efa A good authentication scheme is ■■ Sound: an honest party can successfully authenticate him/herself Non-transferable No impersonation all this is true even when a large number of authentications are observed Eve is able to spoofleavesdrop Multiple instances are run simultaneously 復大辱软件学院
6 A good authentication scheme is… • Sound: an honest party can successfully authenticate him/herself • Non-transferable • No impersonation • All this is true even when – A large number of authentications are observed – Eve is able to spoof/eavesdrop – Multiple instances are run simultaneously
ot Basis of Authentication Something known- passwords PINS, keys Something possessed -cards handhelds Something inherent - biometrics 復大辱软件学院
7 Basis of Authentication • Something known - passwords, PINs, keys… • Something possessed - cards, handhelds… • Something inherent - biometrics
PINS and keys Long key on physical device(card), short Pin to remember Pin unlocks long key Need possession of both card and pIn Provides two-level security 復大辱软件学院
8 PINs and keys • Long key on physical device (card), short PIN to remember • PIN unlocks long key • Need possession of both card and PIN • Provides two-level security
Outline of talk Definitions · Passwords Unix Passwords One time passwords Challenge-response techniques 復大辱软件学院
9 Outline of Talk • Definitions • Passwords – Unix Passwords – One time passwords • Challenge-response techniques
ef Basic password authentication ° Setup User chooses password Hash of password stored in password file Authentication User logs into system, supplies password System computes hash compares to file 復大辱软件学院
10 Basic password authentication • Setup – User chooses password – Hash of password stored in password file • Authentication – User logs into system, supplies password – System computes hash, compares to file