User authentication

Question 1

Identification

Answer 1

Correctly identifying a user or entity
How a user claims identity to the system

(User authentication) Establishing the validity of the claim
Digital User Auth (NIST SP-800) establish confidence in user identities that are presented electronically to an information system.

-> base for access control and user accountability
-> ensuring authenticity lets admins to set permissions and audit a users activity

Question 2

NIST 800-63 Guideline

Answer 2

Enrollment and Identity Proofing
IAL1: No requirement to a specific real-life identity. Any attributes +authentication process are self-asserted.
IAL2: Supports real-world existence, claimed identify and verifies applicant is associated with real-world identity. Adds remote or physical identity proofing
IAL3: Physical presence for identity proofing.

Question 3

Authentication Architectural Model

Answer 3

1. An applicant applies to a registration authority (RA) to become a subscriber of a credential service provider (CSP).
   RA is a trusted entity vouches identity to the CSP.
2. CSP engages in an exchange with the subscriber
   CSP issues electronic credential to the subscriber
   credential is a data structure that authoritateively binds an identity and added attributes to a token possessed by the subscriber and can be verified when presented in an authentication transaction.
   It could be an encryption key or password
   Token can be issued by CSP, generated by subscriber or provided by third party
3. User is registered.
   =Authentication process=
4. The claimant want to be authenticated by a verifier through an authentication protocol showing the veryfying token
5. Verifier confirms with CSP that claimant is the subscriber present in credentials
6. Verifier passes on an assertion about the identity of the subscriber to the RP.
   Includes identity information about a subscriber, name, and id or other attributes.
7. RP uses authenticated information to make access control or authorization decisions

It must prevent impersonation and uncontrolled transferability

Question 4

Means of Authentication

Answer 4

Something the individual knows: password, PIN, answers to questions
Something the individual possessess: keycards, smart cards physical keys (token)
Something the individual is (static biometric): fingerprint, retina, face
Something the individual is (dynamic biometric): voice pattern, handwriting characteristics, typing rythm.

Question 5

Multifactor authentication

Answer 5

Using a combination of more than one means of authentication
The strength increases based on the n number of means combined

Question 6

NIST 800-63 - Assurance Level

Answer 6

Degree of confidence in vetting process + degree of confidence claimant is subscriber

L1: Little or no confidence -> credentials provided
L2: Some confidence -> credentials through a secured channel
L3: High confidence -> restricted services high value, 2 ind authentication techniques
L4: Very high confidence -> restricted services highest value, MFA and in-person registration

Impact: low, moderate and high
Risk: low, moderate and high

Question 7

Potential Impact Categories for Authentication

Answer 7

• Incovenience, distress, or damage to standing or reputation
• Financial loss or org. liability
• Harm to org programs or interests
• Unauth release of sensitive information
• Personal safety
• Civil or criminal violations

If low -> L1, 2 or 3 for harm, unauth release of information and personal safety
If Mod -> L2 or L3, L4 if it’s personal safety
if High -> L4 assurance level

Question 8

Password-Based authentication

Answer 8

claimant provides ID + password
- has access to system
- has certain privileges
- Discretionary Access Control

Question 9

Password Auth - Attack - Offline Dictionary

Answer 9

If password is saved as a one-way hash in DB

Attack:
attacker bypasses controls and checks hashes against DB

Countermeasure:
- Controls to prevent unauth access
- Intrusion detection to identify a compromise
- Rapid reissuance of passwords

Question 10

Password Auth - Attack - Specific Account / Guessing against single user

Answer 10

Attack:
attacker targets an account and tries to guess its password. (of a single user by using information retrieved)

Countermeasures:
- Lockout mechanism after a number of failed login. Up to 5 intents

Countermeasures (Single user):
- User training in password creation, and length of time until password change

Question 11

Password Auth - Attack - Popular Password

Answer 11

Attack:
attacker uses popular password to guess against a list of IDs

Countermeasures:
- Inhibit common passwords
- Scan IPs of authentication requests and client cookies for submission patterns

Question 12

Password Auth - Attack - Workstation Hijacking

Answer 12

Attack:
Logged-in workstation unattended

Countermeasure:
- Automatically lock workstation after period of inactivity
- Intrusion detection schemes changes in user behavior

Question 13

Password Auth - Attack - Exploiting user mistakes

Answer 13

Attack:
Users might:
- write down the password
- share it without security controls
- use a default system password
- give it in a social engineering attack

Countermeasures:
- User training
- Intrusion detection
- Simpler passwords with other auth mechanism

Question 14

Password Auth - Attack - Exploiting multiple password use

Answer 14

Attack:
Password shared through different devices in a network increases attack surface

Countermeasures:
Policy that forbids reusing same password for different devices

Question 15

Password Auth - Attack - Electronic Monitoring

Answer 15

Attack:
Password sent through network is vulnerable to eavesdropping

Countermeasure:
Advanced encryption

Question 16

Using hash passwords

Answer 16

user selects or is assigned a password, the password is combine with a fixed-length salt value and stored. The salt value is generated using Pseudorandom or Random Number Generation.

Def: hash function h(x) =z, z is called digest
It is one way if it is unfeasible to compute z’s preimage. I.e. h’(z) = x

Prevents:
Two duplicate passwords to have same hash
Increases offline dictionary attacks complexity by 2^b where b = len(salt)
It becomes almost impossible to find multiple password use

UNIX password scheme is vulnerable to brute-force attacks

UNIX
crypt(3):DES
12-bit salt. crypt3([0..]) output is input for next round (25 rounds) # 64 bit zeros
Final 64 -> 11 char seq
- Discourages guessing attacks
- Widely used but vulnerable to supercomputers

MD5
salt up to 48 bits -> 128-bit hash value. Slower than crypt(3) 1000 iterations

Bcrypt:Blowfith symmetric block cipher
passwords up to 55 chars, random salt of 128 bits -> 192 bit hash. Higher cost increases calculation and can be assigned to privileged users

Question 17

Password cracking

Answer 17

dictionary attack
use precomputation (trade space for time) -> rainbow table
Markov modeling techniques to reduce size of the password space
Probabilistic context-free grammar for password cracking

Harden the password file access control
use a shadow password file (separate file from user IDs) with privilege assigned to only certain users

Question 18

Password Selection Strategies

Answer 18

User education -> hard with large user base or high turnover
Computer generated -> hard to accept/remember, generate sequence of pronounceable syllables and concatenate them
Reactive password checking -> run a system check on all guessable passwords, cancel any that don’t conform and notify user. Impractical due to resources and cost
Complex password policy/proactive pwd checker. System checks if password is allowed. Balance between user acceptability and strength

Question 19

NIST SP 800-63-2 - Proactive password checking

Answer 19

Passwords must:
have at least 16 characters (basic16)
have at least 8 characters w/ uppercase + lowercase letter, symbol and a digit. Not a dictionary word (comprehensive8)

basic16 superior vs large number of guesses and easier for users. Better policy

Use dictionary of disallowed passwords

Question 20

Bloom Filter @review

Answer 20

Rejecting words based on a list.
A bloom filter of order k consists of a set of k ind hash functions where each function maps a pwd into a hash value in the range 0 to N-1

S = {H_1(x),…,H_k(x)}
H_i(x_j) = y, 1<=i<=k; 1<=j<=D; 0 <= y <= N-1 and D = |X|. x_j in X (word in pwd dict)

Hash table of N bits is initialized to 0
For each password, its k hash values are calculated, and bits set to 1
If at least one bit is 1 for a new password it is rejected

Increasing the number of hash functions reduces the probability of having false positives when checking with the bloom filter

Question 21

Token-Based Authentication - Memory cards

Answer 21

Memory Cards (bank cards back magnetic stripe)

For authentication, provides memory cards plus password (PIN)
Must gain physical possession plus knowing the PIN
Drawbacks (NIST SP 800-12):
- Requires special reader. maintain sec of reader’s HW and SW
- Token loss. System access is lost momentarily, cost in replacement and if found only PIN needs to be guessed
- User dissatisfaction. Use may be deemed inconvenient in some places

Question 22

Token-Based Auth - Smart Cards

Answer 22

Smart cards (has embedded microprocessor)

• Physical -> look like calculators, keys, portable objects, bank cards
• UI -> keypad and display
• EI ->
  Contact interface through a physical contact plate for transmission of commands, data and status
  Contactless close proximity to reader. both reader/writer have antenna and communicate through radio frequencies. Range 1/2 to 3 inch building entry and payment

Auth Protocols
Static auth -> user auth to token and token to computer
Dynamic pwd gen -> generates a pwd periodically, used to auth into computer. Must have sync with computer to know token has latest password

Challenge-response -> computer gen challenge, token gen response based on challenge.
Public-key crypto, token encrypt challenge with token’s private key

Contain:
Microprocessor + (co-processing cryptographic circuit)
I/O ports exposed electrical contacts or embedded antenna for wireless comm
Read-only memory -> static data, card number and user’s name
Electrically erasable programmable ROM (EEPORM) -> application data and programs, protocols to execute, dynamic data (remaining talk time in telephone card)
RAM -> temporary data generated when apps execute

Question 23

Token-based Auth - eID

Answer 23

Electronic Identity Cards

Provided by governments used to provide stronger proof of identify

Contains:
Personal data -> name DOB address
Doc Number
Card access number: 6 digit deicmal random number as password
Machine readable Zone (MRZ) may also be used as a password

Functions:
ePass -> (gov use) stores a digital representation of the cardholder’s identity (offline - passport control checkpoint)
eID -> (gov/comm use) stores an identity record that auth service can access with cardholders permission. Citizen chooses (validate possessor is actual legitimate cardholder)
eSign -> gen digital signature with a private key and a certificate provided by a private sector Trust Center

Question 24

Biometric Authentication

Answer 24

Facial -> relative location and shape of key facial features or face thermogram with underlying cascular system
Fingerprints -> pattern of ridges and furrows on the surface. Automated recognition extracts features as a numerical surrogate
Hand geometry -> features of the hand, shape, length and width of fingers
Retinal pattern -> veins beneath the retinal surface is unique (projects low-intensity beam of visual or infrared)
Iris -> detailed structure
Signature -> handwriting, hard because multiple samples are not identical
Voice -> voice patterns, hard because pattern changes over time

Each user needs to be enrolled,
All numeric values taken from the features (feature extractor) are called the user’s template.
Verification -> feature + PIN -> template == feature (feature matcher)
Identification -> feature -> is present in DB? (feature matcher)

Question 25

Remote-based Authentication

Answer 25

Challenge-reponse, See written notes between

All initiate with user asking for challenge and host returning a nonce.

Password Protocol
Token Protocol
Biometric (Static or Dynamic) Protocol

Question 26

Security issues for user auth - Attacks

Answer 26

Client
password -> guessing, exhaustive search <- large entropy; limited attempts
token -> exhaustive search <- large entropy; lim attempts; theft requires presence
biometric -> false match <- large entropy; lim attempts

Host
password -> plaintext theft, dict or exha search <- hashing; large ent; protection of pwd db
token -> passcode theft <- 1 time passcode
biometric -> template theft <- capture device auth; challenge response

Eavesdropping, theft copying
password -> shoulder surfing <- user diligence; admin diligence to revoke compromised; MFA auth
token -> theft, counterfeiting HW <- MFA auth; tamper resistant/evident token
Biometric -> copying (spoofing) biometric <- copy detection at capture device and capture device auth

Replay
pwd -> replay stolen pwd <- challenge-response
token -> replay solten passcode <- challenge-response; 1 time passcode
biometric -> replay stolen biometric template <- copy detection at capture device and capture device auth via challenge-response protocol

Trojan horse
all -> installation of rogue client or capture device <- auth of client or capture device within trusted sec perimeter

DDoS
all -> lockout by multiple failed auths <- MFA w/ token