IS 2150 / TEL 2810IS 2150 / TEL 2810Introduction to SecurityJames JoshiAssociate Professor, SISLecture 9Nov 25, 2008Authentication,IdentityAuthentication, IdentityMalicious Code,Vulnerability Analysis1Objectives Understand/explain the issues related to, and utilize the techniquesto, and utilize the techniques Authentication and identificationMalicious codeMalicious code What and howVulnerability analysis/classificationVulnerability analysis/classification TechniquesTaxonomy2yAuthentication and IdentityAuthentication and Identity3What is Authentication? Authentication: Binding identity and external entity to subjectHd dit?How do we do it? Entity knowssomething (secret) Passwords, id numbersaod,dub Entity hassomething Badge, smart cardEntityissomethingEntity issomething Biometrics: fingerprints or retinal characteristics Entity is in someplace4yp Source IP, restricted area terminalAuthentication System:DefinitionA: Set of authentication information used by entities to prove their identities (e.g., password)C: Set of complementary information used by system to validate authentication information (e.g., hash of a password or the password itself)F: Set of complementation functions (to generate C)f:A→Cf : A→C Generate appropriate c ∈Cgiven a ∈AL: set of authentication functionsl: A×C→ { true, false } verify identityS: set of selection functions Generate/alter Aand C dt h d5 e.g., commands to change passwordAuthentication System: Passwords Example: plaintext passwordsA= C= alphabet*freturns argument:f(a) returnsafreturns argument: f(a) returns alis string equivalence:l(a, b) is true if a= bComplementation FunctionComplementation Function Null (return the argument as above) requires that cbe protected; i.e. password file needs to be protected One-way hash – function such thatComplementary information c = f(a) easy to computef-1(c) difficult to compute6Passwords Example: Original Unix A password is up to eight characters each character could be one of 127 possible characters;be one of 127 possible characters; Acontains approx. 6.9 x 1016passwords Password is hashed using one of 4096 functions into a 11 character stringcharacter string 2 characters pre-pended to indicate the hash function usedCcontains passwords of size 13 characters eachCcontains passwords of size 13 characters, each character from an alphabet of 64 characters Approximately 3.0 x 1023stringsStored in file/etc/passwd(all can read)7Stored in file /etc/passwd(all can read)Authentication System Goal: identify the entities correctlyApproaches to protectingApproaches to protecting Hide enough information so that one ofa, c orf cannot be found Make C readable only to root Make F unknown Prevent access to the authentication functions Lroot cannot log in over the network8Attacks on Passwords Dictionary attack: Trial and error guessing Type 1: attacker knows A, f, c Guess gand compute f(g) for each f in Fgp(g) Type 2: attacker knows A, llreturns True for guess g Counter: Difficulty based on |A|, Time Probability Pof breaking in time TGbe the number of guesses that can be tested in one ti ittime unit |A| ≥ TG/P Assumptions: time constant; all passwords are equally likely9time constant; all passwords are equally likelyPassword Selection Random Depends on the quality of random number generator; size of legal passwords 8 characters: humans can remember only one Pronounceable nonsensedfd(h) Based on unit of sound (phoneme) Easier to rememberUlti ( ti lti)User selection (proactive selection) Controls on allowable At least 1 digit, 1 letter, 1 punctuation, 1 control character Obscure poem verse10pPassword Selection Reusable Passwords susceptible to dictionary attack (type 1)Salting can be used to increase effort needed makes the choice of complementation function a function of randomly selected data Random data is different for different user Authentication function is chosen on the basis of the saltMany Unix systems:Many Unix systems: A salt is randomly chosen from 0..4095 Complementation function depends on the salt11Password Selection Password aging Change password after some time: based gpon expected time to guess a password Disallow change to previous npasswords Fundamental problem is reusability Replay attack is easy Solution: Authenticate in such a way that the transmitted password changes each time12password changes each timeAuthentication Systems: yChallenge-Response Pass algorithmauthenticator sends messagemauthenticator sends message m subject responds with f(m)fis a secret encryption functionfis a secret encryption function Example: ask for second input based on some algorithmsome algorithm13Authentication Systems: yChallenge-Response One-time password: invalidated after usefchanges after useS/Key uses a hash function (MD4/MD5)S/Key uses a hash function (MD4/MD5) User chooses an initial seed k Key generator calculatesk1=h(k)k2=h(k1)k=h(k1)k1 h(k), k2 h(k1) …, kn h(kn-1) Passwords used in the orderp1= kn, p2= kn-1, …, pn=k1 Suppose p1=knis intercepted; ppp1 np; the next password is p2= kn-1 Since h(kn-1) = kn, the attacker needs to invert h to determine the next password14Authentication Systems: Biometrics Used for human subject identification based on physical characteristics that are tough to copy Fingerprint (optical scanning)gp (p g) Camera’s needed (bulky) Voice Speaker-verification (identity) or speaker-recognition (i f t t)(info content) Iris/retina patterns (unique for each person) Laser beaming is intrusiveFace recognitionFace recognition Facial features can make this difficult Keystroke interval/timing/pressure15Attacks on Biometrics Fake biometrics fingerprint “mask”gp copy keystroke pattern Fake the interaction between device and system Replay attack Requires careful design of entire authentication system16Malicious CodeMalicious Code17What is Malicious Code? Set of instructions that causes a security policy to be violated unintentional mistake Tricked into doing that? “unwanted” code Generally relies on “legal” operations Authorized user
View Full Document