Computer and Network

Security
(Securty of Computer Systems)
Prof. Dr. Hasan Hüseyin BALIK

(3rd Week)
 Outline
• 2. Computer security technology and
principles
—2.1. Cryptographic Tools
—2.2. User Authentication
—2.3 Access Control
—2.4 Database and Data Center Security
—2.5 Malicious Software
—2.6. Denial-of-Service Attacks
—2.7 Intrusion Detection
—2.8 Firewalls and Intrusion Prevention Systems
2.2. User Authentication
 2.2. Outline
• Electronic User Authentication Principles
• Password-Based Authentication
• Token-Based Authentication
• Biometric Authentication
• Remote User Authentication
• Security Issues for User Authentication
 Authentication Process
• Fundamental • Identification step
building block ⚫ Presenting an
identifier to the
and primary security system
line of defense
• Verification step
⚫ Presenting or
• Basis for generating
authentication
access control information that
and user corroborates the
binding between
accountability the entity and the
identifier
 Table 3.1 I dentification and Authentication Security Requirements ( SP 800-171)

Basic Security Requirements:

1 Identify information system users, processes acting on behalf of users, or devices.
2 Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite
to allowing access to organizational information systems.

Derived Security Requirements:

3 Use multifactor authentication for local and network access to privileged accounts and for
network access to non-privileged accounts.
4 Employ replay-resistant authentication mechanisms for network access to privileged and
non-privileged accounts.
5 Prevent reuse of identifiers for a defined period.
6 Disable identifiers after a defined period of inactivity.
7 Enforce a minimum password complexity and change of characters when new passwords
are created.
8 Prohibit password reuse for a specified number of generations.
9 Allow temporary password use for system logons with an immediate change to a
permanent password.
10 Store and transmit only cryptographically-protected passwords.
11 Obscure feedback of authentication information.
 The four means of authenticating
user identity are based on:

• Password, PIN,
answers to • Smartcard, • Fingerprint,
prearranged electronic retina, face
questions • Voice pattern,
keycard, handwriting,
physical key typing rhythm
 Authentication
logic using Authentication
f rst factor logic using
second factor

ol on

ol on
oc t i

oc t i
ot ica

ot ica
pr ent

pr ent
th

th
Au

Au
Pass Pass

Fail Fail
Clie n t Clie n t

Figure 3.2 M ultifactor Authentication

 Risk Assessment for
User Authentication

Assurance
• There are
three Level
separate
concepts: Potential
impact

Areas of
risk
 More specifically Four levels of
is defined as: assurance
Describes an
organization’s Level 1
The degree of confidence
degree of in the vetting process
•Little or no confidence in the
asserted identity's validity
used to establish the
certainty that a identity of the individual
to whom the credential Level 2
user has was issued •Some confidence in the asserted
identity’s validity
presented a
credential that Level 3
•High confidence in the asserted
The degree of confidence
refers to his or her that the individual who
identity's validity

identity uses the credential is the

individual to whom the Level 4
credential was issued •Very high confidence in the
asserted identity’s validity
• FIPS 199 defines three levels of potential
impact on organizations or individuals
should there be a breach of security:
o Low
• An authentication error could be expected to have a
limited adverse effect on organizational operations,
organizational assets, or individuals
o Moderate
• An authentication error could be expected to have a
serious adverse effect
o High
• An authentication error could be expected to have a
severe or catastrophic adverse effect
Maximum Potential Impacts for Each
Assurance Level
 Password-Based
Authentication
• Widely used line of defense against
intruders
o User provides name/login and password
o System compares password with the one stored for that
specified login

• The user ID:

o Determines that the user is authorized to access the system
o Determines the user’s privileges
o Is used in discretionary access control
Password Vulnerabilities
Offline Password
guessing Workstation Electronic
dictionary against hijacking monitoring
attack single user

Exploiting
Specific Popular Exploiting
multiple
account password user
password
attack attack mistakes
use
 Password
Password File
User ID Salt Hash code
Salt

•
slow hash Load •
function •

(a) Loading a new password

Password File
User id
User ID Salt Hash code

Salt

Select Password

slow hash
function

Hashed password
Compare
(b) Verifying a password

Figure 3.3 UNI X Password Scheme

 Purpuses using Salt
• The salt serves three purposes:
o It prevents duplicate passwords from being visible in the
password file. Even if two users choose the same password,
those passwords will be assigned different salt values.
o It greatly increases the difficulty of offline dictionary
attacks. For a salt of length b bits, the number of possible
passwords is increased by a factor of 2b, increasing the
difficulty of guessing a password in a dictionary attack
o It becomes nearly impossible to find out whether a person
with passwords on two or more systems has used the same
password on all of them.
UNIX Implementation
Original scheme
• Up to eight printable characters in length
• 12-bit salt used to modify DES encryption
into a one-way hash function
• Zero value repeatedly encrypted 25
times
• Output translated to 11 character
sequence

Now regarded as
inadequate
• The attack was able to process over 50
million password guesses in about 80
minutes
• Still often required for compatibility with
existing account management software
or multivendor environments
 Improved
Implementations
OpenBSD uses Blowfish block
cipher based hash algorithm
called Bcrypt
•Most secure version of Unix hash/salt
scheme
•Uses 128-bit salt to create 192-bit
hash value
•Bcrypt includes a cost variable which
causes a increase in the time required to
Much stronger hash/salt perform a Bcyrpt
schemes available for Unix •hash.

Recommended hash function

is based on MD5
•Salt of up to 48-bits
•Password length is unlimited
•Produces 128-bit hash
•Uses an inner loop with 1000 iterations
to achieve slowdown
Password Cracking
Dictionary attacks Rainbow table attacks
• Develop a large dictionary • Pre-compute tables of
of possible passwords and hash values for all salts
try each against the • A mammoth table of hash
password file values
• Each password must be • Can be countered by using
hashed using each salt a sufficiently large salt
value and then compared value and a sufficiently
to stored hash values large hash length

Password crackers John the Ripper

exploit the fact that • Open-source password
people choose easily cracker first developed in
guessable passwords in 1996
• Uses a combination of
• Shorter password lengths brute-force and dictionary
are also easier to crack
techniques
 Modern Approaches
• Complex password policy
o Forcing users to pick stronger passwords

• However password-cracking techniques

have also improved
o The processing capacity available for password cracking has
increased dramatically
o The use of sophisticated algorithms to generate potential
passwords
o Studying examples and structures of actual passwords in use
• An analysis of the passwords used by over 25,000 students at a research
university with a complex password policy
• They used a database consisting of a collection of leaked password files,
including the RockYou file
• The graph shows the percentage of passwords that have been recovered as a
function of the number of guesses
• Over 10% of the passwords are recovered after only 1010 guesses. After 1013
guesses, almost 40% of the passwords are recovered
Password File Access Control
Can block offline guessing attacks by denying access to
encrypted passwords

Make
available
only to
Vulnerabilities
privileged
users

Weakness Accident Users with

Sniff
in the OS with same Access from
passwords
Shadow that allows permissions password backup
in network
password access to the making it on other media
traffic
file file readable systems
Password Selection Strategies
User education
Users can be told the importance of using hard to guess passwords and can be provided with guidelines for selecting strong passwords

Computer generated passwords

Users have trouble remembering them

Reactive password checking

System periodically runs its own password cracker to find guessable passwords

Complex password policy

User is allowed to select their own password, however the system Goal is to eliminate guessable passwords while allowing the user to
checks to see if the password is allowable, and if not, rejects it select a password that is memorable
 Proactive Password
Checking
• Rule enforcement
o Specific rules that passwords must adhere to

• Password checker
o Compile a large dictionary of passwords not to use

• Bloom filter
o Used to build a table based on hash values
o Check desired password against this table
 Types of Cards Used as Tokens
Card Type Defining Feature Example
Embossed Raised characters only, on Old credit card
front
Magnetic stripe Magnetic bar on back, characters on front Bank card
Memory Electronic memory inside Prepaid phone card
Smart Electronic memory and processor inside Biometric ID card
Contact Electrical contacts exposed on surface
Contactless Radio antenna embedded inside
 Memory Cards
• Can store but do not process data
• The most common is the magnetic stripe card
• Can include an internal electronic memory
• Can be used alone for physical access
o Hotel room
o ATM
• Provides significantly greater security when combined
with a password or PIN
• Drawbacks of memory cards include:
o Requires a special reader
o Loss of token
o User dissatisfaction
 Smart Tokens
• Physical characteristics:
o Include an embedded microprocessor
o A smart token that looks like a bank card
o Can look like calculators, keys, small portable objects
• User interface:
o Manual interfaces include a keypad and display
for human/token interaction
• Electronic interface
o A smart card or other token requires an electronic interface to
communicate with a compatible reader/writer
o Contact and contactless interfaces
• Authentication protocol:
o Classified into three categories:
• Static
• Dynamic password generator
• Challenge-response
 Smart Cards
• Most important category of smart token
o Has the appearance of a credit card
o Has an electronic interface
o May use any of the smart token protocols
• Contain:
o An entire microprocessor
• Processor
• Memory
• I/O ports
• Typically include three types of memory:
o Read-only memory (ROM)
• Stores data that does not change during the card’s life
o Electrically erasable programmable ROM (EEPROM)
• Holds application data and programs
o Random access memory (RAM)
• Holds temporary data generated when applications are executed
 Electronic Identity Cards
(eID)
Use of a smart card as a national Most advanced deployment is the
identity card for citizens German card neuer Personalausweis

Can serve the same purposes as other national Has human-readable data printed on its
ID cards, and similar cards such as a driver’s surface
license, for access to government and •Personal data
commercial services •Document number
•Card access number (CAN)
•Machine readable zone (MRZ)

Can provide stronger proof of identity and can

be used in a wider variety of applications

In effect, is a smart card that has been verified

by the national government as valid and
authentic
 Electronic
Functions
and Data
for
eID Cards

CAN = card access number

MRZ = machine readable zone
PACE = password authenticated connection establishment
PIN = personal identification number
 est
io n r equ
ticat
A u then
4. e
r eques
t
ex chang
N ocol eI D
5. PI pr ot ect
ca t ion r r edir server
nti lt f o
uthe r esu
7. A t ion
6. User enters PIN tica
Authen
8.

2. Se
r vice
1. User requests service r equ
3. R est
(e.g., via Web browser) edir
ect t
9. A o eI D
uthe mes
ntica sage
tion
10. S r esul
er vi t for
ce g war
r ant ded
ed

Host/application
server

Figure 3.7 User Authentication with eI D

 Password Authenticated
Connection Establishment (PACE)

For offline applications,

either the MRZ printed
on the back of the card
For online applications, or the six-digit card
access is established by access number (CAN)
the user entering the 6- printed on the front is
Ensures that the digit PIN (which should used
contactless RF chip in only be known to the
the eID card cannot be holder of the card)
read without explicit
access control
 Biometric Authentication
• Attempts to authenticate an individual based on
unique physical characteristics
• Based on pattern recognition
• Is technically complex and expensive when
compared to passwords and tokens
• Physical characteristics used include:
o Facial characteristics
o Fingerprints
o Hand geometry
o Retinal pattern
o Iris
o Signature
o Voice
Name (PI N)

Biometric Feature
sensor extractor Biometric
database

User interface
(a) Enrollment

Name (PI N)

Biometric Feature
sensor extractor Biometric
database

User interface Feature

true/false
matcher One template
(b) Verification

Biometric Feature
sensor extractor Biometric
database

User interface user's identity or Feature

"user unidentified" matcher N templates
(c) I dentification
 Probability
density function

decision
threshold (t)
imposter profile of
profile genuine user

false
nonmatch false
possible match
possible

average matching average matching M atching score (s)

value of imposter value of genuine user

Figure 3.10 Profiles of a Biometric Characteristic of an Imposter and an Authorized

Users In this depiction, the comparison between presented feature and a reference
feature is reduced to a single numeric value. If the input value ( s) is greater than a
preassigned threshold (t), a match is declared.
 100%

in
cr
ea
se
t hr
es
10% ho
ld
false nonmatch rate

in
se crea

de
d c
co ecr ur i sed

cr
ea
nv ea ty,

se
en sed

hrt
ien

de ecu ase nce

es
ce

cr r it d

ho
s e ie
ea y,

dl
in ven

se
co
c

d
n
1%

ne
e li
r at
rr or
al e
equ

0.1%
0.0001% 0.001% 0.01% 0.1% 1% 10% 100%
false match rate

Figure 3.11 I dealized Biometric M easurement

Operating Characteristic Curves (log-log scale)
 Face Fingerprint Voice Hand Iris
100%
false nonmatch rate

10%

1%

0.1%
0.0001% 0.001% 0.01% 0.1% 1% 10% 100%
false match rate

Figure 3.12 Actual Biometric Measurement Operating Characteristic Curves, reported

in [MANS01]. To clarify differences among systems, a log-log scale is used.
Remote User Authentication
• Authentication over a network, the Internet,
or a communications link is more complex
• Additional security threats such as:
o Eavesdropping, capturing a password,
replaying an authentication sequence that has
been observed

• Generally rely on some form of a challenge-

response protocol to counter threats
 Client Client
Host Host
U U
U, User U, User
r, random number r, random number
(r, h(), f()) h(), f(), functions (r, h(), f()) h(), f(), functions

P’ P’ W’
r’, return of r password to
f(r’, h(P’))
passcode via token
r’, return of r f(r’, h(W’))
if f(r’, h(P’)) =
f(r, h(P(U))) if f(r’, h(W’)) =
yes/no then yes else no f(r, h(W(U)))
yes/no then yes else no

(b) Protocol for a password

(b) Protocol for a token

Client Client
Host Host
U U
U, User U, User
r, random number r, random number
(r, E()) E(), function x, random sequence
challenge
(r, x, E())
B’ BT’ biometric E(), function
D‘ biometric device B’, x’ BS’(x’)
E(r’, D’, BT’) E(r’, BS’(x’))
r’, return of r r’, return of r
E–1E(r’, P’, BT’) = E–1E(r’, BS’(x’)) =
(r’, P’, BT’) (r’, BS’(x’))
if r’ = r AND D’ = D extract B’
AND BT’ = BT(U) from (r’, BS’(x’))
then yes else no if r’ = r AND x’ = x
yes/no
AND B’ = B(U)
yes/no then yes else no

(c) Protocol for static biometric (d) Protocol for dynamic biometric
 Attacks Authenticators Examples Typical defenses
Password Guessing, exhaustive Large entropy; limited
search attempts
Token Exhaustive search Large entropy; limited
Client attack attempts, theft of object
requires presence
Biometric False match Large entropy; limited
attempts Some Potential
Password Plaintext theft, Hashing; large entropy;
dictionary/exhaustive
search
protection of password
database
Attacks,
Host attack
Token Passcode theft Same as password; 1-time
passcode
Susceptible
Biometric Template theft Capture device
authentication; challenge
Authenticators,
Password "Shoulder surfing"
response
User diligence to keep
and
secret; administrator
diligence to quickly revoke Typical Defenses
compromised passwords;
multifactor authentication
Eavesdropping,
theft, and Token Theft, counterfeiting Multifactor authentication;
copying hardware tamper resistant/evident
token
Biometric Copying (spoofing) Copy detection at capture
biometric device and capture device
authentication
Password Replay stolen password Challenge-response
response protocol
Token Replay stolen passcode Challenge-response
response protocol; 1-time passcode
Replay
Biometric Replay stolen biometric Copy detection at capture
template response device and capture device
authentication via
challenge-response protocol
Password, token, Installation of rogue Authentication of client or
Trojan horse biometric client or capture device capture device within
trusted security perimeter
Denial of Password, token, Lockout by multiple Multifactor with token
service biometric failed authentications
 I ris I ris I ris
scanner scanner scanner

I ris workstation I ris workstation I ris workstation

LAN switch

I ris M erge
Remote

I ris
database

I ris Engine 1 I ris Engine 2

Network
switch

Figure 3.14 General I ris Scan Site Architecture for UAE System
 I ssuer
(e.g., bank)
I nternet EFT exchange
e.g., Star, VI SA

Processor
(e.g., Fidelity)
I ssuer-owned ATM

(a) Point-to-point connection to pr ocessor

Case Study:
I ssuer
ATM
(e.g., bank)
I nternet

Security
I ssuer's EFT exchange
internal network e.g., Star, VI SA

Processor
Problems
(e.g., Fidelity)
I ssuer-owned ATM

(b) Shared connection to pr ocessor

Figure 3.15 ATM Architectures. Most small to mid-sized issuers of debit

cards contract processors to provide core data processing and electronic
funds transfer (EFT) services. The bank's ATM machine may link
directly to the processor or to the bank.
 Eavesdropping
Adversary attempts to
learn the password by
some sort of attack that
Host Attacks
Denial-of-Service involves the physical
proximity of user and Directed at the user
Attempts to disable a adversary file at the host where
user authentication passwords, token
service by flooding the passcodes, or
service with numerous biometric templates
authentication are stored
attempts

Trojan Horse Replay

An application or
physical device Adversary repeats a
masquerades as an Client Attacks previously captured
authentic application Adversary attempts to user response
or device for the achieve user
purpose of capturing a authentication
user password, without access to the
passcode, or biometric remote host or the
intervening
communications path