Definitions Authentication ·消息认证/报文的鉴别 ·身份认证 Message authentication has no timeliness Entity authentication happens in real time ·双向和单向认证 復大软件学院
6 Definitions Authentication • 消息认证/报文的鉴别 • 身份认证 – Message authentication has no timeliness – Entity authentication happens in real time • 双向和单向认证
e A good authentication scheme is Sound an honest party can successfully authenticate him/herself ·Non- transferable No impersonation all this is true even when a large number of authentications are observed Eve is able to spoof/eavesdrop Multiple instances are run simultaneously 復大软件学院
7 A good authentication scheme is… • Sound: an honest party can successfully authenticate him/herself • Non-transferable • No impersonation • All this is true even when – A large number of authentications are observed – Eve is able to spoof/eavesdrop – Multiple instances are run simultaneously
cott Basis of Authentication Something known-passwords PINS, keys ■■ Something possessed-cards handhelds Something inherent-biometrics 8 復大软件学院
8 Basis of Authentication • Something known - passwords, PINs, keys… • Something possessed - cards, handhelds… • Something inherent - biometrics
PINs and keys Long key on physical device(card), short Pin to remember Pin unlocks long key Need possession of both card and PIN Provides two-level security 復大软件学院
9 PINs and keys • Long key on physical device (card), short PIN to remember • PIN unlocks long key • Need possession of both card and PIN • Provides two-level security
Outline of Talk Definitions · Passwords Unix Passwords One time passwords Challenge-response techniques 復大软件学院
10 Outline of Talk • Definitions • Passwords – Unix Passwords – One time passwords • Challenge-response techniques