Basis of uthentication Something known-passwords PINS, keys ■■ Something possessed-cards handhelds Something inherent-biometrics 6 復大软件学院 LiT
LiJT 6 Basis of Authentication • Something known - passwords, PINs, keys… • Something possessed - cards, handhelds… • Something inherent - biometrics
Definitions Claimant (A): The party that claims a certain identity [and provides evidence of possessing the identity e.g. through possessing a specific secret Verifier(B): The party that verifies the identity of the claimant(accepts or rejects e.g. through verifying the possession of the secret by claimant 復大软件学院 LiT
LiJT 7 Definitions • Claimant (A): The party that claims a certain identity [and provides evidence of possessing the identity] – e.g. through possessing a specific secret • Verifier (B): The party that verifies the identity of the claimant (accepts or rejects) – e.g. through verifying the possession of the secret by claimant
Definitions 单向 Unilatera| authentication 双向 Mutua| authentication 8 復大软件学院 LiT
LiJT 8 Definitions • 单向 Unilateral authentication • 双向 Mutual authentication
Definitions Data-Origin authentication message authentication Data Integrity Entity Authentication 復大软件学院 LiT
LiJT 9 Definitions • Data-Origin Authentication – message authentication • Data Integrity • Entity Authentication
Definitions Data-Origin authentication Data Integrity Early textbooks, viewed these two notions with no essential difference However, two very different notions Auth necessarily involves communications involves identifying the source of a message the most significantly, freshness of a message liveness of the message source message is fresh or not should be determined by apps 復大软件学院 LiT
LiJT 10 Definitions • Data-Origin Authentication • Data Integrity – Early textbooks, viewed these two notions with no essential difference – However, two very different notions • Auth. necessarily involves communications • involves identifying the source of a message • the most significantly, freshness of a message; liveness of the message source. – message is fresh or not should be determined by apps