Notes for November 14, 2000

Greetings and Felicitations!

Puzzle of the day

Authentication:
- validating client (user) identity
- validating server (system) identity
- validating both (mutual authentication)

Basis
- What you know
- What you have
- What you are

Passwords
How UNIX does selection
Problem: common passwords; Go through Morris and Thompson; Klein and mine, etc.
May be pass phrases: goal is to make search space as large as possible, distribution as uniform as possible
Other ways to force good password selection: random, pronounceable, computer-aided selection
Go through problems, approaches to each, esp. proactive

Password Storage
- In the clear; MULTICS story
- Enciphers; key must be kept available; get to it and itÕs all over
- Hashed; present idea of one-way functions using identity and sum
- Show UNIX version

Attack Schemes Directed to the Passwords
- Exhaustive search: UNIX is 1-8 chars, say 96 possibles; itÕs about 7e16
- Inspired guessing: think of what people would like (see above)
- Random guessing: canÕt defend against it; bad login messages aid it
- Scavenging: passwords often typed where they might be recorded (as login name, in other contexts, etc.)
- Ask the user: very common with some public access services

Expected time to guess
Password aging
- Pick age so when password is guessed, itÕs no longer valid
- Implementation: track previous passwords vs. upper, lower time bounds

Ultimate in aging: One-Time Pads
- Password is valid for only one use
- May work from list, or new password may be generated from old by a function
- Example: S/Key

Challenge-response systems
- Computer issues challenge, user presents response to verify secret information known/item possessed
- Example operations: f(x) = x+1, random, string (for users without computers), time of day, computer sends E(x), you answer E(D(E(x))+1)
- Note: password never sent on wire or network
- Attack: monkey-in-the-middle
- Defense: mutual authentication

Biometrics
- Depend on physical characteristics
- Examples: pattern of typing (remarkably effective), retinal scans, etc.

Location
- Bind user to some location detection device (human, GPS)
- Authenticate by location of the device In those days, when there was stability of a sort in Italy, this was doubtless sensible; wbut I do not think it makes a good rule today. I do not believe any good at all ever comes from dissension. On the conutrary, on the approach of the enemy, cities which are so divided inevitably succumb at once; the weaker faction will ‰ULƒUUÀiUGLQalways go over to the invader, and the other will not be able to hold out.Ó Y U‚$†ªªÀxUFdrWhat does this paragraph say to a system administrator or security officer seeking insight to defend her systems? 