Cryptographic Authentication Seminar

8/8/2019 Cryptographic Authentication Seminar

http://slidepdf.com/reader/full/cryptographic-authentication-seminar 1/22

Cryptographic Authentication 2010

Cryptographic Authentication Page 1

CRYPTOGRAPHIC

AUTHENTICATIONFor

DEPARTMENT OF COMPUTER

APPLICATIONS,CUSAT

A Seminar report

Submitted for partial fulfillment of Degree of

Master Of Computer Applications

By NIRMAL PODDAR

DEPARTMENT OF COMPUTER APPLICATIONS

COCHIN UNIVERSITY OF SCIENCE AND TECHNOLOGY

KOCHI- 682022

KERALA.





Certificate

Certified that this bonafide record of seminar entitled

SECURE EMAIL SYSTEM

Done by

NIRMAL PODDAR

of the V th semester, Department of Computer Applications in

the June 2010 in partial fulfillment of the requirements to the

award of Degree of Master of Computer Applications Of Cochin

University Of Science and Technology.

Dr. K. V. Pramod

Seminar Report Head Of Department





CONTENTS

Introduction to Cryptography Cryptographic Authentication

Three Basic Cryptographic Methods o Something you know

Password, OTP o Something you have

Smart Card, ATM Card , OTP Card o Something you are

Finger Print

Multifactor Authentication

Other cryptographic Authentication Methods o Password o One Time Password o Public Key Cryptographic

Elliptic Curve Cryptography o Zero Knowledge Proofs

Fiet ± Shamir Protocol Ali ± Baba¶s Cave

o Digital Certificate





Cryptography is a method of storing and transmitting data in a form that only those

it is intended for can read and process. It is a science of protecting information by encoding

it into an unreadable format.

Cryptography is an effective way of protecting sensitive i nformation as it is stored on

media or transmitted through network communication paths. Although the ultimate goal of

cryptography, and the mechanisms that make it up, is to hide information from un -

authorized individuals, most algorithms can be broken and the information can be revealed

if the attacker has enough time, desire, and resources. So a more realistic goal of

cryptography is to make obtaining the information too work -intensive to be worth it to the

attacker.

The first encryption methods date bac k to 4,000 years ago and were considered more of an

ancient art. As encryption evolved, it was mainly used to pass messages through hostile

environments of war, crisis, and for negotiation processes between conflicting groups of

people.

Throughout history, individuals and governments have worked to protect

communication by encrypting it. As time went on, the encryption algorithms and the devices

that used them increased in complexity, new methods and algorithms were continually

introduced, and it became an integrated part of the computing world.

Cryptography Definitions Algorithm Set of mathematical rules used in encryption and decryption

Cryptography Science of secret writing that enables you to store and

transmit

data in a form that is available only to the intended individuals

Cryptosystem Hardware or software implementation of cryptography that

transforms a message to cipher text and back to plaintext

Cryptanalysis Practice of obtaining plaintext from cipher text without a key

or breaking the the encryption

Cryptology The study of both cryptography and cryptanalysis

Cipher text Data in encrypted or unreadable format

Encipher Act of transforming data into an unreadable format

Decipher Act of transforming data into a readable format





Key Secret sequence of bits and instructions that governs the act of

encryption

and decryption

Cryptographic authentication :

The process of identifying ones identity

Authentication is the process of reliably verifying the identity of

someone (or something)

A computer

authenticates another

computer A computer is

authenticates a person

Users secret must be

remembered by the user

Authentication is the concept of proving user identity, typically in or to

establish communication order to gain access to a system or network.

There are three basic authentication means by which anindividual may authenticate his identity :

Something you have

o Can be stolen

Such as key , card

Something you know

o Can be guessed , shared , stolen

Such as password ,

Something you are

o Can be costly , copied

Such as biometrics





Something you KnowAuthentication based on what you know

Problem :

Eavesdropping

Solution -> Cryptography based

Storing User Password :

Password cannot stored as in clear text

Store hashed password

Password should be encrypted when you enter to login

Pros : It is simple to use . It is simple for understanding by user .

Cons : It can be guessed . It can be cracked easily .

To avoid the problem of using same password each time ,its alternative

One Time Password (OTP) has been developed . But it is difficul t to remember

new password each time .

Something you have

OTP Cards (e.g. SecurID): It is an electronic device that generates new password

each time. When the code button is pushed a new dynamic password is displayed on

the card.

The card is based on event-synchronous dynamic password system. The crypto-

algorithm incorporated in the card uses a counter that stays "in sync" with the server

based on the number of passwords generated.

Alice BobI am alice ,my password is 123axc235





Smart Card: A smart card is more useful and secure than a magnetic strip card.

The card can hold up to 80 times more data and is much harder to copy a chip than

magnetic strip. Data is protected because it is encrypted inside the chip. Although it

is not possible to steal data from the chip, the high cost and computing power

required deters criminals. The memory chip requires authentication before storeddata is unlocked.

Smart card uses In money people use smart cards to access their individual bank accounts and

withdraw money or check their account information.

Telephone calls prepaid telephone cards are credited with a number units to make

calls

Cell Phones Smart cards in cell phones contain subscriber information to identify

the user to the network. Computer Security to gain access to a personal computer, a smart card can

authenticate the user.

Travel Many subway systems use prepaid smart cards instead of tickets,

passengers swipe their cards to gain access.

Health smart cards provide an easy and safe way of storing and checking

confidential medical information.

tamper-resistant, stores secret information, entered into a card-reader

ATM Card : An ATM card is a plastic card that looks like a credit card. It allows you to do

the same things at a bank machine or Automatic Teller Machine (ATM) as you would at a

bank. You can get cash, deposit money, check account balances, and receive a copy of your

statement all electronically by using your ATM card and the password to your account,

which is called your Personal Identification Number, or PIN.

Strength of authentication depends on difficulty of forging





Something you are

Biometrics : Biometrics is the method to recognize or verify the identity of an

individual based on its unique physiological or behavioral characteristics such as Fingerprint,face, palm, iris, retinal, vein, voice and handwriting. Fingerprint verification is the most

established and matured biometrics techniques. We will only focus on fingerprint

technology hereafter.

Why biometrics?Biometrics authenticates an individual based on its unique characteristics. One can

consider himself as his own password, which can hardly be forgotten, stolen and forged.

Thus, biometrics provides a securer solution comparing with PIN or Smart Card

identification. Biometrics can also be widely found in many other applications such as time

attendance management.

What are the biometrics applications?The need for biometrics can be found in most of the security departments, military,

government and commercial applications.

One of the major biometrics applications is access control. PIN and Smart Card system

recognize the PIN or the card instead of you - it identifies what you posses. In other words,

someone can claim that he is you by using your PIN or you r smart card. However, a

biometrics system with fingerprint technology recognizes your finger instead of the PIN or

card - it identifies who you are. It will never grant access to anyone else except you.

Another major biometrics application is time atten dance management.Most of the existing

time attendance systems are based on smart card. Lost and damaged cards and cheating on

the system can lead to huge financial loss to the company. Using employee's fingerprint to

mark attendance instead is far more accurate, efficient, cost saving and cheat proof. The

daily attendance report can help the HR manager to save a bundle of time.

There are various types of Biometrics Authentication Methods :

Finger Print , Iris ,Retinal ,DNA ,etc.

All of these are used widely by users . It is easy to use .





Two Factor Authentication

The two components of two factor authentication

are:

Something you know

Something you have

Traditional authentication schemes used username and password pairs to authenticate

users. This provides minimal security, because many user passwords are very easy to guess.

In two factor authentication, the password still provides the something you know

component. In the most common implementations of two factor authentication, the

something you have component is provided by a small token card. The token card is a

compact electronic

device which displays a number on a small screen. By entering this number into the system

when you attempt to authenticate (login), you prove that that you are in posse ssion of the

card.

Multi-factor authentication, sometimes called strong authentication, is

an extension of two-factor authentication. While two-factor

authentication only involves exactly two factors, multi-factor

authentication involves two or more factors. Thus, every two-factor

authentication is a multi-factor authentication, but not vice versa.

Other cryptographic Authentication

Methods

Various cryptographic Authentication Methods are used .Some of these are as

follow :

Password

One Time Password

Public Key Cryptography

Zero Knowledge ProofsDigital Signature

Password :

What is password security?

In order to keep your information secure you must keep your password secure. The

following are not the only ways to keep your password secure but they are a good

start:





y Use passphrases (see below).

y Do not keep your password in open and public spaces (no sticky notes on

your monitors!).

y Change your password periodically.

y Do not use the same password for everything.

y If you think your password may have been compromised, change it

immediately.

y Never tell anyone your password.

Passphrase versus password:

Passphrases are more secure than passwords because they are generally longer,

making them less vulnerable to attack. With technology increasing every day we

strongly recommend using passphrases to secure your accounts.

Passphrase selection:

y Long enough to be hard to guess (eg, automatically by a search program, as

from a list of famous phrases).

y Not a famous quotation from literature, holy books, etc.

y Hard to guess by intuitioneven by someone who knows the user well.

y Easy to remember and type accurately.

One time passwords :

For application that requires higher level of security than static password can

deliver , the KerPass mobile client allows setting a dedicated token that

generates OATH (time synchronous) one time password. A new "PassCode"

can be generated every 30 seconds , and it remains valid for at most 5 minutes.





Public Key Cryptography : Public key cryptography was invented

in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is

sometime called Diffie-Hellman encryption. It is also called

asymmetric encryption because it uses two keys instead of one key ( symmetric

encryption).

Public-key encryption (also called asymmetric encryption) involves a pair of

keys--a public key and a private key--associated with an entity that needs to

authenticate its identity electronically or to sign or encrypt data. Each public

key is published , and the corresponding private key is kept secret . Data

encrypted with your public key can be decrypted only with your private

key. Figure shows a simplified view of the way public-key encryption works.

Figure Public-key encryption

The scheme shown in Figure , lets you freely distribute a public key, and onlyyou will be able to read data encrypted using this key. In general, to send

encrypted data to someone, you encrypt the data with that person's public

key, and the person receiving the encrypted data decrypts it with the

corresponding private k ey.

One Important Authentication method : ECC

ECC : Elliptic Curve Cryptography

an E lliptic Curve is a set of point on a curve2 3

y x ax b! given certainreal numbers a and b . For example

Elli pt ic Curve Groups: The set of points on an elliptic curve, plus a special

point g form and additive group. The addition of two points on an elliptic

curve is defined geometrically, as shown in the following example.



Cr t r hi uth ti ti 2010

Cr t r hi uth ti ti P

Elli p

ic Cu¡ v

¢ E ncry p

i on Al gorit h £

¤

de¥ e¦ d on the diffic§ ̈

ty of c© ̈

c§ ¨ ©

ting kP whe e k is a

product of two large primes and P is an element in the Elliptic Curve Group. Geometrically

to add a point P to it self you first construct the tangent line to the curve at the point.

Then the line will intersect the curve at only one point, and the addition of 2 P is then

defined to be the negative of the point of intersection as seen below.

Elliptic curve groups over real numbers are not practical for cryptography due to slowness of

calculations and round-off error. This Elliptic Curves Over Finite Fields are used. An elliptic

curve over a finite field p F of characteristic greater than three can be formed by choosing

the variables a and b within the field p F .

Roughly speaking the elliptic curve is then the set of points ( , ) x y which satisf y the elliptic

curve e uation 2 3 y x ax b! modulo p , where , p

x y F ; together with a special point g





. If 3 x ax b contains no repeated factors, or e uivalently if 3 24 27 0(mod )a b p | , then

these points form a group.

It is well known that EGC (the Elliptic Curve Group) is an additive abelian group with g

serving as its identity element.

Ex a ple: In the ECG of 2 2 y x x!

over the field23

F the point (9,5) satisfies the e uation

(mod ) y x x|

as 25 729 9(mod 23)| .

The elements of this ECG are given in the pictured below.

Obviously we no longer have a curve to define our addition geometrically. Emulating the

geometric construction for addition, the formulas for addition over p

F (characteristic 3) are

given as follows: Let 1 1( , ) P x y and 2 2( , )Q x y be elements of the ECG. Then 3 3( , ) P Q x y !

, where

and

2

3 1 2 x x xP!

3 1 3 1( ) y x x yP!

2 1

2 1

2

1

1

3

2

y yif P Q

x x

x aif P Q

y

P

®{± ±

! ¯± !

±°





These formulas can be easily calculated with computers. For field of characteristic 2 the

equations for addition are worse!

At the heart of every cryptosystem is a hard mathematical problem that is computationallyinfeasible to solve. The Discrete Logarithm Problem is the basis for the security of many

cryptosystem including the Elliptic Curve Cryptosystem.

Definition of the Discrete Logarithm Problem:

In the multiplication group p

F v , the discrete logarithm problem that is: Given

elements r and q in p

F v , find a number k such that (mod )r qk p! .

Similarly the Elliptic Curve Discrete Logarithm Problem is: Given points P and Q in an

ECG over a finite field find an integer k such that P k Q! . Here k is called the

discrete log of Q to the base P.

This doesnt seem like a difficult problem, but if you dont know what k is calculating

P k Q! takes roughly2

2k operations. So if k is say, 160 bits long, then it would take about

802

operations!! To put this into perspe ctive, if you could do a billion operations persecond, this would take about 38 million years. This is a huge savings over the standard

public key encryption system where 1024 and 3074 bit keys are recommended. The smaller

size of the keys for Elliptic Curve Encryption makes it idea for applications such as encrypting

cell-phone calls, credit card transactions, and other applications where memory and speed

are an issue. There are pros and cons to both ECC and RSA encryption. ECC is faster then

RSA for signing and decryption, but slower than RSA for signature verification and

encryption. Much of the material used in this paper can be found in the websites listed in

the references.





Zero-Knowledge Proofs

Goldwasser, Micali, and Rackoff first put forward the basic notion of Zero -Knowledge Proof

in 1985. Zero-Knowledge (ZK) protocol is an instance of interactive proof protocol. An

interactive proof protocol is one that authenticates a prover to a verifier using challenge-

response mechanism. In this kind, the verifier can accept or reject the prover at the end of

their communication.

The ZK protocol overcomes major concerns with widely used password based

authentication. In a simple password based authentication, the verifier authenticates the

prover based on a password. The verifier has some, if not complete, knowledge of the

provers password. The verifier can thus impersonate the prover to a third party with whom

the prover may share the same password. The main objective of zero-knowledge protocol isto enable the prover convince the verifier that she knows the secret without revealing any

information about the secret itself. ZK protocols are mostly probabilistic, where the proofs

hold good with a very high probability of success, and are not necessarily absolute. So, the

verifier may either accept or reject the proof after exchanging multiple messages. The

messages consist of challenges and responses. The probability of error can be reduced to a

desirable level by increasing the number of challenges and responses.

There are different variations of zero-knowledge protocols that exist. Some of them are

Perfect ZK, Resettable ZK, Concurrent ZK, Statistical ZK etc.

Properties of Zero-Knowledge Proofs

ZK protocols derive their properties from interactive proof protocols.

Completeness: The protocol is considered complete, if it succeeds with a very high

probability for an honest verifier and an honest prover. The acceptable level of probabilitydepends on the application.

Soundness: T he protocol is considered sound, if it fails for any other false assertion, given a

dishonest prover and an honest verifier.





Advantages of Zero-knowledge proofs

Z ero knowledge transfer As the verifier does not learn anything about provers secret s (no

knowledge transferred between two parties), he cannot impersonate the prover to a third

person. Also the prover cannot cheat the verifier with several iterations of the protocol.

E fficiency The computational efficiency of ZK protocol is because of its interactive proofs

nature. The costly computation related to encryption is avoided.

Degradation The security of protocol itself does not get degraded with continuous use as

no information about the secret is divulged.

Unsolved mathematical assumptions ZK protocols are based on various mathematical

Problems like discrete logarithms and integer factorization.

Fiat-Shamir Identification protocol

Fiat-Shamir identification protocol is an example of ZK protocol. In this protocol Alice proves to Bob

her knowledge of a secret, s, using many rounds of three message challenge-responses.

Step1 - A random modulus, n, product of two large prime numbers p and q, is generated by a

Trusted Party. The trusted party keeps the primes p and q secret and publishes n.

Step2 -Alice, the prover selects a secret s, relatively prime to n. Alice, then makes v (=s2) public.

Step3 -To prove her knowledge of the secret s, Alice chooses a random number r, (1e

re

n-1) using arandom generator. She sends x = r

2mod n, to Bob, the verifier. This is her commitment to

authentication.

Step4 -Bob randomly sends either a 0 or a 1 as e, his challenge.





Step5 -Alice computes the response y = r se

mod n, where e {0,1} is the challenge she receives from

Bob. Thus, depending on Bobs challenge, 0 or 1, Alice responds with r or, r.se mod n.

Step6 -Bob accepts the response upon checking y2| x * v

emod n, and rejects if y = 0.

Steps 3-6 are repeated every time Alice wants to prove her knowledge of the secret, symbolically

represented in Fig- 1.

A B: x = r2 mod n

A B: e {0,1}

A

B: y = r * s

e

mod n

Fig ± 1 Fiat-Shamir Zero-knowledge protocol

After several iterations, with a very high probability Bob can verify Alices

identification. Also Alices response in either case does not reveal the secret s

(with y = r or y = r* s mod n).

Since the prover is required to commit a value (the random num ber r) before the

verifier sends a challenge, the probability that a dishonest impersonator can

authenticate as Alice is only ½. Repeating the above steps several times decreases

the probability that an impersonator without knowledge of the secret can get the

correct response.

It is important that Alice does not repeat the random number r. Bob can collect a

set of Alices responses and learn about the secret s, with repeated r. Later Bob

can impersonate Alice to a third person.

Classic Example of Zero-Knowledge Proofs





Ali Baba¶s cave

Lets consider an example of Ali Babas Cave. Alice wants to prove to Bob her knowledge of

the secret to open the door R -S in the cave without revealing the secret.

Fig 2. Representation of Ali Babas Cave

They work as follows:

Alice enters the tunnel and takes the path either R or S. Bob is not aware of this, standing

outside the tunnel (P). Bob comes to Q and calls out Alice through either R or S. The

probability that Alice comes out through the right tunn el is only ½ , if she does not know the

secret. So bob can repeat this several times until he is convinced that Alice knows the secret

to open the door. In this process, Bob doesnt learn the secret.

Real-Time Applic at i ons of Zero-K now l edge Proofs

ZK protocols are used for many real-time applications like authentication, e-voting,

watermark verification, etc. Some products like Skys VideoCrypt, Microsofts NGSCB also

use ZK protocols. Here, a few of them are mentioned.





Digital Signature

The Digital Signature Algorithm (DSA) is a United States FederalGovernment standard or FIPS for digital signatures. It was proposed bythe National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS).

A d i gi tal si gnature is an encrypted hash value. From our previous example, if

Kevin wanted to ensure that the message he sent to Maureen was not

modified and he wants her to be sure that it came only from him, he can

digitally sign the message. This means that a one-way hashing function would

be run on the message and then Kevin would encrypt that hash value with his

private key. When Maureen receives the message, she will perform thehashing function on the message and come up with her own hash value. Then

she will decrypt the sent hash value with Kevins public key. She then compares

the two values and if they are the same, she can be sure that the message was

not altered during transmission. She is also sure that the message came from

Kevin because the value was encrypted with his private key. The hashing

function ensures the integrity of the message and the signing of the hash

value provides authentication and nonrepudiation. The act of signing just

means that the value was encrypted with a private key. The steps of a digital

signature are outlined in Figure .

We need to be clear on all the available choices within cryptography, because

different steps and algorithms provide different types of security services:

A message can be encrypted, which provides confidentiality.

A message can be hashed, which provides integrity

A message can be digitally signed, which provides authentication and

integrity.

A message can be encrypted and digitally signed, which provides

confidentiality, authentication, and integrity.

Some algorithms can only perform encryption, whereas others can performdigital signatures and encryption. When hashing is involved, a hashing

algorithm is used, not an encryption algorithm.





K ti :

p : Prime number where 2 L-1 < p < 2L

For 512 <= L <= 1024 and L is multiple of 64; q : Prime devisor of (P-1) , where 2 159

< q < 2 160

;

g : h (p-1)/q mod p, where h is any integer with 1 < h < (p-1)

such that h(p-1)/q

mod p > 1

¶ P i t K :X : Random or Pseudorandom integer with 0 < x < q

¶ P li K :Y = g

xmod p

¶ P M S tK = random or pseudorandom integer with 0 < k < q

Si i :R = (g

kmod) mod q

S = [k-1

(H(M) + xr)] mod q

Signature = (r , s)






CryptographicAuthentication Page 22

Conclusion User authentication can be handled using one or more different

authentication methods. Some authentication methods such as plain

password authentication are easily implemented but are in general weak

and primitive. The fact that plain password authentication it is still by far the most

widely used form of authentication, gives credence to the seriousness of

the lack of security on both the Internet and within private networks.

Other methods of authentication, that may be more complex and

require more time to implement and maintain, provide strong and

reliable authentication (provided one keeps its secrets secret, i.e. private

keys and phrases).

References

y Cryptography and Network Security ,Principles and Practices ± WilliamStallings

y http://en.wikipedia.org

y www.google.com , etc

Date post:	09-Apr-2018
Category:	Documents
Upload:	nirmal-poddar
View:	226 times
Download:	0 times

Cryptographic Authentication Seminar

Documents