CMSC 414 Computer and Network Security Lecture 14 - PowerPoint PPT Presentation

About This Presentation
Title:

CMSC 414 Computer and Network Security Lecture 14

Description:

Biometrics. How much entropy is there? How private are these? How reliable are they? ... Biometrics. Difficult to use securely. Errors. Non-uniform. Still need ... – PowerPoint PPT presentation

Number of Views:36
Avg rating:3.0/5.0
Slides: 11
Provided by: jka9
Learn more at: http://www.cs.umd.edu
Category:

less

Transcript and Presenter's Notes

Title: CMSC 414 Computer and Network Security Lecture 14


1
CMSC 414Computer and Network SecurityLecture 14
  • Jonathan Katz

2
Password-based protocols
  • Any password-based protocol is potentially
    vulnerable to an on-line dictionary attack
  • On-line attacks can be detected and limited
  • How?
  • Off-line attacks can never be prevented, but
    protocols can be made secure against such attacks
  • Any password-based protocol is vulnerable to
    off-line attack if the server is compromised
  • Once the server is compromised, why do we care?

3
Password-based protocols
  • Best Use a password-based protocol which is
    secure against off-line attacks when server is
    not compromised
  • Unfortunately, this has not been the case in
    practice (e.g., telnet, cell phones, etc.)
  • This is a difficult problem!

4
Password storage
  • In the clear
  • Hash of password (done correctly)
  • Doesnt always achieve anything!
  • Makes adversarys job harder
  • Potentially protects users who choose good
    passwords
  • Salt-ed hash of password
  • Makes bulk dictionary attacks harder, but no
    harder to attack a particular password
  • Encrypted passwords? (What attack is this
    defending against?)
  • Centralized server stores password
  • Threshold password storage

5
Centralized password storage
  • Authentication storage node
  • Central server stores password servers request
    the password to authenticate user
  • Auth. facilitator node
  • Central server stores password servers send
    information from user to be authenticated by the
    central server
  • Note that communication with the central server
    must be authenticated!

6
Authentication tokens
  • RSA SecureID
  • PIN-protected memory card
  • Cryptographic smartcards
  • Aladdin eTokens
  • Still need a secure protocol!

7
Biometrics
  • How much entropy is there?
  • How private are these?
  • How reliable are they?
  • Revocation?

8
Biometrics
  • Difficult to use securely
  • Errors
  • Non-uniform
  • Still need a secure protocol

9
Biometric authentication
  • How can you securely authenticate yourself to a
    remote server using your fingerprint?
  • Trivial solution

Server
User
close?
Completely vulnerable to eavesdropping!
10
Better(?) solution
Server
User
nonce
h
A single-bit difference in the scanned
fingerprint results in a failed authentication!
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "CMSC 414 Computer and Network Security Lecture 14" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!