![Page 1: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/1.jpg)
1
Lect. 20. Identification
![Page 2: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/2.jpg)
2
Entity Authentication (Identification)
• Over the communication network, one party, Alice, shows to
another party, Bob, that she is the real Alice.
• Authenticate an entity by presenting some identification in-formation
• Should be secure against various attacks
• Through an interactive protocols using secret information
Message Authentication • Show that a message was generated by an entity • Using digital signature or MAC
Authentication
![Page 3: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/3.jpg)
3
Using Something Known
• Password, PIN
Using Something Possessed
• IC card, Hardware token
Using Something Inherent
• Biometrics
Approach for Identification
![Page 4: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/4.jpg)
4
Approach for Identification
Method Examples Reliability Security Cost
What youRemember
(know)
PasswordTelephone #
Reg. #M/L
M (theft)L (imperso-
nation)Cheap
What you have
Registered SealMagnetic Card
IC CardM
L (theft)M (imperso-
nation)
Reason-able
What you are
Bio-metric (Fingerprint,
Eye, DNA, face,Voice, etc)
HH (theft)
H (Imperso- nation)
Expen-sive
![Page 5: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/5.jpg)
5
Password-based scheme (weak authentication) – crypt passwd under UNIX– one-time password
Challenge-Response scheme (strong authentication)– Symmetric cryptosystem– MAC (keyed-hash) function– Asymmetric cryptosystem
Using Cryptographic Protocols– Fiat-Shamir identification protocol– Schnorr identification protocol, etc
Approach for Identification
![Page 6: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/6.jpg)
6
passwd, Apasswd table
A h(passwd)
Prover Verifier
passwd h =
A
yaccept
n
reject
Identification by Password
Sniffing attack Replay attack - Static password
![Page 7: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/7.jpg)
7
1. login ID
2. N
4. XN
clientclient
Hash function f()pass-phrase S
Initial Setup
3. compute fN(S) = XN
HostHost
computef(S), f(f(S)),....,X1,X2,X3, ...,XN
store XN+1
Hash function f()pass-phrase S
5. compute f(XN) = XN+1
6. compare
7. store
S/Key (One-Time Password System)
![Page 8: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/8.jpg)
8
Identification using Biometric Trails
![Page 9: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/9.jpg)
9
Biometric Recognition System
![Page 10: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/10.jpg)
10
Fake Fingerprint
![Page 11: 1 Lect. 20. Identification. 2 Entity Authentication (Identification) Over the communication network, one party, Alice, shows to another party, Bob,](https://reader036.vdocuments.mx/reader036/viewer/2022070401/56649f1e5503460f94c360f4/html5/thumbnails/11.jpg)
11
Applications