Professional Documents
Culture Documents
Authentication Protocols & Digital Signature Schemes
Authentication Protocols & Digital Signature Schemes
Authentication Protocols & Digital Signature Schemes
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
INTRODUCTION
Entity authentication is a technique designed to let one
party prove the identity of another party. An entity can
be a person, a process, a client, or a server. The entity
whose identity needs to be proved is called the
claimant; the party that tries to prove the identity of
the claimant is called the verifier.
Something known
Something possessed
Something inherent
PASSWORDS
First Approach
User ID and password file
Second Approach
Hashing the password
Third Approach
Salting the password
Fourth Approach
In the fourth approach, two identification techniques are
combined. A good example of this type of authentication
is the use of an ATM card with a PIN (personal
identification number).
One-Time Password
First Approach
In the first approach, the user and the system agree upon
a list of passwords.
Second Approach
In the second approach, the user and the system agree to
sequentially update the password.
Third Approach
In the third approach, the user and the system create a
sequentially updated password using a hash function.
Lamport one-time password
CHALLENGE-RESPONSE
Note
The challenge is a time-varying value sent by the
verifier; the response is the result
of a function applied on the challenge.
Using a Symmetric-Key Cipher
First Approach
Nonce challenge
Second Approach
First Approach
First Approach
Digital signature, unidirectional
Second Approach
Digital signature, bidirectional authentication
BIOMETRI
CS
Biometrics is the measurement of physiological or
behavioral features that identify a person
(authentication by something inherent). Biometrics
measures features that cannot be guessed, stolen, or
shared.
Topics discussed in this section:
Components
Enrollment
Authentication
Techniques
Accuracy
Applications
Components
Verification
Identification
Techniques
Fingerprint Hands
Iris Voice
Retina DNA
Face
Behavioral Techniques
Signature
Keystroke
Accuracy
13.32
13.1.2 Verification Method
13.33
13.1.3 Relationship
13.34
13.1.4 Duplicity
13.35
13-2 PROCESS
13.36
13.2.1 Need for Keys
Note
A digital signature needs a public-key system.
The signer signs with her private key; the verifier
verifies with the signer’s public key.
13.37
13.2.1 Need for Keys
• A conventional signature is like a private “key”
belonging to the signer of the document
• The signer uses it to sign the document; no one else
has this signature
• The copy of the signature is on the file like a public
key; anyone can use it to verify a document, to
compare it to the original signature
• In digital signature, the signer uses her private key,
applied it to a signing algorithm, to sign the
document
• The verifier uses the public key of the signer,
applied to the verifying algorithm to verify the
13.38 document
13.2.1 Continued
Note
A cryptosystem for confidentiality uses the private
and public keys of the receiver: a digital signature
uses the private and public keys of the sender.
13.39
13.2.2 Signing the Digest
13.40
13-3 SERVICES
13.41
13.3.1 Message Authentication
13.42
13.3.2 Message Integrity
13.43
13.3.3 Nonrepudiation
Note
Note
13.47
13.4.1 Attack Types
Key-Only Attack
Known-Message Attack
the attacker is given valid signatures for a variety of messages known by
the attacker but not chosen by the attacker.(Known plaintext attack)
Chosen-Message Attack
the attacker first learns signatures on arbitrary messages of the attacker's
choice.(Chosen plaintext attack)
13.48
13-5 DIGITAL SIGNATURE SCHEMES
13.50
13.5.1 Continued
Key Generation
Key generation in the RSA digital signature scheme is
exactly the same as key generation in the RSA
Note
In the RSA digital signature scheme, d is private;
e and n are public.
13.51
13.5.1 Continued
13.52
13.5.1 Continued
Example 13.1
As a trivial example, suppose that Alice chooses p = 823 and q =
953, and calculates n = 784319. The value of φ(n) is 782544. Now
she chooses e = 313 and calculates d = 160009. At this point key
generation is complete. Now imagine that Alice wants to send a
message with the value of M = 19070 to Bob. She uses her private
exponent, 160009, to sign the message:
Alice sends the message and the signature to Bob. Bob receives the
message and the signature. He calculates
13.53
13.5.1 Continued
13.54
13.5.1 Continued
Note
When the digest is signed instead of the message
itself, the susceptibility of the RSA digital signature
scheme depends on the strength of the hash
algorithm.
13.55