Date post: | 27-Dec-2015 |
Category: |
Documents |
Upload: | clement-lambert |
View: | 214 times |
Download: | 1 times |
IS 302: Information Security and TrustWeek 7: User Authentication (part I)
2012
© Yingjiu Li 2007 2
Who are you really?• Impersonation in cyber-world• How does Bob prove he is Bob?
Bob Alice
MalloryAlice, I’m Bob Alice, I’m Bob Who are you?
© Yingjiu Li 2007 3
Asymmetric solution with certificate• Bob: Hi, Alice, I am Bob. Here is my signature and certificate.• Alice: Ok, let me verify your signature and certificate…
Bob Alice
MalloryAlice, I’m Bob. Here are my sig and cert
© Yingjiu Li 2007 4
Symmetric solution with shared secret
• Bob: Hi, Alice, I am Bob. I know our shared secret S– Weak authentication: reveal S itself
– Strong authentication: Bob does not reveal S itself
Bob Alice
MalloryAlice, I’m Bob. I know our secret S
© Yingjiu Li 2007 5
What is shared secret?
• What Bob knows– Password, PIN, mother’s maiden name…
• What Bob possesses– Physical key, token, smart card, passport…
• Who Bob is– Fingerprint, retina, voice, face, signature dynamics,
DNA…
© Yingjiu Li 2007 6
Password based authentications• The most popular user authentication technique
– Weak authentication based on password this week
– Strong authentication based on password week 9
Bob Alice
Alice, I’m Bob, and I know my pw
© Yingjiu Li 2007 7
Weak authentication based on password
• It is subject to eavesdropping attack when a Bob sends pwd across network to a remote server
• It can be used when Bob logins into a local computer
Bob Alice
Bob id, Bob password
© Yingjiu Li 2007 8
Store pwd directly
• Non-cryptographic technique– Alice: stores “Bob id – Bob password” in a password
file
– Alice: authenticates Bob by comparing received password to the password stored in password file
Bob Alice
Bob id – Bob password .....
Bob id, Bob password
Password file
© Yingjiu Li 2007 9
Store hashed or encrypted pwd
• “hashed or encrypted” password file– Alice: stores hash or cipher of Bob’s password
– Alice: authenticates Bob by hashing (or encrypting) received password and comparing it to the corresponding entry in password file.
Bob Alice
Bob id – h(Bob password) .......
Bob id, Bob password
© Yingjiu Li 2007 10
Example I: Unix pwd• Unix pwd
– DES is repeatedly used 25 times to encrypt 64 bit zeros
– Encryption key: user password
– How many possible pwds?
Bob Alice
Bob id, DES25
(Bob pwd , zeros) ...
Bob id, Bob password
© Yingjiu Li 2007 11
Example II: Windows LM Hash• LAN Manager (LM)
– Advanced network OS (MS and 3Com)
• LM hash– Windows 9X Windows Me: store pwd in
LM hash – Windows 2000, NT, and XP: also store LM
hash by default for backwards compatibility (can be disabled)
– Windows Vista onwards: eliminates LM hash store NT(LM) hash only
© Yingjiu Li 2007 12
LM Hash
• Security of LM hash– Passwords >7 chars two 7-char halves are hashed
independently– Upper case only (26+10 for alphabets and numbers)
• 36^7=2^36 for each half, 2^37 possible pwds– Modern desktop can brute-force any LM hash (14-char
pw) in a few hours.
• User pwd uppercase• Null-padded or truncated to 14 bytes 7+7 bytes• 1st 7 bytes DES key1; 2nd 7 bytes DES key 2• Each DES key enc. string “KGS!@#$%” 8+8 bytes
32 hexes=128 bits
© Yingjiu Li 2007 13
NT(LM) Hash
• MD4 hash value of password– 16 bytes=128 bits (the same length as LM hash)
• Security of NTLM hash – not half-half, not upper case only (52+10 for
alphabets and numbers)– 62^14 =2^84 possible pwds – (compare to 2^37 pwds in LM and 2^56 pwds
in UNIX)
© Yingjiu Li 2007 14
SAM File
• Where does windows store LM hash and/or NTLM hash?– C:\Windows\System32\config\SAM– Can you read/copy it? – How to get access to it? – Password cracking test/lab in week 11
© Yingjiu Li 2007 15
Password Attacks
• Brute force attack
• Dictionary attack
© Yingjiu Li 2007 16
Brute Force Attack
• Mallory– Get access to a hashed/encrypted password file– Hash/encrypt every possible password and
compare it to password file
• How to thwart brute force attack?
© Yingjiu Li 2007 17
Dictionary Attack
• Mallory– Create a dictionary of commonly used
passwords– Pre-compute a password file for pwd dictionary– Look for a match between pre-computed
password file and real password file
• How to thwart dictionary attack?
© Yingjiu Li 2007 18
Choose strong pwd– DO NOT use anyone’s name as your password.
– DO NOT use words in common dictionary as your password.
– DO NOT use birth date as your password.
– DO use a combination of alphabets, digits and special characters.
© Yingjiu Li 2007 19
Choose long pwd• Using pass-phrase
– Easy to remember
– Longer, thus harder to crack
• Examples– Redskin is My Favorite @ SMU (to login at SMU)
– Redskin is My Favorite @ gmail (to login at gmail)
© Yingjiu Li 2007 20
Change pwd frequently?
• Arguable
© Yingjiu Li 2007 21
Review 1. How long is unix password when stored
1. 12 bits
2. 56 bits
3. 64 bits
2. How long is LM hash or NT hash1. 14 letters
2. 64 bits
3. 128 bits
3. To thwart brute-force attack, we need to choose1. Strong passwords
2. Long enough passwords
3. Strong authentication of passwords
© Yingjiu Li 2007 22
Notice
• Project draft (hard copy) due during week 9 class– It will not be graded