Identity Verification

1
Identity Verification
2
Outline

• The subject is divided into the following two
  topics
• Identification by something known or possessed,
• Identification by personal characteristics.

3
Introductory remarks

• Need for identity verification
• computer access,
• entry to secure areas,
• use of banking terminals (e.g. ATMs).
• Note difference between identification
  information (unique name) and information to
  verify a claimed identity.

4
Classification

• Classification of identity verification methods
  into four types
• by something known,
• by something possessed,
• by physical characteristic,
• by result of involuntary action.
• We consider first two and last two together.

5
3.1 Verification by something known or possessed

• E.g. passwords (human/human or human/computer),
  PINs.
• Obvious security procedures
• accountability,
• do not write passwords down,
• make them hard to guess.
• Alternative one-time passwords.

6
Password storage

• How should lists of passwords be stored?
• If unencrypted then readable by systems staff.
• Usual solution - hide them using a one-way
  function (easy to compute, difficult to invert).
• Check password by applying function and comparing
  with list entry.

7
Unix password protection

• Unix uses a one-way function to protect its
  password list.
• Two extra features
• slow encryption (25 iterations of DES),
• password salting.
• Salting makes pre-encrypted dictionary attack
  difficult and prevents entire list being attacked
  simultaneously.

8
Unix problems

• Slow encryption not very slow any more!
• Cheap data storage makes pre-encrypted dictionary
  attacks possible.
• Public domain packages exist which can be run
  against password files (they are very
  effective!).
• Hence passwords must not be guessable.

9
Transmission of passwords

• If passwords sent across insecure channel then
  they are vulnerable to interception.
• Simple encipherment is no help.
• One solution is to use a challenge-response
  process.

10
Challenge-response
Login? User name
Challenge random value R
User
Host
Response f(R,P)
11
Properties

• User and system must know password P.
• One-way function f must have property that
  f(R,P), R and f do not reveal P.
• Insecure if not enough passwords.
• Users must have means to compute f reasonably
  quickly.

12
Tokens

• Idea well-established
• keys for doors, cabinets, cars, ...
• magnetic stripe cards - used for ATMs, access
  control to secure sites, ...
• Problems with copying.

13
Magnetic stripe cards

• Very widely used. ISO 7810 specifies card
  dimensions and magnetic stripe format.
• User ID on magnetic stripe.
• Usually used with PIN.
• Off-line systems - PIN check data on card. N.b.
  PIN check data must be salted.
• On-line systems - PINs verified centrally.

14
Layout of magnetic stripe card
15
Using magnetic stripe cards

• Problems arise because of easy forging/copying.
• Hologram (on card) added to prevent changing
  embossed data.
• Many schemes devised to make forging/copying
  difficult.

16
Smart cards (IC cards) I

• Contain micro-processor, RAM and ROM.
• More memory than magnetic stripe cards.
• Communicate with reader via plated areas on card
  (positions/protocols standardised in ISO/IEC
  7816, a multi-part standard).
• Copying much more difficult.
• 1st generation cards had primitive processors and
  limited memory (8 kbytes).

17
Smart cards II

• 2nd generation IC cards - more powerful
  processors and more memory.
• If IC card contains cryptographic function, can
  then be used in an identification process (e.g.
  challenge-response).
• Typically they also require PIN entry.
• Increasing range of applications.

18
Smart card applications

• In some countries (e.g. France) smart cards
  routinely used for credit card transactions.
• In UK, are being piloted for debit/credit.
• Used widely in GSM mobile telephones to store
  user identity and user secret keys.
• Electronic money smart cards.
• Soon, IC cards able to perform digital signatures
  are likely to be widely used.

19
Hand-held ID devices

• Alternatives to smart cards for ID verification
  include calculator-like devices with
• key-pad and display,
• key/password storage,
• cryptographic calculation facility.
• Can be used with standard work-stations (no card
  reader required).

20
Watchword

• Example of hand-held device.
• Device contains user key, user PIN and one-way
  function f.

21
Watchword protocol
(1) Challenge R
(2) R user PIN
Communications via hand-held keyboard/display
Communications via workstation keyboard/display
Host
Hand-held device
User
(3) f(K,R,PIN)
(4) f(K,R,PIN)
22
Safe 200

• Another device of Watchword type.
• Not challenge-response but generates a new
  5-digit password for every identification.
• One-time password called a Session PIN (SPIN) - a
  one-way function of a secret register value
  updated for every SPIN generation.
• Any of 3 successive SPINs accepted.

23
Safe 200 system
S200 user device
PIN
5-digit SPIN
1-way function
User
Host
20 decimal digits
20-digit register
update
1-way function
24
S/KEY

• S/KEY is a public domain one-time password scheme
  (Internet RFC 1760).
• Based on repeated application of a one-way
  function of a secret key.
• First apply one-way function N times to secret
  key (to get 1st password), then apply N-1 times
  (to get 2nd password), and so on - giving N
  one-time passwords.

25
S/KEY system
Challenge, N
User
Host
Response, fN(s)
26
Time-based 1-time passwords

• Another well-established idea is to use a clock
  to generate one-time passwords (also using a
  secret key).
• At regular intervals, the clock value and secret
  key are input to a one-way function to generate a
  one-time password.
• The host will accept one password either side
  of the current one.

27
Time-based system
user device
PIN
one-time password
1-way function
Host
User
time-stamp
clock
28
3.2 Identification by personal characteristics

• Passwords may be revealed or guessed.
• Tokens may be lost or stolen.
• Hence use of personal characteristics (may be
  harder to forge). Long history of use.
• Device measuring characteristics must be trusted
  (e.g. physically secure) otherwise replay
  possible.

29
Machine recognition

• Many different automatic recognition schemes
  proposed
• signature recognition,
• fingerprints,
• voice,
• retinal scan,
• hand geometry,
• typing patterns/use of language.

30
Errors

• Human characteristics vary over time.
• Balance needed between 2 types of error
• Type I system fails to recognised valid user
  (false alarm).
• Type II system accepts impostor (false
  acceptance or impostor pass).
• Trade-off between two error types.

31
Signature verification

• Signatures in wide use for many years.
• Signature generating process a trained reflex -
  imitation difficult especially in real time.
• Automatic verification either
• static (looks at a generated signature), or
• dynamic (observes signing process).

32
Dynamic signature recognition

• Dynamic verification makes forgery much more
  difficult.
• Variety of characteristics can be used
• writing rhythm,
• contacts with surface,
• total time,
• turning points, loops and slopes,
• velocity and acceleration.

33
Dynamic signatures (contd.)

• Measurement techniques include
• accelerometers in special stylus,
• strain gauges in special stylus,
• special writing pad.
• Must minimise interference with normal signing
  process.
• Users allowed fixed number of tries.
• Some users very inconsistent.

34
Fingerprint verification

• Ridge patterns on fingers uniquely identify
  people.
• Classification scheme devised in 1890s.
• Major features arch, loop, whorl.
• Each fingerprint has at least one major features
  and many small features.

35
Machine recognition

• In a machine system, reader must minimise image
  rotation.
• Look for minutiae and compare.
• Minor injuries a problem.
• Automatic systems can be defrauded by copies of
  fingers (or even detached real fingers!).

36
Features of fingerprints
37
Voice verification

• Humans do this well.
• Voice prints introduced for reliable and
  impartial voice recognition.
• Automatic voice recognition requires control over
  conditions in which users speak and what they
  say.
• Typically users repeat a set sentence.

38
Voice recognition - properties

• Advantages
• simple for users,
• non-intrusive.
• Disadvantages
• takes a long time (both to speak and to analyse
  speech),
• voices very variable (colds, time of day, etc.),
• copying very easy (unless pass phrase varies).

39
Retinal pattern recognition

• Retinal blood vessel pattern highly
  characteristic of individual.
• Original systems required user to look in
  eyepiece and focus on crosswire.
• Machine scans eye with low intensity infrared.
• More recent systems avoid need for eyepiece (less
  intrusive).

40
Retinal scans - properties

• Advantages
• can work very well,
• quick.
• Disadvantages
• users may be worried by idea,
• intrusive (but newer systems much less so).

41
Verification process

• Error tolerance setting is crucial.
• Tolerance too large gives Type II error (admit
  impostors).
• Tolerance too small gives Type I errors (reject
  authorised users).

42
Pass rates