CSCI 530, Spring 2010 Copyright © William C. Cheng T1CS530Authentication inApplicationsBill Chenghttp://merlot.usc.edu/cs530-s10CSCI 530, Spring 2010 Copyright © William C. Cheng T2Authentication in ApplicationsUnix loginTelnetRsh/rloginSshHTTP (web browsing)FTPWindows loginE-mail (SMTP, POP, IMAP)NFSNetwork access servicesCSCI 530, Spring 2010 Copyright © William C. Cheng T3Unix Login (review)salted as defense against pre-computed dictionary attacksOne way encryption of passwordto validate, encrypt and compare with stored encryptedpasswordmay use shadow password fileCSCI 530, Spring 2010 Copyright © William C. Cheng T4Telnetnormally just an unencrypted channel over which plaintextpassword is sentA remote login applicationsupports encryption option and authentication optionsusing protocols like Kerberosearly implementation has an implementation vulnerabilitydue to poorly generated random numbersCSCI 530, Spring 2010 Copyright © William C. Cheng T5RSH (Remote Shell/Remote Login)privileged port (client port number < 1024) means acceptasserted identityUsually IP address and asserted account nameif not trusted (no ~/.rhosts file), Unix password in the clearthis is the case where a ~/.rhosts file is usedrsh must be setuid root(makes the client machine more vulnerable)Rsh is more efficient than telnetreverse DNS lookup, not so easily spoofed (good thingthat a two way communication is required)note: it’s easier to compromise forward DNS lookupcounter measure: do bothnunki.usc.edu → 128.125.5.168128.125.5.168 → lookup 168.5.125.128.in-addr.arpaCSCI 530, Spring 2010 Copyright © William C. Cheng T6RSH (Remote Shell/Remote Login) (Cont...)Kerberos based authentication and optional encryptionKerberos based options availableusing XOR (stream cipher)CSCI 530, Spring 2010 Copyright © William C. Cheng T7Secure Shell (SSH)establish encrypted channel, using public key presentedby serverEncrypted channel with Unix loginsend password of user over channelUnix login to validate passworduser generate public/private key pair, and uploads thepublic key to directory on target hostPublic key stored on target machinetarget host validates that corresponding private key isknownvulnerable to man-in-the-middle attacklimits where login can come fromcan reply the whole session! (is this a problem?)key distribution without authenticationserver sends nonce (to mitigate reply attack)Digest authentication (RFC 2617)responds is MD5 checksum of:usernamepasswordnonce URI CSCI 530, Spring 2010 Copyright © William C. Cheng T8Web Browsing (HTTP/HTTPS)Basic authentication: connect in the clear, Unix passwordConnect through SSL, Unix passwordUser certificate, strong authenticationbase64 encoded "UserID:Password"TLS is Transaction Layer Security (IETF version of SSL)Verifyc = nonces encrypted with client private keyVerifys = noncec encrypted with PMKeyPMKey is the pre-master key, session key(s) derived fromthis[ Certc+Verifyc ] = optional client authentication CSCI 530, Spring 2010 Copyright © William C. Cheng T9Secure Sockets Layer (and TLS)HelloHello+nonces+Certs{PMKey}K pubs+noncecVerifysAttackerc s[ Certc+Verifyc ]encryption support provided between browser and webserver - below HTTP layerworks as long as client starts with the correct URLclient checks server certificatekey distribution supported through certification stepsauthentication provided by verify stepsc CSCI 530, Spring 2010 Copyright © William C. Cheng T10Secure Sockets Layer (and TLS)HelloHello+nonces+Certs{PMKey}Kpubs+noncecVerifysAttackers[Certc+Verifyc]CSCI 530, Spring 2010 Copyright © William C. Cheng T11File Transfer Protocol (FTP)including use of KerberosPassword based authenticationGSS-API based authenticationauthentication occurs and then stream is encryptedon UNIXwu-ftpd use to have lots of implementation bugsrun as root is necessaryserver needs to bind priviledged portserver needs to su to any user IDe.g., buffer overflowe.g., root login, abort password, login as anonymouson Windows XP, ftp server turned off by defaultthe default ftp mode is the anonymous modewarns about password-based authentication?!CSCI 530, Spring 2010 Copyright © William C. Cheng T12Windows Network Loginchallenge response (NTLM)In Win2K and later uses KerberosIn Win NTserver generates 8 byte nonceprompts for password and hashes ituses hash to obtain 3 keys and then DES encrypt nonce3 timestypically address basedmaps authenticated UID’s to addressesSun’s Network File System (NFS)Athena Kerberized versionONC RPC has stronger Kerberos/GSS-API supportNFS built on ONC RPC (ONC is Open Network Computing)the remote host is trusted to assert the real UIDbased on Andrew RPCAndrew File System (AFS)uses Kerberos 4 authenticationbased on DCE RPC and AFSOSF’s DCE File System (DFS)uses Kerberos 5 authenciation CSCI 530, Spring 2010 Copyright © William C. Cheng T13File System Authenticationproblem: not connected to network until connectionestablishednetwork access server must validate login with radiusserverRadiusneed for indirect authenticationpassword sent to radius server encrypted using keybetween agent and radius serverUsed by dialups and PPPoE CSCI 530, Spring 2010 Copyright © William C. Cheng T14Network Access ServersCSCI 530, Spring 2010 Copyright © William C. Cheng T15Emailusually network address based (or no authentication --incoming mail is relayed)SMTP - to send mailcan use passwordcan be SSL protected (not really done)SMTP after POPHELO hostname (any hostname!)FROM (anything you want!)open for spammingcan use inverse IP address lookup, but spoofed easilyCSCI 530, Spring 2010 Copyright © William C. Cheng T16Email (Cont...)plaintext passwordPost Office Protocol (POP)can be SSL protectedEudora supports Kerberos authenticationpassword authenticationIMAPcan also support Kerberosdownload e-maile-mail stay on servermail client such as Outlook Express and Netscape Mailchecks for incoming mail about every 10 minutes (this ishow often it communicate password information)CSCI 530, Spring 2010 Copyright © William C. Cheng T17CS530Stopping SPAMBill Chenghttp://merlot.usc.edu/cs530-s10Freitas and Levene, Spam on the internet: Is it here tostay or can it be eradicated? [Freitas04a]We will discuss two papersWalfish et al., Distributed Quota Enforcement for SpamControl? [Walfish06a] CSCI 530, Spring 2010 Copyright © William C. Cheng T18Stopping SPAMCSCI 530, Spring 2010 Copyright © William C. Cheng T19Stopping SPAM [Freitas04a]list of IP
View Full Document
Unlocking...