Computer Security:

Principles and Practice

Chapter 3 – User Authentication

First Edition
by William Stallings and Lawrie Brown

Lecture slides by Lawrie Brown

User Authentication
• fundamental security building block
• basis of access control & user accountability
• is the process of verifying an identity claimed by or for
a system entity
• has two steps:
• identification - specify identifier (User ID)
• verification - bind entity (person) and identifier (Generating
Authentication Information)
• distinct from message authentication
• is between two communicating parties
• Proves that a message has not been altered and its source is
authentic.
 User Authentication
• In most computer security contexts, user authentication is the
fundamental building block and the first line of defense. User
authentication is the basis of most types of access control and for user
accountability. It can be defined as
• “The process of verifying an identity claimed by or for a system entity.
An authentication process consists of two steps:
• Identification step: Presenting an identifier to the security system.
(Identifiers should be assigned carefully, because authenticated identities
are the basis for other security services, such as access control service.)
• Verification step: Presenting or generating authentication information
that corroborates the binding between the entity and the identifier.”
• In essence, identification is the means by which a user provides a claimed
identity to the system; user authentication is the means of establishing the
validity of the claim.
• Note that user authentication is distinct from message authentication.
 Means of User Authentication
• There are four general means of authenticating a user's identity, which can be used
alone or in combination:
• Something the individual knows: Examples includes a password, a personal
identification number (PIN), or answers to a prearranged set of questions.
• Something the individual possesses: Examples include electronic keycards, smart
cards, and physical keys. This type of authenticator is referred to as a token.
• Something the individual is (static biometrics): Examples include recognition by
fingerprint, retina, and face.
• Something the individual does (dynamic biometrics): Examples include
recognition by voice pattern, handwriting characteristics, and typing rhythm.
• All of these methods, properly implemented and used, can provide secure user
authentication. However, each method has problems. An adversary may be able to
guess or steal a password. Similarly, an adversary may be able to forget or steal a
token. A user may forget a password or lose a token.
• Further, there is a significant administrative overhead for managing password and
token information on systems and securing such information on systems. With
respect to biometric authenticators, there are a variety of problems, including
dealing with false positives and false negatives, user acceptance, cost, and
convenience.
 Password Authentication
• The front line of defense against intruders is the password system.
• Widely used user authentication method.
• user provides name/login and password.
• system compares password with that saved (System Password File) for
specified login.
• ID provides security in the following ways:
• That the user is authorized to access system.
• Determines the user’s privileges, i.e. Administrator, guest.
Typically, System Password file is indexed by User ID, and passwords
are stored using one-way hash function.
Password Authentication
• The front line of defense against intruders is the password system.
Virtually all multiuser systems require that a user provide not only a
name or identifier (ID) but also a password. The system compares the
password to a previously stored password for that user ID, maintained
in a system password file.
• The password serves to authenticate the ID of the individual logging
on to the system. In turn, the ID determines whether the user is
authorized to gain access to a system, the privileges accorded to the
user, and is used to determine discretionary access controls.
 Password Vulnerabilities
• Offline dictionary attack
• A determined hacker may bypass access controls and gain access to
the system password file.
• The attacker then compares the password hashes against hashes of
commonly used passwords.
• Countermeasures:
• Prevent unauthorized access to the password file.
• Intrusion Detection System to identify a compromise.
• Rapid reissuance of passwords when compromised.
 Password Vulnerabilities
We can identify the following attack strategies and countermeasures:
• Offline dictionary attack: A determined hacker may bypass access controls
and gain access to the system password file. The attacker then compares the
password hashes against hashes of commonly used passwords.
• Specific account attack: The attacker targets a specific account and submits
password guesses until the correct password is discovered.
• Popular password attack: The attacker chooses a popular password and try
it against a wide range of user IDs.
• Password guessing against single user: The attacker attempts to gain
knowledge about the account holder and system password policies and uses
that knowledge to guess the password.
• Workstation hacking; The attacker waits until a logged-in workstation is
unattended.
• Exploiting user mistakes: If the system assigns a password, then the user is
more likely to write it down because it is difficult to remember.
• Exploiting multiple password use. When different network devices share
the same or a similar password for a given user.
• Electronic monitoring: If a password is communicated across a network to
log on to a remote system, it is vulnerable to eavesdropping.
Cont.
• specific account attack
• The attacker targets a specific account and submits password
guesses until the correct password is discovered.
• Countermeasures:
• Account lockout mechanism after a number of failed attempts.
• popular password attack
• The attacker chooses a popular password and try it against a
wide range of user IDs.
• Based on the assumption that users tend to use passwords
that is easily remembered.
• Countermeasures:
• Policies that inhibit of using common passwords.
• Scan the IP addresses of authentication requests.
Cont.
• Password guessing against single user
• The attacker attempts to gain knowledge about the account holder and system
password policies and uses that knowledge to guess the password.
• Countermeasures:
• Enforcement of password policies that make passwords difficult to
guess. i.e. minimum length, character set and length of time before
passwords must be changed.
• electronic monitoring
• If a password is communicated across a network to log on to a remote system, it
is vulnerable to eavesdropping.
• Countermeasures:
• Use strong encryption methods.
 Use of Hash Passwords
• A widely used password security technique is the use of hashed
passwords and a salt value.
• To load a new password into the system:
• The user selects or is assigned a password.
• This password is combined with a fixed-length salt value, which is a random
number.
• The password and salt serve as inputs to a hashing algorithm to produce a
fixed-length hash code.
• The hashed password is then stored, together with a plaintext copy of the salt,
in the password file for the corresponding user ID.
• To login into the system:
• the user provides an ID and a password.
• The operating system uses the ID to index into the password file and retrieve
the plaintext salt and the hashed password.
• The salt and user-supplied password are used as input to the hash function.
• If the result matches the stored value, the password is accepted.
Use of Hash Passwords
• A widely used password security technique is the use of hashed passwords and a
salt value. This scheme is found on virtually all UNIX variants as well as on a
number of other operating systems. To load a new password into the system, the
user selects or is assigned a password. This password is combined with a fixed-
length salt value (so the same user password can create multiple hash values,
depending on which salt is used. to make attacks harder). In older
implementations, the salt is related to the time the password is assigned to the
user. Newer implementations use a pseudorandom or random number. The
password and salt serve as inputs to a hashing algorithm to produce a fixed-length
hash code. The hash algorithm is designed to be slow to execute to thwart attacks.
The hashed password is then stored, together with a plaintext copy of the salt, in
the password file for the corresponding user ID. The hashed-password method
has been shown to be secure against a variety of cryptanalytic attacks. When a
user attempts to log on to a system, the user provides an ID and a password. The
operating system uses the ID to index into the password file and retrieve the
plaintext salt and the encrypted password. The salt and user-supplied password
are used as input to the encryption routine. If the result matches the stored value,
the password is accepted.
• There are two threats to this password scheme. First, a user can gain access on a
machine using a guest account or by some other means and then run a password
guessing program, called a password cracker, on that machine. In addition, if an
opponent is able to obtain a copy of the password file, then a cracker program can
be run on another machine at leisure. This enables the opponent to run through
millions of possible passwords in a reasonable period.
 Hash code

Hash
Function

Use of Hashed
Passwords Hash code

Hash
Function
Cont.

• The Salt serves three purposes:

• It prevent duplicate passwords from being visible in the password file.
• It greatly increases the difficulty of offline dictionary attacks by 2 b, where b is the
number of bits of a salt.
• It becomes difficult to find out whether a person with passwords on two or more
systems has used the same password on all of them.
Password Choices
• Users may pick short passwords
• The results of one study on 7000 accounts at Purdue
University showed that 3% were 3 chars or less,
easily guessed.
• To solve this, a system can reject choices that
are too short.
• Users may pick guessable passwords
• so crackers use lists of likely passwords.
• e.g. one study of 14000 hashed passwords.
guessed nearly 1/4 of them.
• The test involved about 3 million words(common
passwords and their variants).
• The time to hash all these words for all possible
salt values is under an hour.
• A thorough search could produce a success rate
of about 25%
Password File Access Control
• can block offline guessing attacks by denying access to encrypted
passwords
• make available only to privileged users
• often using a separate shadow password file, the hashed passwords are kept in a
separate file from the user IDs, referred to as a shadow password file.
• still have vulnerabilities
• exploit O/S bug
• accident with permissions making it readable
• users with same password on other systems
• access from unprotected backup media
• sniff passwords in unprotected network traffic
• One way to thwart a password attack is to deny the opponent access
to the password file. If the hashed password portion of the file is
accessible only by a privileged user, then the opponent cannot read it
without already knowing the password of a privileged user. Often, the
hashed passwords are kept in a separate file from the user IDs,
referred to as a shadow password file. Special attention is paid to
making the shadow password file protected from unauthorized access.
Although password file protection is certainly worthwhile, there
remain vulnerabilities: a hacker may be able to exploit a software
vulnerability in the operating system to bypass the access control
system long enough to extract the password file; an accident of
protection might render the password file readable; some users may
use the same password on other less protected or compromised
machines; a lack of or weakness in physical security (e.g. of backups)
may provide opportunities for a hacker to access a copy of the file;
passwords may be captured by sniffing network traffic.
Using Better Passwords
• clearly have problems with passwords
• goal to eliminate guessable passwords
• whilst still easy for user to remember
• techniques:
• user education
• computer-generated passwords
• reactive password checking: where the system periodically runs its own
password cracker to find guessable passwords. The system cancels any
passwords that are guessed and notifies the user. Can be costly in
resources to implement.
• proactive password checking: where user selects own password which the
system then checks to see if it is allowable and, if not, rejects it. It must
strike a balance between user acceptability and strength. Likely the best
solution.
• The lesson from is that, when not constrained, many users choose a password that is too
short or too easy to guess. At the other extreme, if users are assigned passwords consisting
of eight randomly selected printable characters, password cracking is effectively impossible.
But it would be almost as impossible for most users to remember their passwords.
Fortunately, even if we limit the password universe to strings of characters that are
reasonably memorable, the size of the universe is still too large to permit practical cracking.
Our goal, then, is to eliminate guessable passwords while allowing the user to select a
password that is memorable. Four basic techniques are in use:
•
• • User education - Users can be told the importance of using hard-to-guess passwords and
can be provided with guidelines for selecting strong passwords. Can be problematic when
have a large user population or a lot of turnover, and because many users will simply ignore
the guidelines.
• • Computer-generated passwords - have a history of poor acceptance by users, if random in
nature, users will not remember them, if pronounceable, the user may still be tempted to
write it down.
• • Reactive password checking - where the system periodically runs its own password
cracker to find guessable passwords. The system cancels any passwords that are guessed
and notifies the user. Can be costly in resources to implement.
• • Proactive password checking - where user selects own password which the system then
checks to see if it is allowable and, if not, rejects it. It must strike a balance between user
acceptability and strength. Likely the best solution.
Token Authentication
• object user possesses to authenticate, e.g.
• Memory - has Electronic memory inside, e.g. Hotel Room Cards, ATM cards
(+PIN).
• Smart card - has Electronic memory and processor inside, e.g. Biometric ID card
• USB Dongle –Has same functionality of Smart Cards, but it does not read a
special reader.
• Objects that a user possesses for the purpose of user authentication
are called tokens. Now examine two types of tokens that are widely
used, which are cards that have the appearance and size of bank cards.
These include:
• Embossed - Raised characters only, on front, e.g. Old credit card
• Magnetic stripe - Magnetic bar on back, characters on front, e.g.
Bank card
• Memory - has Electronic memory inside, e.g. Prepaid phone card
• Smartcard - has Electronic memory and processor inside, e.g.
Biometric ID card
 Biometric Authentication
• authenticate user based on one of their physical characteristics
• A biometric authentication system attempts to authenticate an individual based on
unique physical characteristics. These include static characteristics, such as
fingerprints, hand geometry, facial characteristics, and retinal and iris patterns; and
dynamic characteristics, such as voiceprint and signature. Compared to passwords
and tokens, biometric authentication is both technically complex and expensive, and
have yet to mature as a standard tool for user authentication to computer systems.
• Facial characteristics: define characteristics based on relative location and
shape of key facial features, such as eyes, eyebrows, nose, lips, and chin shape.
• Fingerprints: the pattern of ridges and furrows on the surface of the fingertip,
believed to be unique across the entire human population. Automated fingerprint
systems extract a number of features to use as a surrogate for the full pattern.
• Hand geometry: identify features of hand,: e.g. shape, lengths & widths of
fingers.
• Retinal pattern: formed by veins beneath the retinal surface is unique and
therefore suitable for identification. Uses a digital image of the retinal pattern by
projecting a low-intensity beam of visual or infrared light into the eye.
• Iris: Another unique physical characteristic is the detailed structure of the iris.
• Signature: each individual has a unique style of handwriting, esp in signature.
Voice: patterns are more closely tied to physical and anatomical characteristics of the
speaker, but still have a variation from sample to sample over time from the same
speaker, complicating the biometric recognition task.
Summary

• introduced user authentication

• using passwords
• using tokens
• using biometrics