all
More informationTrusted Intermediaries
AIT 682: Network and Systems Security Topic 7. Trusted Intermediaries Instructor: Dr. Kun Sun Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC)
More informationAIT 682: Network and Systems Security
AIT 682: Network and Systems Security Topic 7. Trusted Intermediaries Instructor: Dr. Kun Sun Trusted Intermediaries Problem: authentication for large networks Solution #1 Key Distribution Center (KDC)
More informationStrong Password Protocols
Strong Password Protocols Strong Password Protocols Password authentication over a network Transmit password in the clear. Open to password sniffing. Open to impersonation of server. Do Diffie-Hellman
More informationComputer Security 4/12/19
Authentication Computer Security 09. Authentication Identification: who are you? Authentication: prove it Authorization: you can do it Paul Krzyzanowski Protocols such as Kerberos combine all three Rutgers
More informationDistributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018
Distributed Systems 25. Authentication Paul Krzyzanowski Rutgers University Fall 2018 2018 Paul Krzyzanowski 1 Authentication For a user (or process): Establish & verify identity Then decide whether to
More informationPass, No Record: An Android Password Manager
Pass, No Record: An Android Password Manager Alex Konradi, Samuel Yeom December 4, 2015 Abstract Pass, No Record is an Android password manager that allows users to securely retrieve passwords from a server
More informationThe Kerberos Authentication Service
The Kerberos Authentication Service By: Cule Stevan ID#: 0047307 SFWR 4C03 April 4, 2005 Last Revision: April 5, 2005 Stevan Cule 0047307 SOFTWARE ENGINEERING 4C03 WINTER 2005 The Kerberos Authentication
More informationCS November 2018
Authentication Distributed Systems 25. Authentication For a user (or process): Establish & verify identity Then decide whether to allow access to resources (= authorization) Paul Krzyzanowski Rutgers University
More informationAuthentication Protocols. Outline. Who Is Authenticated?
Authentication Protocols Guevara Noubir College of Computer and Information Science Northeastern University noubir@ccs.neu.edu Outline Overview of Authentication Systems [Chapter 9] Authentication of People
More informationConfiguring Request Authentication and Authorization
CHAPTER 15 Configuring Request Authentication and Authorization Request authentication and authorization is a means to manage employee use of the Internet and restrict access to online content. This chapter
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationIntegrated Key Exchange Protocol Capable of Revealing Spoofing and Resisting Dictionary Attacks
Integrated Key Exchange Protocol Capable of Revealing Spoofing and Resisting Dictionary Attacks David Lai and Zhongwei Zhang Department of Mathematics and Computing, University of Southern Queensland,
More informationCS 290 Host-based Security and Malware. Christopher Kruegel
CS 290 Host-based Security and Malware Christopher Kruegel chris@cs.ucsb.edu Windows Windows > 90 % of all computers run Windows when dealing with security issues, it is important to have (some) knowledge
More information1-7 Attacks on Cryptosystems
1-7 Attacks on Cryptosystems In the present era, not only business but almost all the aspects of human life are driven by information. Hence, it has become imperative to protect useful information from
More information18-642: Security Mitigation & Validation
18-642: Security Mitigation & Validation 11/27/2017 Security Migitation & Validation Anti-Patterns for security mitigation & validation Poorly considered password policy Poorly considered privilege management
More informationAuthentication Handshakes
AIT 682: Network and Systems Security Topic 6.2 Authentication Protocols Instructor: Dr. Kun Sun Authentication Handshakes Secure communication almost always includes an initial authentication handshake.
More informationCISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks
CISNTWK-440 Intro to Network Security Chapter 4 Network Vulnerabilities and Attacks Objectives Explain the types of network vulnerabilities List categories of network attacks Define different methods of
More informationDigital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)
Message Authentication Code (MAC) Key-dependent one-way hash function Only someone with a correct key can verify the hash value Easy way to turn one-way hash function into MAC is to encrypt hash value
More informationProceedings of the 10 th USENIX Security Symposium
USENIX Association Proceedings of the 10 th USENIX Security Symposium Washington, D.C., USA August 13 17, 2001 THE ADVANCED COMPUTING SYSTEMS ASSOCIATION 2001 by The USENIX Association All Rights Reserved
More informationDr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010
CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Security Handshake Pitfalls Login only Mutual
More informationInformation Security CS 526
Information Security CS 526 Topic 7: User Authentication CS526 Topic 7: User Authentication 1 Readings for This Lecture Wikipedia Password Password strength Salt_(cryptography) Password cracking Trusted
More informationInformation Security CS 526
Information Security CS 526 Topic 7: User Authentication CS526 Topic 7: User Authentication 1 Readings for This Lecture Wikipedia Password Password strength Salt_(cryptography) Password cracking Trusted
More informationKey distribution and certification
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must be ensured. Problem solution: Certification Authority
More information13/10/2013. Kerberos. Key distribution and certification. The Kerberos protocol was developed at MIT in the 1980.
Key distribution and certification Kerberos In the case of public key encryption model the authenticity of the public key of each partner in the communication must be ensured. Problem solution: Certification
More informationNetwork Security - ISA 656 IPsec IPsec Key Management (IKE)
Network Security - ISA 656 IPsec IPsec (IKE) Angelos Stavrou September 28, 2008 What is IPsec, and Why? What is IPsec, and Why? History IPsec Structure Packet Layout Header (AH) AH Layout Encapsulating
More informationPersistent key, value storage
Persistent key, value storage In programs, often use hash tables - E.g., Buckets are an array of pointers, collision chaining For persistant data, minimize # disk accesses - Traversing linked lists is
More informationFrontline Information Protection
Frontline Information Protection a presentation to the Phoenix Chapter of ISACA by Hoyt L Kesterson II October 2014 OBSERVATION Most successful attacks spring from weakly-coded web pages or compromised
More informationCIS 4360 Introduction to Computer Security Fall WITH ANSWERS in bold. First Midterm
CIS 4360 Introduction to Computer Security Fall 2010 WITH ANSWERS in bold Name:.................................... Number:............ First Midterm Instructions This is a closed-book examination. Maximum
More information