Authentication and access control Flashcards

Question

How often does collisions occur?

Answer 1

For a hash of length n bits, a collision can be found in 2^(n/2) trials

Answer 2

As creating a digital signature for a large message is an expensive process, we first create a hash of the data, and then a digital signature of that hash. The clear text message is then sent along with the signed hash value of the text. h = H(m), hash of message S = Enc(K_priv, h), hash signature The reciprient can then calculate the hash of the message and see if it matches: h = H(M)

Answer 3

A system for key distribution. A PKI is a trusted server that will create signatures and sign things for their users. Digital certificates are one of the fundamental building blocks of PKI.

Answer 4

A mathematical scheme for verifying the authenticity of digital messages and documents. A digital signature upholds properties of both authentication and integrity, by providing a strong reason for the recipient to know that the message indeed came from the given sender, and that the message was not altered in transit.

Answer 5

Data -> hash function -> hash S = Enc(K_priv, hash), create signature by encrypting the hash Send signature + data = Digitally signed data

Answer 6

First run the data through the has function. H(M) = h Then decrypt the signature with the signers public key. Dec(S, K_pub) = h Check if the two hashes are equal, only then can the data be verified

Answer 7

An electronic document proving ownership of a public key. Contains: - Information about the key - Information about the identity of the owner (subject) - The digital signature of an entity that has verified the certificate's contents (issuer)

Answer 8

PKI servers does not only need to verify who a message came from. They also need to provide information about the public keys themselves. For example, if and key have an expiration date, and when this might be. A CA (Certification Authority) signs digital certificates and attest for the key and give information about this key. This information includes things like - why you know that this is a certain subject's key. - Who issued them - Version number

Answer 9

Have one CA that gives out certificates to all serves, devices and computers you want to issue them for. CA -> User certificate, Server certificate, Device certificate In practice, it is too burdensome for only one CA to handle all the certificates, making it more practical to implement multi-level hierarchies. The root CA has the authority to issue certificates for certain entities. This entities can their own CA's that can issue certificates to other sub-entities Root CA -> CA_1, CA_2, User CA_1 -> User_1, User_2, User_3 CA_2 -> User_4, User_5, User_6 PKI's can use cross-certification, where two CA sign for each other. Trusting one of them will automatically lead to trusting the other CA_1 - CA_2 CA_1 -> user1, user2, user 3 CA_2 -> user4, user5, user6 PKI's can use bridge CA, where one CA acts as a bridge that certifies all the other CA's, and all the others certify the bridge

Answer 10

The software will use Trust Path Building. The software that is going to validate the certificate (browsers, etc..) are often pre-installed with a set of trusted certificates. The software will then see if it can find a path of certificates from one of the certificates it trusts, down to the certificate the software is trying to get to. (Follow a chain of trust).

Answer 11

The software will use Trust Path Building. The software that is going to validate the certificate (browsers, etc..) are often pre-installed with a set of trusted certificates. The software will then see if it can find a path of certificates from one of the certificates it trusts, down to the certificate the software is trying to get to. (Follow a chain of trust)

Answer 12

Cross certification is when two CA's sign for each other. Meaning, that if either of them is in a system's trusted CA's, you will be able to follow a trust path from them

Answer 13

When one CA operates as a hub, or a bridge CA, that sits in the middle of a lot of trust relationships. Meaning it validates a lot of CA's and all the other CA's certifies this bridge. This structure does put a lot of paths through one CA, potentially causing issues

Answer 14

Certificate authority (CA): Responsible for issuing certificates Registration authority (RA): Verifies the identity of the individual requesting a certificate Certificate repository and revocation information: Hold information about which certificates are still valid

Answer 15

Verifies the identity of the subject requesting a certificates. Tries to figure out why we would belive that the subject is who they say they are. A subject or user would communicate directly to the registration authority by providing authentication of who you are, so you can obtain a certificate. How this authentication happen varies based on what type of certificate you are getting. Registration authorities can be people but also machines and software

Answer 16

If private keys have been compromised. Certification information is no longer valid. KeyGen algorithm has been proven insecure. Encryption algorithm has been proven insecure.

Answer 17

A certificate that list who you revoke trust in. For each certificate in the list, its serial number, the time of revocation and reason for revocation is listed. The CA will then sign it and communicate that these should no longer be trusted. A system would need to download this list. The CRL contains information about the key, which trust should be revoked, revocation data and signature. Is released at a CDP (CRL Distribution Point)

Answer 18

Key compromise event - Certification revocation request - CA signs Certificate revocation - new CRL is issued communicating to users the certificate can't be used

Answer 19

The revocation process takes a lot of time, burdensome, doesn't work well in practise. CRL's can be generated very slowly because of how some CA's may operate.

Answer 20

A server tells you if a certificate has been revoked. Preferable compared to CRL's

Answer 21

Additional cost for having the system be online all the time. Certificates being stale

Answer 22

Do not generated keys. Organisations will generate keys, and then go to a CA to prove that they own that key-pair. CA's will then provide and sign the organisation a certificate that states that the organisation does in fact own that key pair.

Answer 23

Authentication is when you prove your identity to another actor

Answer 24

User claims an identity (often by providing a username) The server challenges the user by asking for a password The user supplies this password as proof of identity

Answer 25

1. Something you have 2. Something you are 3. Something you know

Answer 26

A person wouldn't leave their home without their phone. Because of this the phone can be used as a form of authentication, just because of the fact that you would always bring it. When you have the key to your house, you authenticate that you in fact are the owner of the house. Drawback: Phone/key could be stolen

Answer 27

Use biometrics to identify Face, fingerprints, DNA, voice recognition

Answer 28

Passwords It's very scalable and people understand how to use them well. Drawbacks: - Difficult to create strong passwords, password reuse - People can figure out you password (look over your shoulder, etc.)

Answer 29

Only the password hash is stored

Answer 30

A password has was stored on creation. During authentication, a user provides the password and its hash is then compared to the hashed stored. Only if the hashes are identical, authentication would be granted. Drawbacks: - Vulnerable to Dictionary attacks: Someone creates a dictionary of common passwords and their hashes. If there is a memory leak of passwords, you can then compare the hashes to the ones in the dictionary and by that figure out the passwords.

Answer 31

Uses pre-computed hash chains (hash-reduce-hash-reduce...) - You have the original hash function - You have a reduce function (does not invert the hash. Takes the hash and reduces it to some plain text - not the original though) Only the first and the last word of the hash chain is stored (start word and the final reduced word)

Answer 32

You have a hash, and want to find the password for this hash. Reduce the hash (this gives you some plaintext) Compare with endpoint in rainbow table Hash and reduce until the endpoint is found Entry found, load starting value Hash and reduce the starting value until the hash is the same as the hash you started with in the beginning (the provided hash value is found) The final reduced value is the password - the word that gave the hash

Answer 33

Salt hashes Salts are random values that are put with the plaintext password, before the password is hashed. What is stored is the random salt and the hash. An attacker can no longer pre-compute the hashes of common paswords

Answer 34

A plaintext password is provided with the stored salt. These are then hashed and compared to the stored hash.

Answer 35

Weak password, password reuse Attacks: Dictionary attack, rainbow table attack

Answer 36

Enforcing password policies (min 8 signs, upper and lowercase, ...)

Answer 37

Phising Malware Online bruteforce (go to a site and trying passwords until you find the right one) Offline brute force attacks

Answer 38

The password file must leak and be undetected - If leak is detected - the password can be reset and the offline attack is ineffective The leak can result in you getting: - Plaintext password (offline attack unneeded, you have the password) - Unsalted and hashed (Rainbow table lookup) - Salted and hashed (Offline bruteforce attack) - Reversibly encrypted (decryption key leak: offline attack unneeded - have plaintext, decryptioin key unleaked: offline attack not possible)

Answer 39

Password attack used on hashed and salted passwords. Can be mitigated by having strong, and long passowrds.

Answer 40

Indicators of how strong a password is. Giving feedback to the user during creation time

Answer 41

Users choose longer passwords Decrease guessability of passwords

Answer 42

Three different approaches: - recognition: presented with different images, and you must remember your own recall: user remember their visual cued recall: prompted with a picture and then have to interact with it Advantage: - Easier to remember images than words - Visual objects seems to offer a larger set of usable passwords

Answer 43

Interaction with photos are psychological and culturally biased - behaviour can be predicted Make FOA maps (focus-of-attention): Images can be prosessed and estimate where the image is likely to be clicked

Answer 44

Focus-of-attention map Gives probability of each estimated click point on an image Calculated probability based on low-level properties (contrast, color)

Answer 45

Something-we-are Biometric: Biological characteristic that can identify an individual Authentication based on identifying characteristic of the user (face, fingerprint, voice, ...) Two groups: behavioural biometrics and physical

Answer 46

Universal (everyone must have it) Distinctiveness (limited to you, nobody should have the same as you) Permanence (the characteristic should stay the same over time) Collectability

Answer 47

Performance: If the system takes a long time to log in, nobody would want to use it Acceptability: The biometric must be acceptable, nobody would want their DNA to be used to log into facebook Circumvention: The biometric system shouldn't be able to be circumvented. I.e if you don't have a camera and a fingerprint scanner - just use your password. The system is now circumvented. Biometric systems are in practise pattern recognition systems: the biometric will not be exact every time it is measured (noice in sensor, noice in biometric - dirty fingerprint). The system must allow biometrics that are close enough to the original to be accepted

Answer 48

Accuracy speed resource requirement Harmless to user accepted by intended population sufficient robust to various attacks

Answer 49

Sensor module Feature module: Take raw data and extract meaning from it Matcher module: Try to find a match in the database System database module: Stores biometric

Answer 50

The user provides an identity and a biometric to prove the identity. System checks if biometric belong to the identity provided login -> feature extraction -> matcher <- System database sends ONE template

Answer 51

No identity is being claimed, only the biometric is sent. The system will check if the biometric is stored in the database login ->feature extraction -> matcher <- database sends N template

Answer 52

Can get a false match: The biometric matches the wrong individual Can get a false non-match: The biometric doesn't match the true identity FTC: Failure to capture (sensor doesn't et a good enough reading) FTE: Failure to enroll (provided data doesn't give a good enough match that a security decision can be made)

Answer 53

The system aren't looking for an exact match, in a way passwords has to be exact. The system will use pattern recognition to find a match that is close enough

Answer 54

H_0: Input X_Q does not come from the same person as the template X (this is the null-hypothesis) H_1: Input X_Q comes from the same person as the template X (the alternative hypothesis) The system then make decisions based on the hypothesis: - D_0: person is not who they claim to be - D_1: The person is who they claim to be Look at input: S(x_Q, X_I) >= t, then D_1, else D_0 (If the similarities between the input and the template is above a threshold)

Answer 55

D_1 when H_0 The decision D_1 (person is who they claim to be) is made when in reality the null hypothesis H_0 is correct

Answer 56

D_0, when H_1 The decision D_0 (person is not who they claim to be) is made when in reality the alternative hypothesis H_1 is correct

Answer 57

The probability o a false-match error happening is biometric systems FMR = P(D_1 | H_0)

Answer 58

The probability of a false non-match error happening in biometric systems FNMR= P(D_0 | H_1)

Answer 59

How you talk, walk, type, etc...

Answer 60

Commercial (What users use often, credit card, cellular phone, atm) Government (id card, drivers licence, passport control, hightened threat model ) Forensic (terrorist identification, missing person)

Answer 61

Speed: Can be slow to compute FMR will increase when scaling up the amount of users Irrevocability - if a data leak happens, people can't change their biometrics

Answer 62

- Noise in sensed data - Distinctiveness: The first measure might not be distinctive. E.g if you only measured parts of you fingerprint - Spoof attacks: Your biometric gets measured and stored somewhere else and then put to use (fingerprint on glass)

Answer 63

Take multiple measurements of biometric and combine them This fusion can happen on sensor level, feature, opinion or decision level

Answer 64

Fixed rules: Everything gets equal weight Trained rules: Uses different classifiers, unequal weight Adaptive rules: Adaptive weight

Answer 65

During decision level fusion, each classifier has defined a class for the measurement, or given weight to the possible classes based on the measurement. When combining the output from the different classifiers there might be some ties

Answer 66

Improves the False-Acceptance-Ration System 1 -> AND -> System 2 The AND must be true Ex. fingerprint AND face must match

Answer 67

Improves the False-Rejection-Ration Either this OR this

Answer 68

A problem with biometric data leaking is that it is inrevokable. A person cannot get a new DNA or a fingerprint. To protect against this template protection can be used. Here, the biometric is measured by the sensor, registered and then processed before it is stored. If a leakage would occur, the processed template would leak and not the biometric itself. This template is revokable, because you can change the method for processing the template.

Answer 69

Straight feature protection Key-generating Key-binding

Answer 70

Protect the features by using a transformation on the biometric. The template stored is an irreversible transformation of the biometric

Answer 71

The biometric goes into a keyGen or hashing algorithm, and out comes a key

Answer 72

Biometric cryptosystem that binds key data with the biometric data. You generate a random key at enrollment, and mix that with the biometric in a way that is reversible. During verification, you supply the biometric to the template and remove it to see if you are left with the correct key.

Answer 73

Maps two similar inputs to the same hash value One way error tolerant (if reading is little off, you still get same hash) easy to generate Scalability (collision free)

Answer 74

A key-binding approach Start with a numerical secret that can be broken down to a polynomial During enrollment, minutiae from the fingerprints are plotted on the polynomial. Now the graf is just a mess of points based on the minutiae - chaf points that are hiding the polynomial During verification you take the same minutiae from the fingerprint and remove it from the graph, to get back the secret polynomial

Answer 75

Key-binding approach Have a codeword C that is encoded in binary Then you use a fixed length biometric feature vector X (fingerprint, ...) A commitment is then made by XOR-ing X with C A hash of C and the commitment is stored in the database

Answer 76

Example: touch recognition Data alignment: - x- and y-coordinates for touch during different time - How is the specific fingers moving, are they crossing or just going up and down? Distance function Dissimilarity score

Answer 77

When you combine two out of the three types of authentication (something you are, -have, -know)

Answer 78

A password is generated and sent to you (your phone etc.) Is event based - the moving factor is triggered by an event

Answer 79

You have a token that contains a number, and then you provide that number to be verified by an authentication service. Time based OTP - moving factor is time OTP is changing on the hardware token and the server at the same time interval

Answer 80

A protocol for authentication based on tickets. Relies on a key server, that provides third party authentication in a distributed network. The access control based on the server is used to access the computer resources in the network

Answer 81

A series of mechanisms that specify what a user can do, which resources they can access and what operations they can perform on the system. Restrain behaviour, use and content of a system.

Answer 82

Identification, authentication and authorization

Answer 83

Identifying a subject based on a piece of public information, such as a username. Each username or identification information should be unique and should follow a standard naming scheme. The value should be non-descriptive of the subject's role or position - people often change position and tasks over time.

Answer 84

Proving the identity of a user, by using something the subject has, is or know.

Answer 85

Determining that the proven identity of a subject has some characteristics that gives them the right to access the requested object. The access criteria can be thought of as roles or rules

Answer 86

A secure, always-used and testable module that controls all access to data objects or devices. It verifies the request against a table of allowable access typesfor each process on a system. It should not be possible to bypass the reference monitor (always-used) Subject request - > Reference monitor - > Deny / Grant requets Policy - >

Answer 87

A system allows the owner of the objects to control which subjects has access to which objects. Access control is at the discretion of the owner

Answer 88

Access based on a security labeling system. Users have security clearance and objects has labels that contains data classifications. Used when classification and confidentiality is very important.