Definitions Data Integrity Entity Authentication Often, a claimed identity in a protocol is a message in its own right. So, confidence about a claimed identity and about the liveness of the claimant can be established by applying data-origin authentication mechanisms 復大软件学院 LiT
LiJT 11 Definitions • Data Integrity • Entity Authentication – Often, a claimed identity in a protocol is a message in its own right. So, confidence about a claimed identity and about the liveness of the claimant can be established by applying data-origin authentication mechanisms
Authentication scheme · Weak authentication Passwords PiN. etc One-time passwords(semi-strong authentication) Strong(cryptographic)authentication Challenge Response Mechanisms Zero-knowledge authentication Allow Claimant to demonstrate knowledge of a secret without revealing any information Whatsoever of the secret 12 復大软件学院 LiT
LiJT 12 Authentication scheme • Weak authentication – Passwords, PIN, etc – One-time passwords(semi-strong authentication) • Strong (cryptographic) authentication – Challenge – Response Mechanisms • Zero-knowledge authentication – Allow Claimant to demonstrate knowledge of a secret without revealing any information whatsoever of the secret
Outline of talk Definitions Passwords Unix Passwords One time passwords Challenge-response techniques Basic protocol constructions Also one-time Authentication Involving TTP 復大软件学院 LiT
LiJT 13 Outline of Talk • Definitions • Passwords – Unix Passwords – One time passwords • Challenge-response techniques – Basic protocol constructions – Also “one-time” • Authentication Involving TTP
Challenge-response authentication numerous protocol-based techniques for realizing authentication the basic protocol constructions, such as C-R techniques, in particular those which should be regarded as good ones, and the simple technical ideas behind the good constructions, are not so diverse freshness or liveness are the most basic goals 復大软件学院 LiT
LiJT 14 Challenge-response authentication • numerous protocol-based techniques for realizing authentication • the basic protocol constructions, such as C-R techniques, in particular those which should be regarded as good ones, and the simple technical ideas behind the good constructions, are not so diverse. • freshness or liveness are the most basic goals
Challenge-response authentication Alice is identified by a secret she possesses Bob needs to know that alice does indeed possess this secret Alice provides response to a time-variant challenge(Nonce, Number used ONCE Response depends on both secret and challenge To defense sniffer attack 15 復大软件学院 LiT
LiJT 15 Challenge-response authentication • Alice is identified by a secret she possesses • Bob needs to know that Alice does indeed possess this secret • Alice provides response to a time-variant challenge (Nonce, Number used ONCE) • Response depends on both secret and challenge • To defense sniffer attack