Computer Security:

Principles and Practice

IS-820: Computer Security
Dr. Mehdi Hussain
MS-IS
Current Status
• Overview & Introduction
• Cryptography Tools
• Confidentiality with Symmetric Encryption
• Message Authentication and Hash Functions
• Public-Key Encryption
• Digital Signatures and Key Management
• Random and Pseudorandom Numbers

• Assignment 1/3
• Quiz 1/4
• Project 0/1
• MSE 0/1
• ESE 0/1
Overview
• Electronic user authentication principles
• Password-based authentication
• Token-based authentication
• Biometric authentication
• Remote user authentication
• Security issues for user authentication
• Practical application: an iris biometric system
• Recent Trends in User Authentications
Authentication
• Authentication is the process of determining whether someone or
something is, in fact, who or what it declares...

• A process of verifying the identity claimed by or for a system entity,

consists of
• Identification: specify identifier (i.e. user name)
• Verification: bind entity (system) and identifier

• The identifier tells who you are.

• The authenticator verifies that weather it is true or not
• i.e. it provides a secure coupling between the user and his account
User Authentication
• UA is the fundamental security building block or primary line of defense
• Used for access control & user accountability

• Mechanisms:
• Passwords, Computer recognition software, Biometrics, E-mail or SMS
one-time password (OTP), OTP token, Peripheral device recognition

• Distinct from Message Authentication

• When communicating parties are concerned with the integrity of the
exchanged messages, and authenticity of source is required.
Major Classifications of Authentication
• Three generic types, based on something* that is unique for the user:
• Knowledge factor: something you KNOW
• (e.g. password, PIN code)
• Possession factor: something you HAVE
• (e.g. smartcard, hardware, device)
• Inherence factor: something you ARE (DO)
• (e.g. fingerprint, behavioral biometrical, characteristic about you)

• Recently, WHERE you are can also be used in some situations

• *something that you have is called a token.

• i.e. something that is used for authentication
Authentication of User’s Identity
• Four general means of authenticating user’s identity,
• Based on something the individual
• knows, e.g. password, PIN
• possesses, e.g. key, token (physical key), smartcard
• is (static biometrics), e.g. fingerprint, retina
• does (dynamic biometrics), e.g. voice, signature

• All above can provide user authentication, can be used in both alone or
combined modes
• All have issues
• Steal token, forget password, overhead to manage passwords,
biometric problems include false positive/negative, acceptance rate.
Authentication procedure
• The authentication procedure consists of 4 stages:
• Identification
• of the user (who is it?) i.e. email_id
• Provision
• Any authentication information, which must be secret and
unforgeable. i.e. password
• Transmission
• of the authentication information to the system through a secure
channel.
• Validation
• of the authentication information w.r.t some reference information
(proof of correctness)
• Problems (errors, attacks) can occur in all those 4 stages.
Model for Digital User Authentication
• NIST SP 800-63-3 (2016) defines EUA as:
• the process of establishing confidence in user identity that are electronically
presented to any system.

• User applies to registration authority (RA) and becomes a subscriber of a

credential service provider (CSP)
• RA is a trusted entity
• The CSP exchanges with the subscriber
• The credential (a data structure) binds an identity to a token possessed by the
subscriber
• Claimant: the party to be authenticated
• Verifier: the party verifying
• The verifier passes an assertion about the subscriber to the relying party (PR)
Model for Digital User Authentication
Model for Digital User Authentication
Password-based authentication
Widely used user authentication method (e-daily activity)
• Front line defense against intruders.
• All users provides name/login and password
• System (maintained password file) compares with saved for
specified login
• Password servers to authenticates ID of user logging
• ID provides security in terms
• User authorized to access system
• Determines the user’s privileges (super-user, guest, OS file
protections)
• Used in discretionary access control (DAC) type of access control
• Restricting access to objects based on the identity of subjects
and/or groups to which they belong, passing access to others
Password Vulnerabilities
• Usually, password based authentication system maintains the password file
indexed by user ID.
• Typically, store the hash of password
• Lets explore the attack strategies and countermeasures.
• Offline dictionary attack
• Bypass access controls and gain access to the system password file.
• Compares the hashes against commonly used passwords hashes
with repeated trail and error.
• Prevention: Enhance the unauthorized access to the password file,
intrusion detection measures to identify a compromise
• Specific account attack (user FM)
• Targets a specific account and submits password guesses until the
correct password is discovered.
• Prevented: Lockout strategy.
Password Vulnerabilities
• Popular password attack
• Chooses a popular password and try it against a wide range of user IDs.
• Prevented: Policies, scanning the IP addresses of authentication requests and
client cookies for submission patterns

• Password guessing against single user

• Gain previous knowledge about the user and system policies.
• Prevented: Proper training, policies to make password difficult to guess,
secrecy of password with some character are prohibited with user names,
limited no. of characters.

• Workstation hijacking
• Attacker waits until a logged-in workstation is unattended
• Prevented: Automatically logging out after a period of inactivity. Intrusion
detection schemes can be used to detect changes in user behavior
Password Vulnerabilities
• Exploiting user mistakes
• Typically, user may write (off load) password due to less memorization.
• i.e. Preconfigured systems may shipped with datasets
• Prevented: Training, combination of password with other factor may help to
protect.

• Exploiting multiple password use

• Different network devices share the similar password for a given user.
• Prevented: policy that forbids the similar password on particular network devices
etc.

• Electronic monitoring
• When pass communicated across network for remote log in etc. becomes
vulnerable even after encryption.
• Simple encryption will not fix this problem, because the encrypted password may
be observed and reused by an adversary.
Key points: Countermeasures for Password
Vulnerability
• Stop unauthorized access to password file
• Intrusion detection measures
• Account lockout mechanisms
• Policies against using common passwords but rather hard to guess passwords
• Training & enforcement of policies
• Automatic workstation logout
• Encrypted network links

• Windows Passwords???
• https://www.techtarget.com/searchenterprisedesktop/definition/Security-Accounts-
Manager
Attacks Using Time: Countering Password Guessing
One of the goal of the defenders is to maximize the time needed to guess the
password

Anderson’s formula:
• P probability of guessing a password in specified period of time
• G number of guesses tested in 1 unit time
• T number of time units
• N number of possible passwords (|A|)
• Then P ≥ TG/N
Example *
• Goal : What is minimum password length ?

• Passwords drawn from a 96-char set of imaginary alphabets

• P: probability of a success to be 0.5
• T: over a 365 day period
• G: can test 104 guesses per second

• Solution
• N ≥ TG/P = (365246060)104/0.5 = 6.311011
• N number of possible passwords
• Choose s such that sj=0 96j ≥ N
• So s ≥ 6, meaning passwords must be at least 6 chars long
Use of Hashed Passwords & Salt
• Widely used technique of password with salt values i.e. UNIX.
• User select/assigned password with the combination of fixed-length salt
value
• Initially, associated with machine time during password generation.
• Now, pseudorandom or random numbers.

• Password and salt serve as inputs to a hashing algorithm to produce a

fixed-length hash code

• Hash password stored with plain

salt and ID.

• Secure against cryptanalysis

Use of Hashed Passwords & Salt
• In contrast, User provide ID and password
• OS uses ID to index into password file and retrieved the salt
• Find again the encrypted version and compare
Salt Purposes
• Prevents duplicate passwords from being visible in the password file
• i.e. Multiple user same password, same user with multiple password

• Increases the difficulty of offline dictionary attacks

• For a salt length b bits, the number of possible password increases the
difficulty to guess by 2b.

• Nearly impossible to tell if a person used the same password on multiple

systems
UNIX Implementation
• Original scheme
• 8 character password (converted to 7 bit ASCII) and form 56-bit
• 12-bit salt used to modify (crypt-3) DES encryption into a one-way hash
function
• crypt-3 executed input of 64-bit of block, assign the output for
second encryption. Process repeated for 25 encryption cycles.
• The resulting output translated to 11 character sequence

• Now regarded as woefully insecure

• e.g. dictionary attack using supercomputer, 50 million tests, 80 min
break it but for compatibility issues still often used
Improved implementations
• Have other, stronger, hash/salt variants
• Many systems used MD5
• with 48-bit salt
• password length is unlimited
• is hashed with 1000 times inner loop
• produces 128-bit hash
• OpenBSD uses Blowfish symmetric block cipher based hash algorithm
called Bcrypt
• uses 128-bit salt (55 character ) to create 192-bit hash value
• Password Hashing: Scrypt, Bcrypt and ARGON2
• PHC around 2015 as an open competition.
• Winner ARGON2 (time, memory, parallels) output: 128 bit
• Suggested to read “How Dropbox securely stores your passwords”
Password Guessing/Cracking
• Dictionary attacks
• Attacker tries a list of known or commonly used passwords, exploit the human
remembering tendency.
• Brute Force attack
• Attacker aims at trying all possible combinations in the password space. i.e. 4-
digit PIN = 10^4
• Rainbow table attacks
• Aims at guessing the plain text of the password from the hashed value a large
dictionary of possible passwords
• for each password:
• precomputed tables of hash values {with all possible salts} 160GB
• a mammoth table of hash values: e.g. 1.4GB table cracks 99.9% of
alphanumeric Windows passwords in 13.8 seconds
• Others
• Phishing, Social engineering, Malware-key logger, Shoulder surfing, Guess
Password choices/concerns
• Recent study (trace security)
• 81% of Company Data Breaches Due to Poor Passwords
• 70% of employees reuse passwords at work
• 59% of user reuse their passwords everywhere
• Users may pick short passwords
• e.g. 3% were 3 chars or less, easily guessed (Purdue University , 7000 users,
over 54 machines)
• So, system should reject choices that are too short
• Users may pick guessable passwords
• so crackers use lists of likely passwords (name, birthday, etc.)
• e.g. Another study of 14000 encrypted passwords guessed nearly ¼
• The test involves 3 million words.
Another case study
• An analysis of passwords used by 25,000 students
• Over 10% recovered after 10^10 guesses
• After 1013 guesses, almost 40% of the passwords are recovered.
Password File Access Control
• Deny the opponent or can block offline guessing attacks by denying access to
encrypted passwords
• make available only to privileged users
• If hash portion of pass file is accessible to privileged user, attacker
cannot read it without knowing the privileged user credentials.
• often hash password are kept a separate shadow password file from user
IDs.
• Still have vulnerabilities
• exploit O/S bug
• accident with permissions making it readable
• users with same password on other systems
• access from unprotected backup media
• sniff passwords in unprotected network traffic
• Therefore, a password protection policy must complement the access control
measures.
Password File (in Linux Unix OS)
• /etc/passwd file format is a plain text file
• Contains the list of system’s account, IDs etc.
• Mostly Read permission given to map user IDs to user names etc.
• However, Write access given to super/root users.
• /etc/passwd contains one entry per line for each user (user account) of the system,
separated by “:”

1- Username
2- Password (encrypted password is stored in /etc/shadow file)
3- User ID
4- Group ID 5 User ID info
6- Home directory 7 Command/shell
Shadow File (in Linux Unix OS)
• /etc/shadow file store the actual password in encrypted format
• Contains user’s account with additional properties related to user password.
• /etc/shadow also contains one entry per line for each user (user account) of the
system, separated by “:”

1- Username
2- Password (encrypted with $id$salt$hashed format )
$1$ is MD5, $2a$ is Blowfish , $2y$ is Blowfish, $5$ is SHA-256 , $6$ is SHA-512
3- Last password change
4- Minimum number of days required between password changes
5 Maximum number of days the password is valid
6- Warn
Password File (in Windows OS)
• Security Account Manager is a database file that stores users' passwords
• It also utilized cryptographic measures to prevent unauthenticated users
accessing the system.

• Passwords are stored in a hashed format in a registry hive either as a

(LanMan hash or LAN Manager hash) LM hash or as a NTLM hash

• Located %SystemRoot%/system32/config/SAM

• Cannot copy the SAM file while running of Windows. Windows kernel obtains
and keeps an exclusive filesystem lock on the SAM file.

• However, the in-memory copy of the contents of the SAM can be dumped
using various techniques (including pwdump)
Password Selection Strategies
• Clearly have problems with passwords
• Too short, easy etc.
• Goal to eliminate guessable passwords
• Still easy for user to remember, if include special characters.
• Techniques
• user education (My pet’s name is Mithu: MpniM)
• An apple a day keeps the doctor away: aaadktda
• computer-generated passwords
• Quite random in nature, difficult to remember
• reactive password checking (sys periodic checking)
• proactive password checking (at the time of selection)
• pass phrases instead of passwords
• password aging (Expire)
Proactive Password Checking
• Rule enforcement plus user advice, e.g.
• 8+ chars, upper/lower/numeric/punctuation
• Password cracker may helps to
• list of bad passwords (already compiled and check)
• Time (search time) and space (dictionary) issues
• Bloom Filter
• Is a data structure designed to tell you, rapidly and memory-efficiently,
whether an element is present in a set or not.
• use to build table based on dictionary using hashes
• check desired password against this table

• Lets have look https://llimllib.github.io/bloomfilter-tutorial/

• Use a Bloom filter, which is a set of k independent hash functions which map a password into a set of hash values in the range
0 … N–1. These are used to set bits in a lookup table of size N. When a new password is presented to the checker, its k hash
values are calculated. If all the corresponding bits of the hash table are equal to 1, then the password is rejected. All passwords
in the dictionary will be rejected. But there will also be some other “false positives ”
Token based Authentication
• Object that a user possesses to authenticate
• Memory card (magnetic stripe): can store but do not process data
• Smartcard - has Electronic memory and processor inside, e.g. Biometric ID
card
• A national e-identity (eID)
• Can provide stronger proof of identity and can be used in a wider variety
of applications

• A German card
• Personal data, Document number, Card access number (six digit random
number), Machine readable zone (MRZ): the password
• Uses: ePass (government use), eID (general use), eSign (can have private key
and certificate)
Memory Card
• Can store but do not process data
• The most common magnetic stripe card, e.g. bank card
• Can include internal electronic memory
• Can be used alone for physical access
• Hotel rooms
• ATM
• Provide significant security when using PIN
• Drawbacks of memory cards include:
• Required a special reader
• Loss of token
• User dissatisfaction (OK for ATM, not OK for computer access)
Smart Token
• Physical characteristics:
• Include an embedded microprocessor
• A smart token that look like bank card, key, USB
• Interface:
• Manual interfaces include a keypad and display interaction
• Electronic interfaces communicate with a compatible
reader/writer
• Authentication Protocol:
• static: similar to memory cards
• dynamic: passwords created every minute; entered manually by
user or electronically
• challenge-response: computer creates a random number; smart
card generates a response
Smart Card
• credit-card like
• has own processor, memory, I/O ports
• ROM, EEPROM, RAM memory
• executes protocol to authenticate with reader/computer
• static: similar to memory cards
• dynamic: passwords created every minute; entered manually by
user or electronically
• challenge-response: computer creates a random number; smart
card generates a response (similar to PK)
User authentication with eID
Biometric authentication
• Authenticate user based on one of their physical characteristics:
• Pattern recognitions
• Technically expensive

• facial
• fingerprint
• hand geometry
• retina pattern
• iris
• signature
• voice
• ambient sound
Operation of a
biometric
system
Depending on application,
UA either verification or
identification purpose

Verification user login via a

smart card and a PIN with
biometric

Identification is biometric
info but no IDs; system
compares with stored
templates, if match then
sys authenticate the user
Biometric Accuracy
• The system generates a matching score (a number) that quantifies
similarity between the input and the stored template
• Concerns: sensor noise and detection inaccuracy
• Problems of false match/false non-match
Remote User Authentication
• The simplest form of user authentication is local authentication, but
authentication over network becomes more complex
• Problems of eavesdropping, replay

• Generally use challenge-response

• First transmit his user identity to the remote host
• Host responds with random number r (i.e nonce, h, f)
• User computes f(r,h(P)) and sends back (host store the hash only)
• Host compares value from user with own computed value, if match user
authenticated

• Protects against replay attacks

Protocol for a password verification
• Similar approach for
token and biometric
verification

• Host store hash

• Not of hash transmitted
directly (under f and r)
• r resist the reply
Authentication Security Issues
• Client attacks: attacker attempts to achieve user authentication without access to
the remote host
• Masquerade as a legitimate user (e.g., guess the password or try all passwords)
• Countermeasure?
• Strong passwords; limit number of attempts

• Eavesdropping: attacker attempts to learn passwords by observing the user,

finding written passwords, key logging
• Countermeasures
• Challenge-response protocol
• Multifactor authentication
• Admin revoke compromised passwords
Authentication Security Issues
• Host attacks: attacker attacks the host where passwords/passcodes are stored
• Countermeasure:
• Hashing
• Protect password databases

• Replay: attacker repeats a previously captured user response

• Countermeasure
• Challenge-response
• 1-time passcodes/ OTP
Authentication Security Issues
• Trojan horse: an application or physical device masquerades as an authentic
application or device
• Countermeasure:
• Authentication of the client within a trusted security environment

• Denial of service: attacker attempts to disable a user authentication service

(via flooding)
• Countermeasure:
• Multifactor authentication with a token
Recent Trends in User Authentications

• Location based auth. like click on map locations to verify within the 30m etc.
• Memory challenge, in which year pictures belongs?
• User activity on mobile converted in questions, but suffer from friends, plus avg.
~9 sec. time required to answer the question may loss the battery as well
• Unlock the mobile phone 80 times/day by an average iPhone user
Recent Trends in User Authentications
Recent Trends in User Authentications
• MFA, OTP, 2FA
• Security token (e.g., Google Authenticator) app
• Physical Unclonable Function (PUF)
• Automatically unlock laptop if smart watch paired.

CSI: user’s pre-registered mobile phone and log-in device as 2FA

Summary
• Introduced user authentication
• using passwords
• using tokens
• using biometrics
• Electronic user authentication principles
• Remote user authentication issues
• Security issues for user authentication
• Recent Trends of User Authentications
Reference
• Chapter 3