1 number theory and advanced cryptography 9. authentication protocols chih-hung wang sept. 2011 part...
DESCRIPTION
3 Manipulation Detection CodeTRANSCRIPT
1
Number Theory and Advanced Cryptography 9. Authentication Protocols
Chih-Hung WangSept. 2011
Part I: Introduction to Number TheoryPart II: Advanced Cryptography
2
Basic Authentication Techniques Challenge-Response Mechanisms
3
Manipulation Detection Code
4
Applying Asymmetric Cryptographic Technique
Nonce Importance:
5
Standardization of the Challenge-Response Mechanism
Unilateral entity authentication
ISO Two-Pass Unilateral Authentication Protocol
6
Using a Cryptography Check Function (CCF)
7
ISO Public Key Two-Pass Unilateral Authentication Protocol
8
Timestamp Mechanism
9
Using MDC
10
Applying Asymmetric Cryptographic Techniques
11
Standardization of Timestamp Mechanism
ISO Symmetric Key One-Pass Unilateral Authentication Protocol
12
CCF & Public Key Techniques
13
Non-standard Mechanisms
14
Mutual Authentication
15
Wiener’s Attack
16
Involving Trusted Third PartyThe Woo-Lam Protocol
17
Password-based Authentication
18
Needham’s Password Protocol
19
A One-time Password Scheme
20
Attack of S/KEY: Man-in-the-Middle Attack
Page 371
21
Encrypted Key Exchange (EKE) (1)
Off-lineDictionaryAttack
22
Encrypted Key Exchange (EKE) (2)
23
Authenticated Key Exchange The Station-to-Station (STS) Protocol
Mutual Entity Authentication Mutually Authenticated Key Agreement Mutual Key Confirmation Perfect Forward Secrecy (PFS) *Anonymity (Deniability)
24
STS Protocol
25
A Flaw in a Simplified STS protocol (1)
26
A Flaw in a Simplified STS protocol (2)
27
A minor Flaw of the STS Protocol
Perfect denial of serviceattack
28
Typical Attacks on Authentication Protocols
Message Replay Attack (page 43,44)
29
Message Replay Attack
30
Parallel Session Attack (1)
31
Parallel Session Attack (2)
32
Reflection Attack
33
Attack Due to Type Flaw (1)
34
Attack Due to Type Flaw (2)
35
Attack Due to Name Omission
36
Attack Due to Misuse of Cryptographic Services Attack due to absence of data-integrity
protection Confidentiality failure due to absence of
“semantic security” protection
37
A Minor Variation of the Otway-Rees Protocol
38
An Attack
39
Authentication Protocols for Internet Security
Internet Protocol Security (IPSec)
40
Confidentiality Protection in IPSec Encapsulating Security Payload (ESP)
41
The Internet Key Exchange (IKE) Protocol (1)
42
The Internet Key Exchange (IKE) Protocol (2)
43
Authentication Failure
44
Signature-based IKE Phase 1 Aggressive Mode
45
A Plausible Deniability Feature in IKE
Plausible Deniability:Permit an entity to deny “plausibly” the existence of a connection with aCommunication partner
46
The Secure Shell (SSH) Remote Login Protocol (1) The SSH Architecture
The SSH Transport Layer Protocol Unilaterally authenticated secure channel from the
server to the client The SSH User Authentication Protocol
Unilateral authentication protocols to achieve entity authentication from a client-side user to the server
The SSH Connection protocol
47
The Secure Shell (SSH) Remote Login Protocol (2)
48
The Secure Shell (SSH) Remote Login Protocol (3)
49
The Secure Shell (SSH) Remote Login Protocol (4)