Password Authentication Today

8/6/2019 Password Authentication Today

1/22

Password AuthenticationSchemes with Smart Cards

Wen-Her Yang and Shiuh-Pyng Shieh

Department of Computer Science

and Information Engineering, Collegeof Electrical Engineering

National Chiao Tung University, Hsinchu, Taiwan 30010


2/22

Introduction

In this paper, two password authentication

schemes with smart cards are proposed.

In the schemes, users can change their

passwords freely, and the remote system does

not need the directory of passwords or

verification tables to authenticate users.


3/22

Introduction

Once the secure network environment is set

up, authentication can be handled solely by

the two parties involved.

For a network without synchronized clocks,

the proposed nonce-based authentication

scheme is able to prevent malicious reply

attacks.


4/22

SecrecyandAuthentication

There are two basic requirements for network security:

SecrecyandAuthentication.

Secrecyprotects sensitive data against eavesdroppingand modification.

Authentication prevents forgery and unauthorized

network access. The common approach to provide

authenticity is the use of passwords (easy use andimplementation)


5/22

conventional password authentication

schemes:

user has an identifier (ID).

User has a secret password (PW).

If a user requests to enter a network system,

he must enter his ID and PW to pass the system

authentication.


6/22

Verification approaches

Directly store and maintain a directory of usersIDS and PWs in the network system.

Upon receipt of a users login request, thenetwork system searches the password directorytable to verify matches.

If they match, the user is regarded as anauthorized user and is permitted to enter thesystem


7/22

Verification approach-continue

Since the password is stored in plain-text form,this approach is clearly under the threat ofrevealing the password.

Many schemes often hash the password witha one way function and store the hash value,

instead of the plain password, in the directorytable.


8/22

Verification approach-continue 2

thus secrecy of passwords can be ensured

even if contents of the directory table aredisclosed.

But the system must protect the directory

table against intruders modification.

Otherwise, the directory table may be

replaced and users may be masqueraded.


9/22

Verification Approach-3

Several authentication protocols use a trustedthird party to ensure authentication andsecurity in an open network system, here

secret information, such as secret keys, mustbe stored in a directory table on theauthentication server.

Therefore, the attacks to the directory tablestill exist in these authentication systems.


10/22

Password Authentication Schemes

with Smart Cards

These schemes all adopt the concept of ID-based

signature scheme Password in conjunction with

smart cards. They have 3 advantages;

(1) Neither secret nor public keys need be exchanged,

(2) The public key directory table is not needed

(3) The assistance of a third party is not needed.


11/22

The first IDbased

signature scheme

used the well-known public-key encryption

algorithm RSA [Rivest78] with smart cards to

implement ID-based signature.

scheme enables communicating parties to

verify each others signature without

exchanging private or public keys.


12/22

ID-based scheme continued

secret key corresponding to an ID is fixed, andcannot be changed thus, a user with anassigned ID cannot choose his secret key by

himself. timestamps concept not employed, the

scheme is weak against the attack of replayingpreviously intercepted signature. (It is hencenot suitable for user authentication innetwork systems).


13/22

Chang and Wus scheme [Chang91]

A users password is generated by thepassword generation center, rather than bythe user himself.

However, users habit is to choose their ownpasswords. This approach is against usershabit and may not be accepted by many users.

Furthermore, the scheme suffers from thethreat of password leakage [Chang93].


14/22

Continued

Based on Elgamals signature [Elgama185] and Shamirs ID-based schemes, Wang and Chang include the concept oftimestamps in an improved authentication scheme[Wang96].

In the their scheme, however, replay attacks cannot beavoided completely and users identities may be forged. Alegitimate user can impersonate other users and pass thesystem authentication.

That is because the information about user identities is notincluded in the verification procedure of their scheme


15/22

continued

The remote system can only determine validity ofthe authentication message, but cannot identifywho really sent this message.

These schemes are all based on ID-basedschemes, they share the problem that a usercannot change his password after registration.

If a users password is compromised, they can nolonger use his current ID, but needs to apply for anew one.


16/22

Prepositions

Researchers proposed two new password authentication schemeswith smart cards.

The proposed schemes can resolve the security problems in theabove schemes.

Their method keeps the merits of ID-based schemes, buteliminates the weakness that users cannot change their passwords.

In the new schemes, a user can freely

choose and change his password at will without re-registering for anew ID.


17/22

Timestamp-Based Password

Authentication Scheme

In the proposed scheme, we assume the

existence of a trusted key information center

in the network to issue personalized smart

cards to users when joining the system.

The proposed timestamp-based password

authentication scheme can be divided into three

phases.


18/22

Timestamp-Based Password

Authentication Scheme

Registration Phase

the key information center sets up the authentication system andissues smart cards to the users who request registration.

login Phase ,

a user attaches his smart card to a terminal and keys in his identifier(ID) and password (PW). Then the terminal sends a login requestmessage to the remote host.

Verification Phase

the remote host verifies the correctness of submitted message and

determines whether the login request should be accepted or not.


19/22

Comparison to other schemes

Scheme allows users to freely change their

password, by submitting their card and newly

chosen password to the KIC over a secure

channel.

Critique

This manually done? Time it takes?


20/22

comparison

Can with stand problems found in other

schemes.

With time stamp T, attack of replayingpreviously intercepted messages is avoided.

Note that if system clocks are not well

synchronized, and transmission delay is long,

potential replay attack is possible, hence

another proposed scheme


21/22

Nonce based authentication scheme

Extended version of the time stamp basedscheme, T is replaced with N, to withstand thereplay attack..

Registration phase is the same

Login phase-after smart card sends messagewith ID and CID to request for login session,

remote host must verify validity of the 2 andevaluates a session nonce N if valid.

This is kept for future use..


22/22

critique

Why not use both nonce and Time stamp?

What if there is failure at generating therandom numbers?, entire system fails..

How to cope with this?

Must system check already generatednumbers?? Or once generated, will not be

used again, ever??

Password Authentication Today

Documents

Transcript of Password Authentication Today