authentication protocol.ppt

Authentication Protocols
曹天杰
Cao Tianjie
******@cumt.
中科院软件所信息安全国家重点实验室

1
Introduction
Cryptographic protocol
Distributed algorithm
Based on cryptographic building blocks
To achieve a security related goal
Examples:
Entity Authentication
Key Establishment:Key Distribution(Key enveloping, Key transport), Key agreement
Electronic Payment
…
2
authentication
Alice
Bob
How does Bob know that Alice is Alice, not Eve?
insecure channel
Eve
(Eve owns the channel!)
Hi! I’m Alice
3
authentication
Authentication is a means by which identity is established.
It allows one party to gain assurances about the identity of another party in a protocol, and that the second has actively participated.
The goal of authentication is to achieve all this over an insecure channel with an active attacker and no shared secrets.
Note: authentication must bined with key exchange to avoid session hijacking (after authentication).
4
objectives of identification protocols
If Alice and Bob are both honest, A is able to essfully authenticate herself to Bob, . Bob plete the protocol having accepted Alice’s identity.
Bob cannot reuse an identification exchange with Alice so as to impersonate her in conversations with others.
The probability that Eve can essfully impersonate Alice to Bob is negligible (. computationally difficult).
All the above remain true even if Eve has seen many previous authentication sessions between Alice and Bob, has had experience in authenticating herself with both, and multiple authentication sessions are run simultaneously.
5
basis of identification
Something you know
Passwords, PINs, secret keys, your mother’s maiden name
Something you have
ic cards, smart cards, physical keys, handheld password generators.
Something you are
biometrics (DNA, signatures, fingerprints, voice, retinal patterns, hand geometries, typing dialect/profiling).
6
basis of identification
Biometrics have major problems in real world situations
How do you revoke