User authentication Flashcards
Identification
Correctly identifying a user or entity
How a user claims identity to the system
(User authentication) Establishing the validity of the claim
Digital User Auth (NIST SP-800) establish confidence in user identities that are presented electronically to an information system.
-> base for access control and user accountability
-> ensuring authenticity lets admins to set permissions and audit a users activity
NIST 800-63 Guideline
Enrollment and Identity Proofing
IAL1: No requirement to a specific real-life identity. Any attributes +authentication process are self-asserted.
IAL2: Supports real-world existence, claimed identify and verifies applicant is associated with real-world identity. Adds remote or physical identity proofing
IAL3: Physical presence for identity proofing.
Authentication Architectural Model
- An applicant applies to a registration authority (RA) to become a subscriber of a credential service provider (CSP).
RA is a trusted entity vouches identity to the CSP. - CSP engages in an exchange with the subscriber
CSP issues electronic credential to the subscriber
credential is a data structure that authoritateively binds an identity and added attributes to a token possessed by the subscriber and can be verified when presented in an authentication transaction.
It could be an encryption key or password
Token can be issued by CSP, generated by subscriber or provided by third party - User is registered.
=Authentication process= - The claimant want to be authenticated by a verifier through an authentication protocol showing the veryfying token
- Verifier confirms with CSP that claimant is the subscriber present in credentials
- Verifier passes on an assertion about the identity of the subscriber to the RP.
Includes identity information about a subscriber, name, and id or other attributes. - RP uses authenticated information to make access control or authorization decisions
It must prevent impersonation and uncontrolled transferability
Means of Authentication
Something the individual knows: password, PIN, answers to questions
Something the individual possessess: keycards, smart cards physical keys (token)
Something the individual is (static biometric): fingerprint, retina, face
Something the individual is (dynamic biometric): voice pattern, handwriting characteristics, typing rythm.
Multifactor authentication
Using a combination of more than one means of authentication
The strength increases based on the n number of means combined
NIST 800-63 - Assurance Level
Degree of confidence in vetting process + degree of confidence claimant is subscriber
L1: Little or no confidence -> credentials provided
L2: Some confidence -> credentials through a secured channel
L3: High confidence -> restricted services high value, 2 ind authentication techniques
L4: Very high confidence -> restricted services highest value, MFA and in-person registration
Impact: low, moderate and high
Risk: low, moderate and high
Potential Impact Categories for Authentication
- Incovenience, distress, or damage to standing or reputation
- Financial loss or org. liability
- Harm to org programs or interests
- Unauth release of sensitive information
- Personal safety
- Civil or criminal violations
If low -> L1, 2 or 3 for harm, unauth release of information and personal safety
If Mod -> L2 or L3, L4 if it’s personal safety
if High -> L4 assurance level
Password-Based authentication
claimant provides ID + password
- has access to system
- has certain privileges
- Discretionary Access Control
Password Auth - Attack - Offline Dictionary
If password is saved as a one-way hash in DB
Attack:
attacker bypasses controls and checks hashes against DB
Countermeasure:
- Controls to prevent unauth access
- Intrusion detection to identify a compromise
- Rapid reissuance of passwords
Password Auth - Attack - Specific Account / Guessing against single user
Attack:
attacker targets an account and tries to guess its password. (of a single user by using information retrieved)
Countermeasures:
- Lockout mechanism after a number of failed login. Up to 5 intents
Countermeasures (Single user):
- User training in password creation, and length of time until password change
Password Auth - Attack - Popular Password
Attack:
attacker uses popular password to guess against a list of IDs
Countermeasures:
- Inhibit common passwords
- Scan IPs of authentication requests and client cookies for submission patterns
Password Auth - Attack - Workstation Hijacking
Attack:
Logged-in workstation unattended
Countermeasure:
- Automatically lock workstation after period of inactivity
- Intrusion detection schemes changes in user behavior
Password Auth - Attack - Exploiting user mistakes
Attack:
Users might:
- write down the password
- share it without security controls
- use a default system password
- give it in a social engineering attack
Countermeasures:
- User training
- Intrusion detection
- Simpler passwords with other auth mechanism
Password Auth - Attack - Exploiting multiple password use
Attack:
Password shared through different devices in a network increases attack surface
Countermeasures:
Policy that forbids reusing same password for different devices
Password Auth - Attack - Electronic Monitoring
Attack:
Password sent through network is vulnerable to eavesdropping
Countermeasure:
Advanced encryption
Using hash passwords
user selects or is assigned a password, the password is combine with a fixed-length salt value and stored. The salt value is generated using Pseudorandom or Random Number Generation.
Def: hash function h(x) =z, z is called digest
It is one way if it is unfeasible to compute z’s preimage. I.e. h’(z) = x
Prevents:
Two duplicate passwords to have same hash
Increases offline dictionary attacks complexity by 2^b where b = len(salt)
It becomes almost impossible to find multiple password use
UNIX password scheme is vulnerable to brute-force attacks
UNIX
crypt(3):DES
12-bit salt. crypt3([0..]) output is input for next round (25 rounds) # 64 bit zeros
Final 64 -> 11 char seq
- Discourages guessing attacks
- Widely used but vulnerable to supercomputers
MD5
salt up to 48 bits -> 128-bit hash value. Slower than crypt(3) 1000 iterations
Bcrypt:Blowfith symmetric block cipher
passwords up to 55 chars, random salt of 128 bits -> 192 bit hash. Higher cost increases calculation and can be assigned to privileged users
Password cracking
dictionary attack
use precomputation (trade space for time) -> rainbow table
Markov modeling techniques to reduce size of the password space
Probabilistic context-free grammar for password cracking
Harden the password file access control
use a shadow password file (separate file from user IDs) with privilege assigned to only certain users
Password Selection Strategies
User education -> hard with large user base or high turnover
Computer generated -> hard to accept/remember, generate sequence of pronounceable syllables and concatenate them
Reactive password checking -> run a system check on all guessable passwords, cancel any that don’t conform and notify user. Impractical due to resources and cost
Complex password policy/proactive pwd checker. System checks if password is allowed. Balance between user acceptability and strength
NIST SP 800-63-2 - Proactive password checking
Passwords must:
have at least 16 characters (basic16)
have at least 8 characters w/ uppercase + lowercase letter, symbol and a digit. Not a dictionary word (comprehensive8)
basic16 superior vs large number of guesses and easier for users. Better policy
Use dictionary of disallowed passwords
Bloom Filter @review
Rejecting words based on a list.
A bloom filter of order k consists of a set of k ind hash functions where each function maps a pwd into a hash value in the range 0 to N-1
S = {H_1(x),…,H_k(x)}
H_i(x_j) = y, 1<=i<=k; 1<=j<=D; 0 <= y <= N-1 and D = |X|. x_j in X (word in pwd dict)
Hash table of N bits is initialized to 0
For each password, its k hash values are calculated, and bits set to 1
If at least one bit is 1 for a new password it is rejected
Increasing the number of hash functions reduces the probability of having false positives when checking with the bloom filter
Token-Based Authentication - Memory cards
Memory Cards (bank cards back magnetic stripe)
For authentication, provides memory cards plus password (PIN)
Must gain physical possession plus knowing the PIN
Drawbacks (NIST SP 800-12):
- Requires special reader. maintain sec of reader’s HW and SW
- Token loss. System access is lost momentarily, cost in replacement and if found only PIN needs to be guessed
- User dissatisfaction. Use may be deemed inconvenient in some places
Token-Based Auth - Smart Cards
Smart cards (has embedded microprocessor)
- Physical -> look like calculators, keys, portable objects, bank cards
- UI -> keypad and display
- EI ->
Contact interface through a physical contact plate for transmission of commands, data and status
Contactless close proximity to reader. both reader/writer have antenna and communicate through radio frequencies. Range 1/2 to 3 inch building entry and payment
Auth Protocols
Static auth -> user auth to token and token to computer
Dynamic pwd gen -> generates a pwd periodically, used to auth into computer. Must have sync with computer to know token has latest password
Challenge-response -> computer gen challenge, token gen response based on challenge.
Public-key crypto, token encrypt challenge with token’s private key
Contain:
Microprocessor + (co-processing cryptographic circuit)
I/O ports exposed electrical contacts or embedded antenna for wireless comm
Read-only memory -> static data, card number and user’s name
Electrically erasable programmable ROM (EEPORM) -> application data and programs, protocols to execute, dynamic data (remaining talk time in telephone card)
RAM -> temporary data generated when apps execute
Token-based Auth - eID
Electronic Identity Cards
Provided by governments used to provide stronger proof of identify
Contains:
Personal data -> name DOB address
Doc Number
Card access number: 6 digit deicmal random number as password
Machine readable Zone (MRZ) may also be used as a password
Functions:
ePass -> (gov use) stores a digital representation of the cardholder’s identity (offline - passport control checkpoint)
eID -> (gov/comm use) stores an identity record that auth service can access with cardholders permission. Citizen chooses (validate possessor is actual legitimate cardholder)
eSign -> gen digital signature with a private key and a certificate provided by a private sector Trust Center
Biometric Authentication
Facial -> relative location and shape of key facial features or face thermogram with underlying cascular system
Fingerprints -> pattern of ridges and furrows on the surface. Automated recognition extracts features as a numerical surrogate
Hand geometry -> features of the hand, shape, length and width of fingers
Retinal pattern -> veins beneath the retinal surface is unique (projects low-intensity beam of visual or infrared)
Iris -> detailed structure
Signature -> handwriting, hard because multiple samples are not identical
Voice -> voice patterns, hard because pattern changes over time
Each user needs to be enrolled,
All numeric values taken from the features (feature extractor) are called the user’s template.
Verification -> feature + PIN -> template == feature (feature matcher)
Identification -> feature -> is present in DB? (feature matcher)
Remote-based Authentication
Challenge-reponse, See written notes between
All initiate with user asking for challenge and host returning a nonce.
Password Protocol
Token Protocol
Biometric (Static or Dynamic) Protocol
Security issues for user auth - Attacks
Client
password -> guessing, exhaustive search <- large entropy; limited attempts
token -> exhaustive search <- large entropy; lim attempts; theft requires presence
biometric -> false match <- large entropy; lim attempts
Host
password -> plaintext theft, dict or exha search <- hashing; large ent; protection of pwd db
token -> passcode theft <- 1 time passcode
biometric -> template theft <- capture device auth; challenge response
Eavesdropping, theft copying
password -> shoulder surfing <- user diligence; admin diligence to revoke compromised; MFA auth
token -> theft, counterfeiting HW <- MFA auth; tamper resistant/evident token
Biometric -> copying (spoofing) biometric <- copy detection at capture device and capture device auth
Replay
pwd -> replay stolen pwd <- challenge-response
token -> replay solten passcode <- challenge-response; 1 time passcode
biometric -> replay stolen biometric template <- copy detection at capture device and capture device auth via challenge-response protocol
Trojan horse
all -> installation of rogue client or capture device <- auth of client or capture device within trusted sec perimeter
DDoS
all -> lockout by multiple failed auths <- MFA w/ token
