Session objectives. Identification and Authentication. A familiar scenario. Identification and Authentication

Size: px

Start display at page:

Download "Session objectives. Identification and Authentication. A familiar scenario. Identification and Authentication"

Emil Butler
6 years ago
Views:

1 Session objectives Background Identification and Authentication CSM27 Computer Security Dr Hans Georg Schaathun University of Surrey Autumn 2008 Week 3 Recognise the purposes of (password) identification. Be aware of the potential vulnerabilities in password authentication caused by organisational, human, and technical issues. Be able to identify and apply some security mechanisms for password distribution and management. Draw general security lessons from the familiar scenario of password authentication. Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 1 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 3 / 32 Background Definitions A familiar scenario Identification and Authentication How many usernames and passwords do you have? How many different passwords do you use? Identification e.g. giving your username. You reveal your identity to the system. Entity Authentication e.g. giving a password. The process of verifying a claimed identity. Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 4 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 6 / 32

2 Definitions The purpose of passwords The bootstrap problem The computer system can know who the user is. Enables the two features: Audit trail The system logs activity, and in the case of unauthorised and illegal activities, the logs can be used to trace the guilty user. Authorisation Use is restricted to recognised users, based on payment or membership. How do you identify the user when you give him the first password? How did you get your first password at Surrey? Remark Authorisation does not necessarily require identification, there are alternative approaches. However, using the audit trail to prosecute misbehaving users can hardly be done without identification. Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 7 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 9 / 32 Forgotten passwords Verification techniques What do you do if the user forgets his password? Has anyone ever forgotten the password? What did you do to have it reset? Forgotten passwords is an accessibility threat We have to reissue passwords to maintain accessibility Creates a vulnerability an intruder pretend to be an authorised user having forgotten his password. Misissuing a password is a confidentiality threat Authorised channel Do not give a password to a caller on the phone, but call back on an authorised phone number. Courier for personal delivery. Independent witness Call back someone else, like the requestor s manager. Damage limitation One-time password, forcing the user to change it immediately. Independent verification channel Confirmation by a different channel before the password is activated. Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 10 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 11 / 32

3 Related precautions Guessing passwords Do not give a password to a caller on the phone, but call back on an authorised phone number. How do you prevent phishing? You get an , allegedly from your bank, asking you to call them on a given number or click a given link. You do not know if the is genuine. What do you do? I would visit them by typing a URL I know is correct, or look up the phone number in a different source to call them. Typical crime novel Combination for a safe: your birthday A PIN code: last digits of the wife s phone number. Passwords is the same problem Dictionary attacks Exhaustive searches Users prefer passwords they can remember. Independent, authoritative channel Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 12 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 14 / 32 Exhaustive attacks Dictionary attacks How long does an exhaustive attack take? Number of passwords Time per password How do we control the vulnerability? Longer passwords (mandatory minimum length) Larger alphabet Slow response (at least on repeated attempts) Limit number of attempts Users cannot remember randomly generated words They tend to use common words etc. Hence, dictionaries can speed up the search Controls Require both upper- and lower-case letters Require special symbols (e.g. punctuation) But these controls reduce the password space exhaustive search becomes easier... Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 15 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 16 / 32

4 Other controls If we overdo it... Password checkers Simulate an attack: disable detected passwords Password generation: use computer-generated passwords Expiry dates Change default passwords on default accounts. A secure product should probably demand a password entered during installation. A security-aware administrator would check that no default password is in use before deployment. If a default password is abused, who s to blame? If the password is too difficult the user will write it down If the password has to change often the user will choose a simpler one So don t loose sight of the full picture Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 17 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 18 / 32 Spoofing Passwords Spoofing Passwords Spoofing passwords Controls The conventional password authentication is unilateral How do I know that the computer requesting the password is authorised to do so? Could the password prompt be rogue? State number of failed attempts Attempts not counted indicate foul play... raise the alarm Trusted path CTRL+ALT+DEL under Windows is a secure attention sequence it calls the system to invoke the login screen always use it, even if the login screen appears to be there Mutual authenticatication ssh caches host keys, and warns about unknown keys host keys could be distributed securily Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 20 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 21 / 32

5 The UNIX password file The password file The password file Compromise of the password file ypcat passwd head ii00002:fft.sa0x6jftg:138542:13163:ikpaya Ikpaya:/user/pgt1/ii00002:/usr/local/bin/tcsh php3mm:hoewg92g08weu:23705:23300:mr Michael J Merchant:/user/phradpg/php3mm:/usr/local/bin/tcsh ph41mr:zothpad8o2geg:23196:23005:mr Michael S Rubery:/user/ph43/ph41mr:/usr/local/bin/tcsh gj0006:hiwyd0kzo65jo:143647:23200:gareth Jones:/user/phgammast/gj0006:/usr/local/bin/tcsh ees3jm:iin1yh1vhskp.:13307:13010:jinming Ma:/user/pgr1/ees3jm:/usr/local/bin/tcsh eep2zl:90hk45skpndt2:13662:13020:zongyang Luo:/user/ccsrnrpg1/eep2zl:/usr/local/bin/tcsh cs41hi:alcosbamd/axa:33299:28154:mr Hercules Iliopoulos:/user/cs4/cs41hi:/usr/local/bin/tcsh phpc251$:*:70033:979:phpc251$ machine account:/dev/null:/bin/false rj00001:disabled2kbpkybftgadk:136711:28156:richard Jeffery:/user/ug1/rj00001:/sbin/nologin Unencrypted password file: obviously catastrophic The enemy can learn everything. Encrypted passwords: how dangerous is this? allows off-line password search username : password : uid : gid : real name : home directory : shell Password is encrypted ; using one-way function Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 23 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 24 / 32 The password file Closing Words Alternative Approaches Protection Mechanisms Alternatives to passwords One-way function Encryption without key y = f (x) can be computed easily x = f 1 (y) is not computationally feasible Salting Password P; random salt S, C = f (S C); append salt before encryption. Store S C; store salt unencrypted. Result: to identical passwords have different salt, and thus different encryption. Something you know (password) Something you hold (smart card) Who you are (biometric data) What you are (signature (hand-written)) Where you are ( trusted terminal ) Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 25 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 27 / 32

6 Closing Words Alternative Approaches Closing Words User convenience An overview User convenience Vulnerabilities are found at every stage of password authentication Password issue (password management) Weak passwords (dictionary attack) Weak memory: the user writes it down Password entry (spoofing, peeking) Transmission (remote authentication) Time of check to time of use (is it secure in computer memory?) Security must be addressed at every stage, in Design, implementation, and human interaction Every service requires authorisation Access workstation Access network Access printer Nuisance for the user Several passwords? Enter password several times Single sign-on System caches password. System issues certificate upon first authorisation. Challenge! Balance security and user convenience. Watch out for this conflict! Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 28 / 32 Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 30 / 32 Discussion Exercise Closing Words Exercises [Gollmann 3.7] If you are required to use several passwords at a time, you may consider keeping them in a password book. A password book is a protected file containing your passwords. Access to the password book can again be controlled through a master password. What are the advantages of such a scheme? What are the disadvantages of such a scheme? Overall, do you think it is a good idea or not? Dr Hans Georg Schaathun Identification and Authentication Autumn 2008 Week 3 32 / 32

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/1516/ Chapter 4: 1

Computer Security 3e. Dieter Gollmann. Security.di.unimi.it/1516/ Chapter 4: 1 Computer Security 3e Dieter Gollmann Security.di.unimi.it/1516/ Chapter 4: 1 Chapter 4: Identification & Authentication Chapter 4: 2 Agenda User authentication Identification & authentication Passwords