Cyber security chapter 5
Cyber security services & mechanisms
Authentication
:Definition of authentication
.It is a procedure that verifies the identity of one entity for another-
.An entity can be a person, a process, a client, or a server -
.The entity whose identity needs to be proved is the claimant-
)(المدعي
The party that tries to prove the identity of the claimant is called the -
.verifier
In message authentication, the identity of the sender is verified for -
.each single message
In user authentication, the user identity is verified once for the entire -
.duration of system access
,
, Authentication using Symmetric Key
User authentication with symmetric key only -1
A sends his identity and password in an encrypted message using symmetric key
. KAB
Disadvantage
Intruder can store data and authentication message and resend them later to B. -
-B has no way to know that this is a replay of a previous message (no guarantee
.for freshness)
User authentication with a nonce -2
.A nonce is a large random number that is used only once; a one-time number -
.B uses a nonce RB to challenge A -
.A responds by encrypting the nonce RB with the symmetric key KAB -
Bidirectional authentication -3
.Both A and B need to authenticate each other
. A has its nonce RA, and B has its own RB -
Authentication using Password
.simple,old, front line of defense against intruders-
Each user has ID that is public and a password that is private. -
.Password serves to authenticate individual logging on-
:The importance of ID as a security way arises from
ID determines whether a user is authorized to gain access to a -1
.system, or not
.ID determines the privileges accorded to the user -2
.ID is used as discretionary access control -3
Cyber security services & mechanisms
Authentication
:Definition of authentication
.It is a procedure that verifies the identity of one entity for another-
.An entity can be a person, a process, a client, or a server -
.The entity whose identity needs to be proved is the claimant-
)(المدعي
The party that tries to prove the identity of the claimant is called the -
.verifier
In message authentication, the identity of the sender is verified for -
.each single message
In user authentication, the user identity is verified once for the entire -
.duration of system access
,
, Authentication using Symmetric Key
User authentication with symmetric key only -1
A sends his identity and password in an encrypted message using symmetric key
. KAB
Disadvantage
Intruder can store data and authentication message and resend them later to B. -
-B has no way to know that this is a replay of a previous message (no guarantee
.for freshness)
User authentication with a nonce -2
.A nonce is a large random number that is used only once; a one-time number -
.B uses a nonce RB to challenge A -
.A responds by encrypting the nonce RB with the symmetric key KAB -
Bidirectional authentication -3
.Both A and B need to authenticate each other
. A has its nonce RA, and B has its own RB -
Authentication using Password
.simple,old, front line of defense against intruders-
Each user has ID that is public and a password that is private. -
.Password serves to authenticate individual logging on-
:The importance of ID as a security way arises from
ID determines whether a user is authorized to gain access to a -1
.system, or not
.ID determines the privileges accorded to the user -2
.ID is used as discretionary access control -3
