lecture 14 –passwords and authentication...lecture 14 –passwords and authentication stephen...
Post on 24-Sep-2020
6 Views
Preview:
TRANSCRIPT
Lecture14– PasswordsandAuthentication
StephenCheckowayUniversityofIllinoisatChicago
CS487– Fall2017SlidesbasedonBailey’sECE422
MajorPortionsCourtesyRyanCunningham
AUTHENTICATION
AuthenticationBasics
• Authenticationbindsidentitytoasubject• Twostepprocess– Identification- establishidentitytosystem– Verification- processverifiesandbindsentityandidentity
PASSWORDAUTHENTICATION
Basics
• Userkeepsasecretstring(password)• Somethingtheuserknows• Advantages?• Disadvantages?
Attacks• Stealfromtheuser– Installakeylogger (hardwareorsoftware)– Finditwrittendown– Socialengineering/Phishing– Interceptthepasswordovernetwork– Useasidechannel
• Stealfromtheservice– Installmalwareonthewebserver– DumpthepassworddatabasewithSQLinjection
• Stealfromathirdparty(passwordreuse)
PasswordGuessing
http://www.datagenetics.com/blog/september32012/
Top20Passwords(MarkBurnett)1. password, 320272. 123456, 259693. 12345678, 86674. 1234, 57865. qwerty, 54556. 12345, 45237. dragon, 43218. pussy, 39459. baseball, 373910. football, 3682
11. letmein, 353612. monkey, 348713. 696969, 334514. abc123, 331015. mustang, 328916. michael, 324917. shadow, 320918. master, 318219. jennifer, 258120. 111111, 2570
https://xato.net/10-000-top-passwords-6d6380716fe0#.lo0geeq99
PowerLaw
http://www.philippeadjiman.com/blog/2009/10/26/drawing-the-long-tail-of-a-zipf-law-using-gnuplot-java-and-moby-dick/
SecurePasswords
• Unevendistributionmakesguessingeasier• Passwordsshouldbeuniformlydistributed– Allcharactersinpasswordchosenwithequalprobability
• Passwordsshouldbelong– Longerpassword=largerbruteforcesearchspace
• Passwordsshouldneverbereused• Passwordschosenrandomlyaredifficulttoremember– Tradeoffofsecurityvs.convenience
STORINGPASSWORDS
Slide12
StoringPasswords
• Passworddatabaseishighlysensitive• Weshouldnever storeplaintext passwords• Storesomethingthatletsuserprovetheyknowthepassword
Hashfunctions(morelater)
• Input– dataofanarbitrarysize• Output– fixedlength• Sameinputalwaysproducesthesameoutput• Onewayfunction– cannotdeduceinputfromoutput• A“fingerprint”fortheinput• Examples:MD5,SHA-1,SHA-256,SHA-512,SHA-3– md5("welcome")= 40be4e59b9a2a2b5dffb918c0e86b3d7
• Noneoftheseshouldbeuseddirectlyusedforpasswordhashing
Noncryptographic hashfunctions(andmore)
• Cyclicredundancychecks(CRC)– CRC-16,CRC-32,etc.– Basedonpolynomials,manyvariants
• Checksums– sum-8,sum-16,Adler-32,Luhn algorithm,etc.
• Noncryptographic hashfunctions– FNV-1,Berstein hash(djb2),Java’shashCode()
• Noneoftheseshouldbeusedusedforpasswordhashing
PasswordHashes
• Westoreadatabaseofpasswordhashes• e.g.,/etc/shadowonUNIXrcunnin2:$6$vb1tLY1qiY$M.1ZCqKtJBxBtZm1gRi8Bbkn39KU0YJW1cuMFzTRANcNKFKR4RmAQVk4rqQQCkaJT6wXqjUkFcA/qNxLyqW.U/:15405:0:99999:7::
PasswordCracking
• Bruteforcesearchthroughallpossiblepasswordsinorder• Useadictionary• Useadictionaryofcommonpasswords• Combinedictionarywithcommonpasswordsandheuristics(e.g.p@$$w0rdandpassword123)
• Usestatisticalmodelsofuserpasswords• Easytoparallelize:hashpasswordguess,comparetoentirehashdatabase
• CommonlydonewitharraysofGPUs
RainbowTables
• Manypasswordsarecommon• Precomputetheminalookuptable• Time/spacetradeoff
SaltingPasswordDatabase
• Generateandstorearandomnumber,thesaltforeachpassword• Concatenatepasswordandsalttocomputehash• Effectivelyauniquehashfunctionforeachpassword
p@$$w3rd 1517
zDMovrtf$Vdy63ipRgRAeKHvDIQP3F0
Hash
PasswordSecurityPolicies• Educateusersaboutpasswordsecurity– Specificallytrainthemtousegoodpasswords– Buttheymightormightnotfollowthrough
• Generatepasswordsrandomly– Perfectuniformdistribution– Butnotverypsychologicallyacceptable
• Reactivepasswordchecking– Crackyourownuser’spasswords– Butexpensiveandpasswordsvulnerableuntilcracked
• Complexpasswordpolicy/proactivechecking
ComplexPasswordPolicy/ProactiveChecking
• Lettheuserselecttheirownpassword• Forcethemtofollowapolicy• Rejectpasswordsthatdon’tfollowpolicy• But…– Technicallyreduces numberofpossiblepasswords– Policymightnotbepsychologicallyacceptable–Wedon’tknowifusersarereusingtheirpasswords
SecurityQuestions
• Arealsoasharedsecret• BruceSchneier callsthem“abackuppassword”• Easiertoguessandsocialengineer• Somecannotbechanged• Somewebsiteshaveafixedsetofanswers!
Breacheshappen
• Databasesofusernamesandpasswordsareexposed• https://haveibeenpwned.com/ß Usethis!
RECENTPASSWORDSOLUTIONS
PasswordManagers• Applicationthatgeneratesandmaintainspasswords• Examples:LastPass,KeePass,DashLane,1Password• Advantages:– Canhandlerandompasswords– Cancreateuniquepasswordsforeverywebsiteandservice
• Disadvantages– Onepointoffailure– Requiresastrongpassword(couldbesnooped)– Couldbehacked(onlyassecureasthepasswordmanager)– Inconvenient(doesn’tworkforsomesites,setuptime,etc.)
OnePointofFailure…
SingleSign-On(SSO)
• Logintotrusted3rdparty(identityprovider),whovouchesforuseridentity
• Examples:FacebookConnect,OAuth,OpenID• ProsandconssimilartoPasswordManagers• Thirdpartycantrackusers…
TOKEN-BASEDAUTHENTICATION
Basics
• Somethingtheuserhas• Staticmemorycards– Readonly– e.g.ATMcard/CreditCard– Vulnerabletoreplayattack
• Smartcard– Storageandcomputation– Enableschallenge-responseorone-timepassword– Protectsagainstreplayattack
Challenge-Response
One-timepassword(OTP)
• Smartcardcanalsoimplementone-timepasswordscheme• S/Keyisonesuchscheme:– Startwitharandomseed– Hashthecurrentseedtoproducethenext– Usethehashoutputsinreverseorder
• Time-basedone-timepassword(TOTP)• Vulnerabletoman-in-the-middle(MitM)
Universalsecondfactor(U2F)
• AddressesOTP’sweaknesstoMitM
• Website’soriginiscryptographicallyboundtotheresponse(notdisplayedinthediagram)
https://developers.yubico.com/U2F/Libraries/Using_a_library.html
Disadvantages
• Tokencanbelost,stolen,orcounterfeited• Requiresanindividualphysicaltoken• Requiresanextrastep(mildlyinconvenient)• Hardwarecanbeexpensive…– …butusuallyisn’t– $18forU2FkeyfromYubico– Google,Facebook,andYubico wereallgivingtheseawayatarecentconferenceIattended
BIOMETRICAUTHENTICATION
Biometrics
• Somethingtheuseris ordoes• Deriveasignaturefrombiologicalfeaturesofuser– Voice,fingerprint,face,retina,handwriting,gait
• Advantages?• Disadvantages?
Disadvantages
• Imprecisemeasurementsrequireapproximatematching– Essentiallyamachinelearningtask– Falsenegativesandfalsepositiveshaveacost
• Measurementschangeovertime• Pooraccessibility• Cannotbereplacedorconcealed• Replayattacks/spoofingpossible• Canbelegallycompelledtoprovidebiometrics
OPMBreach
FacialRecognition
OTHERSCHEMES
2FactorAuthentication(2FA)
• SomethingyouhaveANDsomethingyouknow• Eitherfactorisuselesswithouttheother• ChipandPIN• CommonlyimplementedinmobilephonesviaSMS– Disadvantages:
• ONEdevice(ifhacked)• SMSiseasytoredirect• ONEpointoffailureforSE(phonecompany)
• Googleauthenticator,DuoMobile,Authy,Yubico Authenticator• OTPtokens(e.g.,TOTP),U2Fkeys
MultifactorAuthentication
• Nextlevel2FA• Combinationofbiometrics,knowledge,andpossession
BehaviorProfiling
• Trackaccessbehaviorofusers– Systemsused– Timesandlocationswhenactive– Typicalusage
• Lookforanomalousorfraudulentbehavior• “WhyisthisguywhowasinIowa2minutesagologginginfromNigeria?”
• Usedinfraudprevention
top related