Authentication and Access Control in Distributed Systems - PowerPoint PPT Presentation

About This Presentation
Title:

Authentication and Access Control in Distributed Systems

Description:

Compliance defect: 'a rule of operation that is difficult to ... Recognizing a melody but not its name ... Or keep the same interface but make it more effective ... – PowerPoint PPT presentation

Number of Views:70
Avg rating:3.0/5.0
Slides: 28
Provided by: miker85
Learn more at: http://cups.cs.cmu.edu
Category:

less

Transcript and Presenter's Notes

Title: Authentication and Access Control in Distributed Systems


1
Title Goes Here
Toward Fixing the Compliance Defects of Public
Key Cryptography
Mike Reiter Professor of ECE and CS Carnegie
Mellon University
2
Compliance Defects in PKIDavis 1996
  • Compliance defect a rule of operation that is
    difficult to follow and that cannot be enforced

3
Compliance Defects as a User Interface Issue
  • Users have neither
  • The patience to verify a large string of hex
    digits
  • The capacity to remember strong cryptographic keys
  • Problem gets worse with longer keys and hashes

4
Keeping it in Perspective
  • Compliance defects are not unique to PKI
  • Suretys digital notary service relies on users
    to compare a hash published in the New York Times
    to a computed one
  • File encryption poses similar challenges as
    protecting a private key does
  • These compliance defects are not the only user
    interface problem for cryptographic (or security)
    systems Kent 1997 Whitten Tygar 1999

5
How to Fix Compliance Defects
  • Remember, a compliance defect is
  • A rule of operation that is
  • difficult to follow ? cannot be enforced
  • To fix a compliance defect, one conjunct must be
    negated
  • That is, either
  • Improve the user interface
  • Impose an enforcement mechanism

6
Imposing an Enforcement Mechanism
  • Protecting the private key
  • Give the user her private key on a PIN-activated
    smartcard
  • Choose the password for the user
  • Force the user to choose a stronger password
    (e.g., proactive password checking)
  • Verifying the roots public key
  • Somehow do it for the user (a la Firefox and IE)

7
Improving the User Interface
  • Make the user interface more pleasant
  • Pleasant ? graphical
  • Pictures are easier to remember than words
  • Some cognitive theories
  • Pictures share fewer common perceptual features
    and so must be discriminated from a smaller set
    of possible alternatives
  • Human brain has separate verbal and non-verbal
    memories
  • Recognizing a face but not the persons name
  • Recognizing a melody but not its name
  • Or keep the same interface but make it more
    effective

8
SnowflakesLevien 1996
  • A graphical approach to displaying hash outputs
  • Computed in lt 200 lines of C

9
Random ArtBauer 1998 Perrig Song 1999
  • Another approach to visualizing hash outputs
  • Hash value used as seed to generate a function f
    ?1,12 ? ?1,13
  • f(x, y) is the RGB triple for pixel at (x, y)

10
Random Art How it Works
  • Function f is generated from a grammar that
    permits coin flips
  • All coin flips generated pseudorandomly from seed
  • Grammar can include other functions, e.g.,
  • sin
  • cos
  • exp
  • square root

11
Graphical PasswordsBlonder 1996 Jermyn et al.
1998
  • Suitable mainly for PDAs permitting stylus input
  • Useful for encrypting private key, or seeding its
    generation

pen-up
Sequence (2,2)(3,2),(3,3),(2,3),(2,2),(2,1),(5,5
) Key hash(Sequence)
12
Security of Graphical Passwords
  • How might one argue that graphical passwords are
    more secure than text ones?
  • Show that number of memorable graphical passwords
    exceeds number of memorable text passwords
  • How does one quantify the memorable graphical
    passwords?

13
Complexity of a Graphical Password
Grammar
Program Digit Digit Block Block Stmt
Block Stmt Instr Repeat Digit Block
End Instr Up Down Right Left Penup
Pendown Digit 1 2 3 4 5
  • Complexity length of shortest program that
    generates the password

Complexity 26
14
Memorable Password Space
Comp 24
Comp 39
Comp 42
Surpasses size of the dictionary used in Klein
1990.
15
Encryption Application for Palm Pilot
Plaintext
16
The Challenge of Graphical Schemes
  • How secure are they, really?
  • Can an attacker generate a key for which the
    snowflake or art depiction fools someone with
    non-negligible probability?
  • Depends on lighting, size of representation,
    printer quality,
  • Is the entropy of a graphical password really
    better than a text password?
  • Only user studies will tell

17
Making the Old Interface More Effective
  • Mainly applies to private key protection
  • Less so for root key validation
  • Old interface password
  • Making it more effective making dictionary
    attacks harder
  • Two approaches we will discuss here
  • Use the network
  • Use the user

18
Using the NetworkLomas et al. 1989 Bellovin
Merritt 1992 Perlman Kaufman 1999
  • Store private key in a protected server that
    authenticates user before sending the private key
  • Eavesdropper gains nothing to use in offline
    dictionary attack
  • Forces dictionary attacks to occur online
  • Server can detect and stop them
  • But break-in at server leaks private key
  • Possibly after an offline dictionary attack

19
Reducing Trust in the ServerMacKenzie Reiter
2001
  • Keep the key at the client, but in a disabled
    state
  • Break-in at server leaks nothing
  • Online dictionary attack possible only after
    device is captured
  • Server can again detect and stop the attack
  • Offline attack requires capture of both client
    device and server

20
Reducing Trust in the ClientMacKenzie Reiter
2001 Boneh et al. 2001 c.f., Ganesan 1985
  • Can disable the device if stolen
  • Even if attacker knows the users password
  • Same properties as before, plus disabling
  • Known techniques depend on particular form of
    private key
  • All use function sharing primitives

21
Server Delegation
  • Delegation enables use of local server
  • Or a smartcard for offline operation
  • Device can unilaterally revoke delegated servers

22
Using the UserSoutar et al. 1996 Davida et al.
1998 Juels Wattenberg 1999 Monrose et al.
1999
  • Use biometric features during entry of a password
    to construct a hardened password
  • Hardened password useful for key encryption
  • Portables not equipped with hardware for most
    biometric techniques, but do typically have

or
23
Initialization
24
Reconstructing the Hardened Password
  • Table decrypted using entered password
  • Biometric features induce cut through table
  • One element per row is selected
  • Selected elements used to reconstruct hardened
    password

25
Hardening the Hardened Password
  • System learns users biometric features over
    repeated logins
  • Pieces not used by correct user are destroyed
  • Enhances protection even against imposter who
    knows the password

26
Dictionary Attacks
  • For each incorrect password guess, decrypted
    table is random
  • For the correct password guess, decrypted table
    is correct one

27
Keystroke Experiments
Guessing Entropy
False Negative Rate
481 recorded logins from 20 users typing the same
8-character password. 15 features.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Authentication and Access Control in Distributed Systems" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!