Week11.

User Identification and

Authentication
Lecture slides by Zhanbolat Seitkulov

April IITU, Information Security 1

Outline
•  We will consider:
–  Authentication Overview
–  Client-server authentication
–  Enterprise Authentication

April IITU, Information Security 2

Authentication Overview – Why do we need it?

•  If the communication takes place over a network,

how can Bob be sure that the person claiming to
be Alice really is Alice? If Bob is a server, the
impostor may be able to log in as Alice and use
her account, or launch further attacks.
April IITU, Information Security 3
 Authentication Overview – What it is for
•  Authentication
–  User authentication/identification or entity authentication:
•  The process of verifying a claimed identity
–  Who the user is?
–  Which system? – you could talk to anybody (mutual identification and
Authentication)
•  The user identity is a parameter in access control decisions-
Authorization
•  The user identity is recorded when logging security-relevant
events in an audit trail – Accounting
•  This is the so called AAA services
–  Communication/message authentication:
•  The message is from the source it claims to be.
•  The message has not been altered or replayed.
April IITU, Information Security 4
Authentication Overview – Methods
•  Methods for user identification/authentication:
–  Location-based/Address-based (physical location/
specific terminal. E.g. based on IP addresses, email
addresses, etc.)
–  Something you know (passwords, PIN)
–  Something you have (keys – soft tokens, and hard
tokens (smart cards)) – may require special hardware
–  Something you are (biometrics – fingerprint matching,
voice recognition, iris scanning, etc.) – require special
hardware
–  Combined (or multiple) methods may be used for a
higher level of assurance

April IITU, Information Security 5

Authentication Overview – Prominent Schemes

•  Client-server authentication solutions

–  Password-based
–  Symmetric key based
–  Digital Signatures and X509 (public) certificates (based
on PKI)
•  Inter-organization authentication solutions
–  Shibboleth (authenticating access to resources
managed by multiple enterprises/organizations)
•  Intra-organization authentication solutions
–  Kerberos (a password centric solution at an enterprise
level – for distributed services)

April IITU, Information Security 6

 Authentication Overview – At the generic level

•  The client may do some simple

transformation to the Challenge
(e.g. add some secret info) before
hashing/encrypting the Challenge into the Response
•  But still vulnerable to offline (e.g. dictionary) attacks
April IITU, Information Security 7
Authentication Overview – At the generic level

•  Basic authentication systems use a shared key

(e.g. user’s password, or a shared symmetric key)
–  Can be easily intercepted via eavesdropping attacks
•  Encrypt/hash the secret to prove the knowledge
of the secret
–  Can still intercept/replay the encrypted form
•  Modify the encryption/hashing to make the
encrypted value change each time
–  Challenge/response mechanism

April IITU, Information Security 8

Authentication Overview – At the generic level

•  There are many variations of challenge/

response approach, and it is very easy NOT to
put it right, e.g.
–  Nonce (salt) may not be really random – can be
guessed
–  The server could be impersonating too
–  The authentication file/database may be stolen,
etc.

April IITU, Information Security 9

Password-based Authentication – Solution 1

•  The plaintext password solution is vulnerable

to:
–  ?
–  ?
April IITU, Information Security 10
Password-based Authentication – Solution 2

•  The hashed password solution is vulnerable

to:
–  ?
–  ?
April IITU, Information Security 11
Password-based Authentication – Solution 3

•  One-time Password (OTP) solution using challenge-

response:
–  Requires Server to maintain user’s plaintext passwords
–  Vulnerable to other forms of attacks, e.g. stolen password
file, session hijacking

April IITU, Information Security 12

X.509 Certificate-based Authentication Service

•  X.509:
–  Defines a framework to support the use of public
key cryptography
•  To enable the validation of digital signatures
•  Allows mutual authentication using public key
technology
–  Supports the secure distribution of public keys.
–  Does not dictate the use of a specific public-key
cryptographic algorithm but recommends RSA,
nor does it define a specific hash algorithm
April IITU, Information Security 13
X.509 – Certificates and Trust
•  TTP’s signature certifies
trustworthiness of binding
the Public Key with its
rightful owner’s Identity.
•  I.e., it states that the Public
Key is really Alice’s public
key
Alice’s Name
Alice’s
and
Certificate
Public Key
A certificate also includes additional information, e.g.
expiration date of public key ; what else?
April
IITU, Information Security 14
X.509 – X.509v3 Certificate Format

April IITU, Information Security 15

X.509 – X.509v3 Certificate Format

April IITU, Information Security 16

X.509 – X.509v3 Certificate Example

April IITU, Information Security 17

X.509 – Trust Hierarchy
•  A typical organizational
structure:
–  CEO/Divisions/
Departments/Users
–  CEO may not know its
stuff directly
–  CEO manages stuff via
intermediate managers
-> hierarchy as basis for
trust in an organization
•  PKI (Public Key Infrastructure) uses such a
hierarchical structure

April IITU, Information Security 18
X.509 – Certificate Chain
•  Starting from the top: Root CA issues certificate
to sub CAs, which issues certificates to sub-sub
CAs, and …, finally down to the individual. This
sequence of certificates forms a Chain of Trust.
•  E.g. Alice’s Certificate Chain:
{CERTAlice}SDeptQ+{CERTDeptQ}S1stDiv+{CERT1stDiv}SRootCA
If Bob wishes to authenticate a message signed by Alice,
he can proceed ‘up’ the certificate chain until he finds a
certificate he can trust
•  Root CA is not certified by anybody, so it must be
very trustworthy.
April IITU, Information Security 19
X.509 – Certificates Revocation
•  Reasons for Revocation:
–  The user’s private key is assumed to be
compromised
–  The CA’s private key is assumed to be
compromised
–  The user is no longer certified by this CA
–  The user no longer needs the certificate.
–  Etc.

April IITU, Information Security 20

X.509 – Authentication Using Public Keys

April IITU, Information Security 21

X.509 – Authentication Using Digital Signatures

April IITU, Information Security 22

Enterprise Authentication
•  We have just seen one authN scenario – user-to-single-
system authN.
•  Now we have more systems, and more passwords!

April IITU, Information Security 23

Enterprise Authentication
•  Central authentication for a number of systems in
an organization
–  Use one central authority (usually called security
server)
•  Only one location stores/manages your passwords instead
of each service server having its own.
•  A number of systems exist, e.g.
–  Radius-Remote authentication for dial-in user service
•  Initially used to provide authentication services for one or
more access servers
•  Later extended to handle AAA services …
–  Kerberos

April IITU, Information Security 24

Questions?

April IITU, Information Security 25

Reading
•  Cryptography and Network Security by
Stallings
–  Chapter 14
•  Sections 14.3 – 14.5
–  Chapter 15
•  Sections 15.2, 15.3

April IITU, Information Security 26

 User Identification and
Authentication
Lecture slides by Zhanbolat Seitkulov

April IITU, Information Security 27