Weitere ähnliche Inhalte
Ähnlich wie E gov security_tut_session_3
Ähnlich wie E gov security_tut_session_3 (20)
Mehr von Mustafa Jarrar (20)
Kürzlich hochgeladen (20)
E gov security_tut_session_3
- 2. About
This tutorial is part of the PalGov project, funded by the TEMPUS IV program of the
Commission of the European Communities, grant agreement 511159-TEMPUS-1-
2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.ps
Project Consortium:
Birzeit University, Palestine
University of Trento, Italy
(Coordinator )
Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium
Palestine Technical University, Palestine
Université de Savoie, France
Ministry of Telecom and IT, Palestine
University of Namur, Belgium
Ministry of Interior, Palestine
TrueTrust, UK
Ministry of Local Government, Palestine
Coordinator:
Dr. Mustafa Jarrar
Birzeit University, P.O.Box 14- Birzeit, Palestine
Telfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011
2
- 3. © Copyright Notes
Everyone is encouraged to use this material, or part of it, but should properly
cite the project (logo and website), and the author of that part.
No part of this tutorial may be reproduced or modified in any form or by any
means, without prior written permission from the project, who have the full
copyrights on the material.
Attribution-NonCommercial-ShareAlike
CC-BY-NC-SA
This license lets others remix, tweak, and build upon your work non-
commercially, as long as they credit you and license their new creations
under the identical terms.
PalGov © 2011 3
- 4. Tutorial 5:
Information Security
Session 3: Authentication
Session 3 Outline:
• Session 3 ILO’s.
• Authentication (symmetric and
asymmetric)
• One time password)
• Introduction to LDAP
PalGov © 2011 4
- 5. Tutorial 5:
Session 3: Authentication
This session will contribute to the following
Tutorial 5 ILOs:
• A: Knowledge and Understanding
• a2: Define security standards and policies.
• B: Intellectual Skills
• b3: Design end-to-end secure and available systems.
• b5: Design user authentication and authorization services.
• C: General and Transferable Skills
• d2: Systems configurations.
• d3: Analysis and identification skills.
PalGov © 2011 5
- 6. Tutorial 5:
Information Security
Session 3: Authentication
Session 3 Outline:
• Session 3 ILO’s.
• Authentication (Symmetric and
Asymmetric and 1 Time
Password)
• Introduction to LDAP
PalGov © 2011 6
- 7. Authentication
(Symmetric, Asymmetric and OTP)
• Fundamental security block
– Forms basis of access control & user
accountability
• Is the process of verifying an identity.
• Has two steps:
– Identification
– Verification
PalGov © 2011 7
- 8. Means of User Authentication
• Four means of authenticating user's identity
– Based on something the individual
• knows
• possesses
• is (static biometrics)
• does (dynamic biometrics)
– All can provide user authentication (one or
multifactor)
PalGov © 2011 8
- 9. Password Authentication
• Widely used user authentication method
– User provides name/login and password
– System compares password with that saved for
specified login
• Authenticates ID of user logging and
– that the user is authorized to access system
– Determines the user’s privileges
– Is used in discretionary access control
• The password file is a hashed file.
PalGov © 2011 9
- 10. Password Vulnerabilities
• Password Attacks and Guessing
– Exploiting user mistakes
– Specific account attack
– Offline dictionary attack
– Workstation hijacking
– Multiple password use
– Password guessing against single user
– Monitoring
– Other attacks…
PalGov © 2011 10
- 11. Countermeasures / Policies and Training
• Password policies
– Length, Character set, Period of use, Frequency of
re-use
• Login policies
– Timeout period, Session period, Lockout policy
(attempts, period, re-instatement)
• Countermeasures against different vulnerabilities:
• Prevent unauthorized access to the password file,
• Intrusion detection measures to identify a compromise,
• Rapid re-issuance of passwords should the password file be
compromised;
• Account lockout mechanism.
PalGov © 2011 11
- 13. UNIX Implementation
• Original scheme
– 8 character password form 56-bit key
– 12-bit salt used to modify DES encryption into
a one-way hash function
– 0 value repeatedly encrypted 25 times
– output translated to 11 character sequence
– The file is called the shadow file.
PalGov © 2011 13
- 14. Improved Implementations
• Have other, stronger, hash/salt variants
• Many systems now use MD5
– with 48-bit salt
– password length is unlimited
– is hashed with 1000 times inner loop
– produces 128-bit hash
PalGov © 2011 14
- 15. Password Cracking
• Dictionary attacks
– try each word then obvious variants in large dictionary
against hash in password file
• Rainbow table attacks
– precompute tables of hash values for all salts
– a mammoth table of hash values
– e.g. 1.4GB table cracks 99.9% of alphanumeric Windows
passwords in 13.8 secs
– not feasible if larger salt values used
• The “salt” is useful for remote attackers, but useless if the
attacker can get the shadow file. This is because the salt is not
encrypted.
PalGov © 2011 15
- 16. Password Choices Policies
• users may pick short passwords
– e.g. 3% were 3 chars or less, easily guessed
– system can reject choices that are too short
• users may pick guessable passwords
– so crackers use lists of likely passwords
– e.g. one study of 14000 encrypted passwords guessed
nearly 1/4 of them
– would take about 1 hour on fastest systems to compute
all variants, and only need 1 break!
– Recent review by SplashData in 2011 showed two most
common passwords on the Internet are:
• password
• 123456
PalGov © 2011 16
- 17. Token Authentication
• Object user possesses to authenticate,.
– Embossed card (with engraved characters)
– Magnetic stripe card ( like ATM cards)
– Memory card (like phone cards)
– Smartcard (advanced cards)
PalGov © 2011 17
- 18. Memory Card
• Store but do not process data
• Magnetic stripe card, e.g. bank card
• Electronic memory card
• Used alone for physical access
• Drawbacks of memory cards include:
– user dissatisfaction
– need special reader
– loss of token issues
PalGov © 2011 18
- 19. Smartcard
• like Credit-card issued by
Banks
• Has own processor, memory,
I/O ports
– wired or wireless access by
reader
– may have crypto co-processor
– ROM, EEPROM, RAM memory
• Executes protocol to
authenticate with
reader/computer
• Also may have USB dongles
PalGov © 2011 19
- 20. Remote User Authentication
• Very Important for e- gov applications:
– Protects against a number of attacks
– Authentication over network more complex
• problems of eavesdropping, replay
– Better to use challenge-response
• user sends identity
• host responds with random number
• user computes f(r,h(P)) and sends the result back
• host compares value from user with own computed
value, if match user authenticated
PalGov © 2011 20
- 21. Security Issues with Authentication
• Problems with Client attacks
• Host/Server attacks
• Eavesdropping while communicating
• Replay attacks
• Denial-of-service attacks
PalGov © 2011 21
- 22. Practical Application (ATM Machines)
• An ATM Machine are programmed with
a Terminal Identification Number (aka
"TID").
• The ATM connects to the ATM
networks.
• After the bank or processing network
approves the transaction the ATM
receives the authorization and
dispenses the cash requested.
PalGov © 2011 22
- 23. Distributed Systems and Password
Authentication
• How can I gain access to multiple computer
systems if password based authentication is
used?
Multiple passwords, one for each system
Use same password in each system
Single sign-on application that stores the
passwords for each system and has one for
itself
Single sign-on where password is stored in just
one system and other systems trust this one to
perform the authentication properly (e.g.
Microsoft Passport, Shibboleth)
PalGov © 2011 23
- 24. The Multiple Passwords Problem
• I have over 50 passwords to remember, for my
Internet accounts such as: google, gmail, birzeit, amazon,
PPU, yahoo, palgov, arab bank etc.
• We are working towards Single Sign On (SSO)
schemes for the e-gov applications
PalGov © 2011 24
- 25. The Mutual Authentication Problem
• How can two people authenticate each other using
passwords?
• Its OK if talking to the correct person, since he already
knows my password and I know his, but what if it is
not the correct person?
– Then give the impersonator my password,
– too late to take any action.
• You need “zero knowledge password proof”
– One can compare secrets without giving them away.
– Needham-Schroeder and Kerberos are examples of such a
scheme.
PalGov © 2011 25
- 27. User-AS-TGS Processing
• User sends a request to the
Kerberos authentication server
(enclosing its name and a random number).
• AS returns to the user the random
number plus a one-off session key
to be used for encrypting
subsequent messages with the TG
server.
PalGov © 2011 27
- 28. User-AS-TGS Processing
• The random number and session key
are symmetrically encrypted by the
Authentication Server using the user's
hashed password as the secret key.
• The user decrypt this message in
order to obtain the session key, and
the user can only do this if he/she
knows their own password.
PalGov © 2011 28
- 30. User-TGS processing
•The AS encrypts the session key into a ticket
using the symmetric key of the TG server,
•The ticket is sent to the user (contains the
name of the user, the validity time of the
ticket and the session key).
•The user passes the ticket to the TG server.
•The TG server can decrypt the ticket, to get
the session key and the user’s name, and
with this can decrypt the user’s message.
PalGov © 2011 30
- 31. User-TGS processing
•The TG server then generates a new session
key to be used by the user and the application.
• It returns this new session key to the user,
encrypted using the old session key.
•It also give the user a ticket for granting
access to the chosen application, this ticket
containing the name of the user and the new
session key for talking to the application,
encrypted with the secret key of the
application. PalGov © 2011 31
- 32. TGS-User-Application processing
• A sends "Key for Application B" to TGS,
enciphered using Key AS plus ticket
from authentication server containing
key AS
• TGS generates Key AB (session key
for user and application B)
• TGS sends "Key AB " to A, enciphered
using Key AS and a ticket2 for B
• A sends message to B, enciphered
using Key AB, plus ticket2
PalGov © 2011 32
- 33. Kerberos Disadvantages
• Authentication server and TGS are single
points of failure.
• Servers and application hosts must be
time synchronised
• Not originally scalable.
– Users could only login to their own realms
• Kerberos only provides authentication but
not authorizations
• Does not prevent attacks
– dictionary
PalGov © 2011 33
- 35. Challenge Response OTP
•The user logs into the remote server across the internet (usually
via a firewall), and the server passes the user a challenge, usually
in the form of a numeric string.
•The user responds to the challenge with a one-time password
that is computed from the string by his card (hardware/software)
according to a pre-defined encryption algorithm that is also known
to the remote server.
• One such system (Securenet from digital pathways) relies on the
user having a one-time password card the size of a credit card
that is capable of computing the passwords.
•The card has a digital display, and requires a pin number
/password to be entered before it can be used. Thus it is two
factor authentication, since the user must know the PIN and
possess the card.
PalGov © 2011 35
- 36. Clock Synchronised OTP
Both the card and the server compute a new password
every 60 seconds, according to a pre-defined encryption
algorithm which uses the date and time, and a shared
secret. (e.g. SecureID from RSA Security),
This eliminates the need for a challenge string.
With the secureid system, the user must transfer a PIN
number plus the computed password, so that if the card
is stolen it cannot be used by anyone else. This
mechanism is two factor authentication, as it is based on
something I possess (the card) and something I know
(the PIN).
Early versions of secureid used to fail as the clocks in
the card and server became out of sync.
PalGov © 2011 36
- 37. Example: Grid Cards
• A unique OTP card
containing a grid of
characters
• Select specific characters
from card for authentication
• Site can return different
characters from user’s card
for mutual authentication
• Provides two factor
authentication:
– something you know (PW)
– something you posses (grid
card)
PalGov © 2011 37
- 39. Private Key Storage Techniques
• In an encrypted file, protected by a password
• In a smart card, protected by a password or PIN
• What About Mobile Phones (Discussion!!)
PalGov © 2011 39
- 40. Tutorial 5:
Information Security
Session 3: Authentication
Session 3 Outline:
• Session 3 ILO’s.
• Authentication (Symmetric and
Asymmetric and 1 Time Password)
• Introduction to LDAP
PalGov © 2011 40
- 41. Introduction to LDAP
• Directory Model
• X.500 Information Model
• LDAP Protocol
• Use of LDAP for Security
PalGov © 2011 41
- 44. X.500/LDAP Naming
• Entry has a Distinguished Name
comprised of
• SEQUENCE of Relative Distinguished
Name
comprised of
• SET of {Attribute Type, Attribute Value}
PalGov © 2011 44
- 45. X.500/LDAP Naming
LDAP
RDN of Entry X.500 Distinguished Distinguished
Example DirectoryInformation Tree Name of Entry Name of Entry
(DIT)
{null} {null) {null)
{C=GB} {C=GB} {C=GB}
{C=GB, {O=Big PLC,
{O=Big PLC}
O=Big PLC} C=GB}
{O=Sales+ {C=GB, {OU=Sales+
O=Big PLC, L=Swindon,
L=Swindon} OU=Sales+ O=Big PLC,
L=Swindon} C=GB}
PalGov © 2011 45
- 46. Relative Distinguished Name (RDN)
• Each LDAP entry is assigned an RDN when
created.
• All children of an entry must have unique
RDNs
• Attribute value(s) forming the RDN are called
the distinguished attribute values
• Entries in different parts of the DIT can have
the same RDNs PalGov © 2011 46
- 47. LDAP Protocol
• Connection oriented protocol on top of TCP/IP
• Subset of X.500 Directory Access Protocol
• Two versions - LDAPv2, LDAPv3
– LDAPv2 published first – RFC 1777
– LDAPv3 has added referrals and other extensions to
LDAPv2 – RFC 2251
– LDAPv2 has ceased to be standardized, but still is used
prevalently
• Client issues a request, Server usually gives a
response
• Each request elicits one response except Abandon
(none), Unbind (none) and Search (multiple)
• Requests can be asynchronous or synchronous
PalGov © 2011 47
- 48. Basic LDAP Protocol Operations
• Most protocol messages are sent as ASCII
strings
– ModifyDN Request, ModifyDN Response
– Bind Request, Bind Response
– Unbind Request, Abandon Request
– Search Request, Search Response
– Compare Request, Compare Response
– Modify Request, Modify Response
– Add Request, Add Response
– Delete Request, Delete Response
PalGov © 2011 48
- 49. LDAPv3 Return Result
• Every response contains a Result component
• Result comprises 4 elements
• Result Code - an integer signifying success or an error
code
• Matched DN - name of lowest DN matching a request
that has a naming error; or null
• Error Message - human readable error diagnostic
• Referral (optional)
PalGov © 2011 49
- 50. Using LDAP for Security
• Three main uses:
– To store user’s passwords in their entries for
authentication. The login server contacts
LDAP with a Compare operation asking if this
entry contains this password. If true it lets the
user login
– To store user’s attributes that can be used for
authorisation
– To store Public Key Certificates and Attribute
Certificates for strong security
PalGov © 2011 50
- 51. Public key certificates and CRLs
• Certificates can be held within X.500/LDAP
directory entries as attributes of type
– userCertificate - holds a user’s certificates
– cACertificate - holds a CA’s self issued certificates
– crossCertificatePair - holds CA cross certificates
• CRLs can be held within X.500/LDAP directory
entries as attributes of type
– certificateRevocationList - for user certificates
– authorityRevocationList - for CA certificates
– deltaRevocationList - for delta CRLs
PalGov © 2011 51
- 52. Bibliography
• Computer Security: Principles and Practice, by
William Stallings and Lawrie Brown. Published
by Pearson/Prentice Hall, © 2008. ISBN: 0-13-
600424-5.
• Cryptography and Network Security, by
Behrouz A. Forouzan. Mcgraw-Hill, ©2008.
ISBN: 978-007-126361-0.
• Lecture Notes by David Chadwick 2011, True-
Trust Ltd.
• (ebook) Wiley - Internet Security-Cryptographic
Principles, Algorithms and Protocols, 2003
(Man Young Rhee)
PalGov © 2011 52
- 53. Summary
• In this session we discussed the
following:
– introduced user authentication
• using passwords
• using tokens
• using biometrics
– remote user authentication issues
• LDAP protocols and standards
PalGov © 2011 53
- 54. Thanks
Radwan Tahboub
PalGov © 2011 54