Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

Similar documents
CS November 2018

Computer Security 3/20/18

Computer Security 4/12/19

Computer Security. 08. Authentication. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Distributed Systems. Fall 2017 Exam 3 Review. Paul Krzyzanowski. Rutgers University. Fall 2017

Data Security and Privacy. Topic 14: Authentication and Key Establishment

CS /29/17. Paul Krzyzanowski 1. Fall 2016: Question 2. Distributed Systems. Fall 2016: Question 2 (cont.) Fall 2016: Question 3

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Authentication CHAPTER 17

Pre-exam 3 Review. Fall Paul Krzyzanowski Distributed Systems

CPSC 467b: Cryptography and Computer Security

UNIT - IV Cryptographic Hash Function 31.1

Operating Systems Design Exam 3 Review: Spring 2011

Information Security CS 526

Security: Focus of Control

Security: Focus of Control. Authentication

Cryptography (Overview)

Operating Systems Design Exam 3 Review: Spring Paul Krzyzanowski

1 Identification protocols

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

CS Computer Networks 1: Authentication

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

CS 416: Operating Systems Design April 22, 2015

Operating Systems. Week 13 Recitation: Exam 3 Preview Review of Exam 3, Spring Paul Krzyzanowski. Rutgers University.

SSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1

Transport Level Security

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Digital Certificates Demystified

Chapter 4: Securing TCP connections

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Authentication. Overview of Authentication systems. IT352 Network Security Najwa AlGhamdi

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

CPSC 467: Cryptography and Computer Security

Radius, LDAP, Radius, Kerberos used in Authenticating Users

CS 161 Computer Security

Chapter 9: Key Management

ICT 6541 Applied Cryptography Lecture 8 Entity Authentication/Identification

5. Authentication Contents

Security Handshake Pitfalls

Protocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh

Password. authentication through passwords

Cryptographic Protocols 1

CSE 565 Computer Security Fall 2018

Security Handshake Pitfalls

WHITE PAPER. Authentication and Encryption Design

Computer Security. 10. Exam 2 Review. Paul Krzyzanowski. Rutgers University. Spring 2017

Diffie-Hellman. Part 1 Cryptography 136

Displaying SSL Configuration Information and Statistics

Securing Internet Communication: TLS

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

Background. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33

Security Handshake Pitfalls

User Authentication. Modified By: Dr. Ramzi Saifan

Encryption. INST 346, Section 0201 April 3, 2018

Enhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation

14. Internet Security (J. Kurose)

PROVING WHO YOU ARE TLS & THE PKI

Authentication Handshakes

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

But where'd that extra "s" come from, and what does it mean?

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

E-commerce security: SSL/TLS, SET and others. 4.1

Chapter 6: Security of higher layers. (network security)

CS 356 Internet Security Protocols. Fall 2013

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Information Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1

David Wetherall, with some slides from Radia Perlman s security lectures.

WAP Security. Helsinki University of Technology S Security of Communication Protocols

CS Certificates, part 2. Prof. Clarkson Spring 2017

User Authentication. Modified By: Dr. Ramzi Saifan

CSC 474/574 Information Systems Security

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Crypto meets Web Security: Certificates and SSL/TLS

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security

From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005

Distributed Systems Exam 3 Review. Paul Krzyzanowski. Rutgers University. Fall 2016

Overview. SSL Cryptography Overview CHAPTER 1

(2½ hours) Total Marks: 75

IBM i Version 7.2. Security Digital Certificate Manager IBM

HOST Authentication Overview ECE 525

0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken

Key Management. Digital signatures: classical and public key Classic and Public Key exchange. Handwritten Signature

Chapter 6: Digital Certificates Introduction Authentication Methods PKI Digital Certificate Passing

CSC 482/582: Computer Security. Security Protocols


key distribution requirements for public key algorithms asymmetric (or public) key algorithms

Security issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.

PROTECTING CONVERSATIONS

CSC 774 Network Security

Outline Key Management CS 239 Computer Security February 9, 2004

Transport Layer Security

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Security Digital Certificate Manager

Digital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)

CSC/ECE 774 Advanced Network Security

IBM. Security Digital Certificate Manager. IBM i 7.1

CSCE 548 Building Secure Software Entity Authentication. Professor Lisa Luo Spring 2018

Transcription:

Distributed Systems 25. Authentication Paul Krzyzanowski Rutgers University Fall 2018 2018 Paul Krzyzanowski 1

Authentication For a user (or process): Establish & verify identity Then decide whether to allow access to resources (= authorization) 2

Authentication Three factors: something you have key, card Can be stolen something you know passwords Can be guessed, shared, stolen something you are biometrics Usually needs hardware, can be copied (sometimes) Once copied, you re stuck 3

Multi-Factor Authentication Factors may be combined ATM machine: 2-factor authentication ATM card PIN something you have something you know Password + code delivered via SMS: 2-factor authentication Password Code something you know validates that you possess your phone Two passwords Two-factor authentication 4

Authentication: PAP Password Authentication Protocol client login, password OK server name:password database Unencrypted, reusable passwords Insecure on an open network Also, password file must be protected from open access But administrators can still see everyone s passwords 5

PAP: Reusable passwords PROBLEM: Open access to the password file What if the password file isn t sufficiently protected and an intruder gets hold of it? All passwords are now compromised! Even if a trusted admin sees your password, this might also be your password on other systems. Solution: Store a hash of the password in a file Given a file, you don t get the passwords Have to resort to a dictionary or brute-force attack Example, passwords hashed with SHA-512 hashes (SHA-2) 6

What is salt? How to speed up a dictionary attack Create a table of precomputed hashes Search(hashed_password) original_password How to stop dictionary attacks Salt = random string (typically up to 16 characters) Concatenated with the password Stored with the password file (it s not secret) Even if you know the salt, you cannot use precomputed hashes to search for a password (because the salt is prefixed) Makes a table of precomputed hashes prohibitively huge 7

Authentication: CHAP Challenge-Handshake Authentication Protocol challenge = nonce client Has shared secret hash(challenge, secret) OK server Has shared secret The challenge is a nonce (random bits). We create a hash of the nonce and the secret. An intruder does not have the secret and cannot do this! 8

CHAP authentication Alice network host alice alice look up alice s key, K R = f(k,c) C R welcome generate random challenge number C R = f(k, C) R = R? an eavesdropper does not see K 9

Time-Based Authentication Time-based One-time Password (TOTP) algorithm Both sides share a secret key User runs TOTP function to generate a one-time password one_time_password = hash(secret_key, time) User logs in with: Name, password, and one_time_password Service generates the same password one_time_password = hash(secret_key, time) CS 419 2018 Paul Krzyzanowski 10

Public Key Authentication 11

Public key authentication Demonstrate we can encrypt or decrypt a nonce This shows we know the key Alice wants to authenticate herself to Bob: Bob: generates nonce, S Sends it to Alice A random bunch of bits Alice: encrypts S with her private key (signs it) Sends result to Bob 12

Public key authentication Bob: 1. Look up alice in a database of public keys 2. Decrypt the message from Alice using Alice s public key 3. If the result is S, then Bob is convinced he s talking with Alice For mutual authentication, Alice has to present Bob with a nonce that Bob will encrypt with his private key and return 13

Public key authentication Public key authentication relies on binding identity to a public key How do you know it really is Alice s public key? One option: get keys from a trusted source Problem: requires always going to the source cannot pass keys around Another option: sign the public key Contents cannot be modified digital certificate 14

X.509 Certificates ISO introduced a set of authentication protocols X.509: Structure for public key certificates: Issuer = Certification Authority (CA) Certificate data Signature version serial # algorithm Issuer Distinguished Name Validity (from-to) Signature Algorithm Distinguished name Subject Public key (algorithm & key) Signature (signed by CA) Name, organization, locality, state, country, etc. X.509 v3 Digital Certificate 15

Reminder: What s a digital signature? Hash of a message encrypted with the signer s private key Alice H(P) Bob H(P) S=E a (H(P)) D A (S) =? 16

X.509 certificates When you get a certificate Verify its signature: hash contents of certificate data Decrypt CA s signature with CA s public key Obtain CA s public key (certificate) from trusted source Certificates prevent someone from using a phony public key to masquerade as another person if you trust the CA 17

SSL/TLS 18

Transport Layer Security Provide a transport layer security protocol After setup, applications feel like they are using TCP sockets Created with HTTP in mind Web sessions should be secure SSL: Secure Socket Layer Mutual authentication is usually not needed Client needs to identify the server but the server won t know all clients Rely on passwords after the secure channel is set up SSL evolved to TLS (Transport Layer Security) SSL 3.0 was the last version of SSL and is considered insecure We use TLS now but often still call it SSL 19

Transport Layer Security (TLS) aka Secure Socket Layer (SSL), which is an older protocol Sits on top of TCP/IP Goal: provide an encrypted and possibly authenticated communication channel Provides authentication via RSA and X.509 certificates Encryption of communication session via a symmetric cipher Hybrid cryptosystem: (usually, but also supports Diffie-Hellman) Public key for authentication Symmetric for data communication Enables TCP services to engage in secure, authenticated transfers http, telnet, ntp, ftp, smtp, 20

TLS Protocol (1) Client hello Version & crypto information (3) Verify server certificate (2) Server hello Server certificate [client certificate request] (4) Client key exchange Send encrypted session key [ (5) Send client certificate ] (7) Client done [ (6) Verify server certificate ] (8) Server done (9) Communicate Symmetric encryption + HMAC 21

OAuth 2.0 22

Service Authorization You want an app to access your data at some service E.g., access your Google calendar data But you want to: Not reveal your password to the app Restrict the data and operations available to the app Be able to revoke the app s access to the data 23

OAuth 2.0: Open Authorization OAuth: framework for service authorization Allows you to authorize one website (consumer) to access data from another website (provider) in a restricted manner Designed initially for web services Examples: Allow the Moo photo printing service to get photos from your Flickr account Allow the NY Times to tweet a message from your Twitter account OpenID Connect Remote identification: use one login for multiple sites Encapsulated within OAuth 2.0 protocol 24

OAuth setup OAuth is based on Getting a token from the service provider & presenting it each time an application accesses an API at the service URL redirection JSON data encapsulation Register a service Service provider (e.g., Flickr): Gets data about your application (name, creator, URL) Assigns the application (consumer) an ID & a secret Presents list of authorization URLs and scopes (access types) 25

OAuth Entities Authorization server Service provider Service Provider {app ID, secret} You {app ID, secret} Application You want moo.com to access your photos on flickr 26

How does authorization take place? Application needs an Access Token from the Service (e.g., moo.com needs an access token from flickr.com) Application redirects user to Service Provider Request contains: client ID, client secret, scope (list of requested APIs) User may need to authenticate at that provider User authorizes the requested access Service Provider redirects back to consumer with a one-time-use authorization code Application now has the Authorization Code The previous redirect passed the Authorization Code as part of the HTTP request therefore not encrypted Application exchanges Authorization Code for Access Token The legitimate app uses HTTPS (encrypted channel) & sends its secret The application now talks securely & directly to the Service Provider Service Provider returns Access Token Application makes API requests to Service Provider using the Access Token 27

OAuth Entities Authorization server Service provider Service Provider {app ID, secret} You {app ID, secret} Application You want moo.com to access your photos on flickr 28

OAuth Entities REDIRECT: client ID, client secret, scope (list of requested APIs) Authorization server Service provider Service Provider {app ID, secret} You {app ID, secret} Application Moo.com app redirects you to the service provider 29

OAuth Entities Authenticate Authorization server Service provider Service Provider {app ID, secret} You {app ID, secret} Application You authenticate (optional) & authorize the request at flickr 30

OAuth Entities Authorization server Service provider Service Provider {app ID, secret} You {app ID, secret} REDIRECT: authorization code Application Flicker sends a redirect back with an authorization code 31

OAuth Entities Authorization server Service provider Service Provider {app ID, secret} You Establish TLS session Request Access Token {app ID, secret} Moo requests an access token (securely) Application 32

OAuth Entities Authorization server Service provider Service Provider You Access Token Moo requests an access token (securely) Application 33

OAuth Entities Authorization server Service provider Service Provider You API requests: f(access_token) User interaction Moo requests an access token (securely) Application 34

Key Points You may still need to log into the Provider s OAuth service when redirected You approve the specific access that you are granting The Service Provider validates the requested access when it gets a token from the Consumer Play with it at the OAuth 2.0 Playground: https://developers.google.com/oauthplayground/ 35

Identity Federation: OpenID Connect 36

Single Sign-On: OpenID Connect Designed to solve the problem of Having to get an ID per service (website) Managing passwords per site Layer on top of OAuth 2.0 Decentralized mechanism for single sign-on Access different services (sites) using the same identity Simplify account creation at new sites User chooses which OpenID provider to use OpenID does not specify authentication protocol up to provider Website never sees your password OpenID Connect is a standard but not the only solution Used by Google, Microsoft, Amazon Web Services, PayPal, Salesforce, Facebook Connect popular alternative solution (similar in operation but websites can share info with Facebook, offer friend access, or make suggestions to users based on Facebook data) 37

OpenID Connect Authentication OAuth requests that you specify a scope List of access methods that the app needs permission to use To enable user identification Specify openid as a requested scope Send request to server (identity provider) Server requests user ID and handles authentication Get back an access token If authentication is successful, the token contains: user ID approved scopes expiration etc. same as with OAuth requests for authorization 38

Cryptographic toolbox Symmetric encryption Public key encryption One-way hash functions Random number generators Used for nonces and session keys 39

Examples Key exchange Public key cryptography Key exchange + secure communication Random # + Public key + symmetric cryptography Authentication Nonce (random #) + encryption Message authentication codes Hashes Digital signature Hash + encryption with private key 40

The End 2018 Paul Krzyzanowski 41

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback