COMPUTER AND NETWORK SECURITY

Chapter II
Chapter II - Computer Security
USER AUTHENTICATION
In most computer security contexts, user authentication is the fundamental building block and the
primary line of defense. User authentication is the basis for most types of access control and for user
accountability.
Definition: The process of verifying an identity claimed by or for a system entity.
An authentication process consists of two steps:
 Identification step: Presenting an identifier to the security system. (Identifiers should be assigned
carefully, because authenticated identities are the basis for other security services, such as access
control service.)
 Verification step: Presenting or generating authentication information that corroborates the binding
between the entity and the identifier.
Electronic User Authentication Principles
Electronic user authentication as the process of establishing confidence in user identities that are presented
electronically to an information system. Systems can use the authenticated identity to determine if the
authenticated individual is authorized to perform particular functions, such as database transactions or access to
system resources. In many cases, the authentication and transaction or other authorized function take place
across an open network such as the Internet. Equally authentication and subsequent authorization can take
place locally, such as across a local area network.
A Model for Electronic User Authentication
The initial requirement for performing user authentication is that the user must be registered with the
system. The following is a typical sequence for registration. An applicant applies to a registration authority
(RA) to become a subscriber of a credential service provider (CSP). In this model, the RA is a trusted entity
that establishes and vouches for the identity of an applicant to a CSP. The CSP then engages in an exchange
with the subscriber. Depending on the details of the overall authentication system, the CSP issues some sort of
electronic credential to the subscriber. The credential is an identity and additional attributes to a token
possessed by a subscriber, and can be verified when presented to the verifier in an authentication transaction.
The token could be an encryption key or an encrypted password that identifies the subscriber. The token and
credential may be used in subsequent authentication events.
Once a user is registered as a subscriber, the actual authentication process can take place
between the subscriber and one or more systems that perform authentication and, subsequently, authorization.
The party to be authenticated is called a claimant and the party verifying that identity is called a verifier. When
a claimant successfully demonstrates possession and control of a token to a verifier through an authentication
protocol, the verifier can verify that the claimant is the subscriber named in the corresponding credential. The
1
COMPUTER AND NETWORK SECURITY
Chapter II
verifier passes on an assertion about the identity of the subscriber to the relying party (RP). That assertion
includes identity information about a subscriber, such as the subscriber name, an identifier assigned at
registration, or other subscriber attributes that were verified in the registration process. The RP can use the
authenticated information provided by the verifier to make access control or authorization decisions.

Means of Authentication
There are four general means of authenticating a user’s identity, which can be used alone or in
combination:
 Something the individual knows: Examples includes a password, a personal identification number
(PIN), or answers to a prearranged set of questions.
 Something the individual possesses: Examples include electronic keycards, smart cards, and physical
keys. This type of authenticator is referred to as a token.
 Something the individual is (static biometrics): Examples include recognition by fingerprint, retina, and
face.
 Something the individual does (dynamic biometrics): Examples include recognition by voice pattern,
handwriting characteristics, and typing rhythm.
Each method has its own problems. An adversary may be able to guess or steal a password. Similarly, an
adversary may be able to forge or steal a token. A user may forget a password or lose a token. Further, there is
a significant administrative overhead for managing password and token information on systems and securing
such information on systems. With respect to biometric authenticators, there are a variety of problems,
including dealing with false positives and false negatives, user acceptance, cost, and convenience.

2
COMPUTER AND NETWORK SECURITY
Chapter II

Password Based Authentication

A widely used line of defense against intruders is the password system. Virtually all multiuser systems,
network-based servers, Web-based e-commerce sites, and other similar services require that a user provide not
only a name or identifier (ID) but also a password. The system compares the password to a previously stored
password for that user ID, maintained in a system password file. The password serves to authenticate the ID of
the individual logging on to the system. In turn, the ID provides security in the following ways:
 The ID determines whether the user is authorized to gain access to a system. In some systems, only
those who already have an ID filed on the system are allowed to gain access.
 The ID determines the privileges accorded to the user. A few users may have supervisory or
“superuser” status that enables them to read files and perform functions that are especially protected by
the operating system. Some systems have guest or anonymous accounts, and users of these accounts
have more limited privileges than others.
 The ID is used in what is referred to as discretionary access control. For example, by listing the IDs of
the other users, a user may grant permission to them to read files owned by that user.
The Vulnerability of Passwords
This section outlines the main forms of attack against password based authentication and briefly outline a
countermeasure strategy. Typically, a system that uses password based authentication maintains a password
file indexed by user ID. One technique that is typically used is to store not the user’s password but a one-way
hash function of the password.
S.No. ATTACK COUNTERMEASURE
1 Offline dictionary attack: Strong access controls are Includes control mechanisms to prevent
used to protect the system’s password file. However, unauthorized access to the password file,
sometimes the hackers can bypass such controls and intrusion detection measures to identify a
gain access to the file. The attacker obtains the system compromise, and rapid reissuance of
password file and compares the password hashes passwords
against hashes of commonly used passwords. If a match
is found, the attacker can gain access by that
ID/password combination.
2 Specific account attack: The attacker targets a specific The countermeasure is an account lockout
account and submits password guesses until the correct mechanism, which locks out access to the
password is discovered. account after a number of failed login
attempts. Typical practice is no more than
five access attempts.
3 Popular password attack: A variation of the preceding Countermeasure include policies to
attack is to use a popular password and try it against a inhibit the selection by users of common
wide range of user IDs. A user’s tendency is to choose a passwords

3
COMPUTER AND NETWORK SECURITY
Chapter II
password that is easily remembered; this unfortunately
makes the password easy to guess.
4 Password guessing against single user: The attacker Countermeasures include training in and
attempts to gain knowledge about the account holder enforcement of password policies that
and system password policies and uses that knowledge make passwords difficult to guess. Such
to guess the password. policies address the secrecy, minimum
length of the password, character set,
prohibition against using well-known user
identifiers, and length of time before the
password must be changed.
5 Workstation hijacking: The attacker waits until a Countermeasure is automatically logging
logged in workstation is unattended. the workstation out after a period of
inactivity.
6 Exploiting user mistakes: If the system assigns a Countermeasures include user training,
password, then the user is more likely to write it down intrusion detection, and simpler passwords
because it is difficult to remember. This situation combined with another authentication
creates the potential for an adversary to read the written mechanism.
password. A user may intentionally share a password, to
enable a colleague to share files. Also, attackers are
frequently successful in obtaining passwords by using
social engineering tactics that trick the user or an
account manager into revealing a password.
7 Exploiting multiple password use: Attacks can also Countermeasures include a policy that
become much more effective or damaging if different forbids the same or similar password on
network devices share the same or a similar password particular network devices.
for a given user.
The Use of Hashed Passwords
A widely used password security technique is the use of hashed passwords and a salt value. The
following procedure is employed (Figure 2a) to load a new password into the system. The user selects or is
assigned a password. This password is combined with a fixed-length salt value. In older implementations, this
value is related to the time at which the password is assigned to the user. Newer implementations use a
pseudorandom or random number. The password and salt serve as inputs to a hashing algorithm to produce a
fixed-length hash code. The hashed password is then stored, together with a plaintext copy of the salt, in the
password file for the corresponding user ID. The hashed password method has been shown to be secure against
a variety of cryptanalytic attacks.
When a user attempts to log on to a system, the user provides an ID and a password (Figure 2b). The
operating system uses the ID to index into the password file and retrieve the plaintext salt and the encrypted
password. The salt and user-supplied password is used as input to the encryption routine. If the result matches
the stored value, the password is accepted.

4
COMPUTER AND NETWORK SECURITY
Chapter II

Password Cracking of User-Chosen Passwords

 Dictionary attacks This approach to
password guessing, or password
cracking as it is called, is to develop a
large dictionary of possible passwords
and to try each of these against the
password file. This means that each
password must be hashed using each
available salt value and then compared
with stored hash values. If no match is
found, the cracking program tries
variations on all the words in its
dictionary of likely passwords. Such
variations include backwards spelling of
words, additional numbers or special
characters, or sequence of characters.
 Rainbow Table Attack: In this
approach the attacker generates a large
dictionary of possible passwords. For
each password, the attacker generates
the hash values associated with each
possible salt value. The result is a mammoth table of hash values known as a rainbow table. For
example using 1.4 GB of data, 99.9% of all alphanumeric Windows passwords can be hashed in 13.8
seconds. This approach can be countered using a sufficiently large salt value and a sufficiently large
hash length.
Password File Access Control
One way to thwart a password attack is to deny the opponent access to the password file. If the hashed
password portion of the file is accessible only by a privileged user, then the opponent cannot read it without
already knowing the password of a privileged user. Often, the hashed passwords are kept in a separate file from
the user IDs, referred to as a shadow password file. Special attention is paid to making the shadow password
file protected from unauthorized access.
Password Selection Strategies
5
COMPUTER AND NETWORK SECURITY
Chapter II
Many users choose a password that is too short or too easy to guess. At the other extreme, if users are
assigned passwords consisting of eight randomly selected printable characters, password cracking is effectively
impossible. But it would be almost as impossible for most users to remember their passwords. So the goal is to
eliminate guessable passwords while allowing the user to select a password that is memorable.
Four basic techniques are in use:
 User education
 Computer-generated passwords
 Reactive password checking
 Complex password policy
Users can be told the importance of using hard to guess passwords and can be provided with guidelines
for selecting strong passwords. This user education strategy is unlikely to succeed at most installations,
particularly where there is a large user population or a lot of turnover. Many users will simply ignore the
guidelines. Others may not be good judges of what is a strong password. For example, many users believe that
reversing a word or capitalizing the last letter makes a password unguessable.
Computer-generated passwords also have problems. If the passwords are quite random in nature, users
will not be able to remember them. Even if the password is pronounceable, the user may have difficulty
remembering it and so be tempted to write it down. In general, computer-generated password schemes have a
history of poor acceptance by users.
A reactive password checking strategy is one in which the system periodically runs its own password
cracker to find guessable passwords. The system cancels any passwords that are guessed and notifies the user.
This tactic has a number of drawbacks.
 It is resource intensive. Because a determined opponent who is able to steal a password file can
devote full CPU time to the task for hours or even days, an effective reactive password checker
is at a distinct disadvantage.
 Any existing passwords remain vulnerable until the reactive password checker finds them.
A promising approach to improved password security is a complex password policy, or proactive
password checker. In this scheme, a user is allowed to select his or her own password. However, at the time of
selection, the system checks to see if the password is allowable and, if not, rejects it. Such checkers are based
on the philosophy that, with sufficient guidance from the system, users can select memorable passwords from a
fairly large password space that are not likely to be guessed in a dictionary attack. The trick with a proactive
password checker is to strike a balance between user acceptability and strength. If the system rejects too many
passwords, users will complain that it is too hard to select a password. If the system uses some simple
algorithm to define what is acceptable, this provides guidance to password crackers to refine their guessing
technique.
6
COMPUTER AND NETWORK SECURITY
Chapter II
The possible approach to proactive password checking is Rule Enforcement. Some rules could be
enforced:
 All passwords must be at least eight characters long.
 In the first eight characters, the passwords must include at least one each of uppercase, lowercase,
numeric digits, and punctuation marks.
These rules could be coupled with advice to the user. Although this approach is superior to simply educating
users, it may not be sufficient to thwart password crackers. This scheme alerts crackers as to which passwords
not to try but may still make it possible to do password cracking.
Token-Based Authentication
Objects that a user possesses for the purpose of user authentication are called tokens.
Memory Cards
Memory cards can store but not process data. The most common such card is the bank card with a
magnetic stripe on the back. A magnetic stripe can store only a simple security code, which can be read by an
inexpensive card reader.
Memory cards can be used alone for physical access. A typical application is an automatic teller
machine (ATM). The memory card, when combined with a PIN or password, provides significantly greater
security than a password alone. An adversary must gain physical possession of the card (or be able to duplicate
it) plus must gain knowledge of the PIN.
Drawbacks
 Requires special reader: This increases the cost of using the token and creates the requirement to
maintain the security of the reader’s hardware and
software.
 Token loss: A lost token temporarily prevents its owner
from gaining system access. Thus there is an
administrative cost in replacing the lost token. In addition,
if the token is found, stolen, or forged, then an adversary
now need only determine the PIN to gain unauthorized
access.
 User dissatisfaction: Although users may have no
difficulty in accepting the use of a memory card for ATM
access, its use for computer access may be deemed
inconvenient.
Smart Cards

7
COMPUTER AND NETWORK SECURITY
Chapter II
A smart card contains within it an entire microprocessor, including processor, memory, and I/O ports.
Some versions incorporate a special co-processing circuit for cryptographic operation to speed the task of
encoding and decoding messages or generating digital signatures to validate the information transferred. In
some cards, the I/O ports are directly accessible by a compatible reader by means of exposed electrical
contacts. Other cards rely instead on an embedded antenna for wireless communication with the reader.
A typical smart card includes three types of memory. Read-only memory (ROM) stores data that does not
change during the card’s life, such as the card number and the cardholder’s name. Electrically erasable
programmable ROM (EEPROM) holds application data and programs, such as the protocols that the card can
execute. It also holds data that may vary with time.
For example, in a telephone card, the EEPROM holds the talk time remaining. Random access memory
(RAM) holds temporary data generated when applications are executed.
Figure 3 illustrates the typical interaction between a smart card and a reader or computer system. Each time
the card is inserted into a reader, a reset is initiated by the reader to initialize parameters such as clock value.
After the reset function is performed, the card responds with answer to reset (ATR) message. This message
defines the parameters and protocols that the card can use and the functions it can perform. The terminal may
be able to change the protocol used and other parameters via a protocol type selection (PTS) command. The
cards PTS response confirms the protocols and parameters to be used. The terminal and card can now execute
the protocol to perform the desired application.
Biometric Authentication
A biometric authentication system attempts to authenticate an individual based on his or her unique
physical characteristics. These include static characteristics, such as fingerprints, hand geometry, facial
characteristics, and retinal and iris patterns; and dynamic characteristics, such as voiceprint and signature. In
essence, biometrics is based on pattern recognition. Compared to passwords and tokens, biometric
authentication is both technically more complex and expensive.
Operation of a Biometric Authentication System
Figure 5 illustrates the operation of a biometric system. Each individual who is to be included in the
database of authorized users must first be enrolled in the system. This is analogous to assigning a password to a
user. For a biometric system, the user presents a name and, typically, some type of password or PIN to the
system. At the same time the system senses some biometric characteristic of this user (e.g., fingerprint of right
index finger). The system digitizes the input and then extracts a set of features that can be stored as a number
or set of numbers representing this unique biometric characteristic; this set of numbers is referred to as the
user’s template. The user is now enrolled in the system, which maintains for the user a name (ID), perhaps a
PIN or password, and the biometric value.

8
COMPUTER AND NETWORK SECURITY
Chapter II
Depending on
application, user
authentication on a biometric
system involves either
verification or
identification. Verification
is analogous to a user
logging on to a system by
using a memory card or
smart card coupled with a
password or PIN. For
biometric verification, the
user enters a PIN and also
uses a biometric sensor. The
system extracts the
corresponding feature and
compares that to the template
stored for this user. If there is
a match, then the system
authenticates this user.
For an identification
system, the individual uses
the biometric sensor but
presents no additional
information. The system then
compares the presented template with the set of stored templates. If there is a match, then this user is identified.
Otherwise, the user is rejected.
Remote User Authentication
The simplest form of user authentication is local authentication, in which a user attempts to access a
system that is locally present, such as a stand-alone office PC or an ATM machine. The more complex case is
that of remote user authentication, which takes place over the Internet, a network, or a communications link.
Remote user authentication raises additional security threats, such as an eavesdropper being able to capture a
password, or an adversary replaying an authentication sequence that has been observed. To counter threats to
remote user authentication, systems generally rely on some form of challenge-response protocol.
9
COMPUTER AND NETWORK SECURITY
Chapter II
Password Protocol
Figure 6 provides a simple example of a
challenge-response protocol for
authentication via password. In this
example, a user first transmits his or her
identity to the remote host. The host
generates a random number r, often
called a nonce, and returns this nonce to
the user. In addition, the host specifies
two functions, h() and f(), to be used in
the response. This transmission from host
to user is the challenge. The user’s
response is the quantity f(r’, h(P’)),
where r’ = r and P’ is the user’s
password.
The function h is a hash function, so that the response consists of the hash function of the user’s
password combined with the random number using the function f. The host stores the hash function of each
registered user’s password, depicted as h(P(U)) for user U. When the response arrives, the host compares the
incoming f(r’, h(P’)) to the calculated f(r,h(P(U))). If the quantities match, the user is authenticated.
Advantages:
 The host stores not the password but a hash code of the password. This secures the password from
intruders into the host system.
 The hash of the password is not transmitted directly, but rather a function in which the password hash is
one of the arguments. Thus, for a suitable function f, the password hash cannot be captured during
transmission.
 The use of a random number as one of the arguments of f defends against a replay attack, in which an
adversary captures the user’s transmission and attempts to log on to a system by retransmitting the
user’s messages.

10