Basics of Authentication Flashcards
How can we authenticate?
Something you know - passwords, security questions Something you have - security tokens, second device (e.g., smartphone) Something you are - biometrics (Somewhere you are) - physical location or machine in use
Password Authentication Challenges
- Secure storage: how is the password stored on the system?
- Secure communication: how is the password communicated to the system, e.g., to avoid replay attacks?
- Usability: how should a user remember a “strong” password?
- Denial of Service vs. Security: how often would you let an attempt
fail before blocking an account? - Availability: how to recover from blocked accounts/forgotten passwords?
Explain Salting
§ Salting makes precomputation infeasible
- assuming an n-bit salt, the precomputed table increases by 2^n of its original size
§ Salting hides duplicate passwords
- assuming a different salt is used on both
§ Salting slows down cracking of x multiple passwords by a factor of x
- every candidate must be hashed with each different salt
§ Salting does not slow down cracking of single password
- salt is always stored with password, attacker can combine them
Explain Peppering
§ Pepper is a secret password also used when hashing the password
- pepper is not stored in database, only in the application that verifies the entered password
- pepper complements salt: makes it much harder to find password even if hash and salt are known
§ Calculate H(Password_Alice | salt_Alice | pepper_app), store hash and salt
- on login attempt, use entered password, salt, and pepper to calculate hash, compare against stored from database
§ Peppering helps if DB is compromised, but not the application itself
- e.g., through SQL injection like with Adobe
Hash stretching
Basic idea: slow down computation of a single hash
Example:
- bcrypt: variable number of Blowfish rounds
- scrypt: similar to bcrypt, uses 16MB for computation
Biometrics for Authentication
fingerprint, voice, face, keyboard timing, etc
Clear advantage: cannot be forgotten
Numerous disadvantages though
- Cost, Installation, and Maintenance
- Reliability of comparison algorithms (need to have certain thresholds)
Token-based Authentication
§ General idea: server and token share a secret key
- can both use the secret key to derive same one-time password
§ Pros
- User does not need to remember any password
- Eavesdropping is not an issue
§ Cons
- Device loss
- Requires devices to be carried around
- Relatively expensive (requires specific server software)
Two-Factor Authentication
For certain situations, you might want to combine two authentication methods
- automated passport control at border: requires owning passport and authenticates owner with facial recognition (alternative: border police officer checks your photo manually)
- bank withdrawal requires not only having the bank card, but also knowledge of the PIN
Consider the usage of an online banking app on a smartphone. For the TAN mechanisms mTAN, chipTAN and pushTAN, briefly state whether they can be considered a secure two-factor authentication method. If they are not, describe an attack.
- mTAN: Not a valid two-factor authentication mechanism.
- chipTAN: Yes
- pushTAN: Not a valid two-factor authentication mechanism.
When does salting passwords increase the effort an attacker has to apply. Depict a scenario in which this is not the case and evaluate whether pepper would in fact help in this situation.
When the attacker needs to find passwords to multiple differently salted hashes. It is not the case when he only tries to get his hands on one specific password. If the attacker can get his hands on the pepper it is the same as for the specific salt, however if it is unknown he needs to (potentially) try out all possible values thus increasing the effort of an attacker by a significant factor.
On- and offline attacks
§ Online attacks
- refers to the fact that the authentication system must be queried over and over again (e.g., a Web site login)
- severely limits amounts of passwords to be tested
§ Offline attacks
- attacker somehow gets access to the stored passwords, can crack them on their own machine
- cracking limited by resources of attacker and requirements of single password checking attempt
Exhaustive Search
§ Bruteforce approach (also dubbed exhaustive search) tries every possible combination of characters
- guaranteed to find any password which uses predefined character set and specific length
§ Drawback: passwords are not really completely randomly chosen
- a lot of passwords will not be used, but need to be tested by exhaustive search
Dictionary attacks
§ People are not really good at choosing random passwords
- instead, make use of animals, names, color, numbers, etc.
§ Attacker can leverage this fact by running a Dictionary Attack
- use a list of common words (e.g., dictionary), or previously leaked
password lists (e.g., the rockyou list)
- Idea: try every password in the list, test online or calculate hash
Optimised Offline Cracking: Pre-computation
§ Depending on the length of the password, cracking each possible combination will take significant amounts of time
-> however, hard disk space is pretty cheap
§ Depending on the length of the password, cracking each possible combination will take significant amounts of time
- however, hard disk space is pretty cheap
§ Specialised data structure: Rainbow Tables
- make clever use of hashing and reduction functions to conserve more space
