Monitor for New Threats and React Accordingly
VerifiedAdded on 2019/12/28
|22
|4890
|366
Essay
AI Summary
The assignment discusses the importance of monitoring for new threats and reacting accordingly in authenticator security systems. The text categorizes authenticators into three types: knowledge-based, object-based, and ID-based, each providing security through different means. It also highlights potential attacks on these systems, including client and host search attacks, eavesdropping, theft, replay, Trojan horse, and denial of service. Additionally, it touches upon other security issues such as nonrepudiation, compromise detection, and administrative issues like registration/enrollment, reset or compromise recovery, and revocation. The text concludes by recommending combinations of authenticators for specific applications.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Biometric authentication over
Password and PIN authentication
Submitted by:
Date:
Page 1 of 22
Password and PIN authentication
Submitted by:
Date:
Page 1 of 22
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Table of Content
1. Introduction
2. The risk assessment process
3. Biometric is one authentication method
4. TYPES AND DESCRIPTION OF BIOMETRICS
5. PHYSIOLOGICAL BIOMETRIC
6. BEHAVIORAL BIOMETRIC
7. Advantages of the biometric authentication
8. Drawbacks of the biometric authentication
9. Comparison
10. Conclusions
Page 2 of 22
1. Introduction
2. The risk assessment process
3. Biometric is one authentication method
4. TYPES AND DESCRIPTION OF BIOMETRICS
5. PHYSIOLOGICAL BIOMETRIC
6. BEHAVIORAL BIOMETRIC
7. Advantages of the biometric authentication
8. Drawbacks of the biometric authentication
9. Comparison
10. Conclusions
Page 2 of 22
Introduction
Passwords have dominated human-computer authentication for 50 years
despite consensus among researchers that we need something more secure
and deserve something more user friendly. Much published research has
focused on specific aspects of the problem that can be easily formalized but
do not actually have a major influence on real-world design goals, which are
never authentication per se, but rather protection of user accounts and
sensitive data. As an example of this disconnect, academic research often
recommends strict password-composition policies (such as length
requirements and mandating digits and non-alphabetic characters) despite
the lack of evidence that they actually reduce harm.
We argue that critically revisiting authentication as a whole and passwords’
role therein is required to understand today’s situation and provide a
meaningful look ahead. Passwords were originally deployed in the 1960s for
access to time-shared mainframe computers, an environment
unrecognizable by today’s Web users. Many practices have survived with few
changes even if no longer appropriate. While partly attributable to inertia,
this also represents a failure of the academic literature to provide
approaches that are convincingly better than current practices.
Financial institutions engaging in any form of Internet banking should have
effective and reliable methods to authenticate customers. An effective
authentication system is necessary for compliance with requirements to
safeguard customer information,3 to prevent money laundering and terrorist
financing,4 to reduce fraud, to inhibit identity theft, and to promote the legal
enforceability of their electronic agreements and transactions. The risks of
doing business with unauthorized or incorrectly identified persons in an
Internet banking environment can result in financial loss and reputation
damage through fraud, disclosure of customer information, corruption of
data, or unenforceable agreements.
There are a variety of technologies and methodologies financial institutions
can use to authenticate customers. These methods include the use of
customer passwords, personal identification numbers (PINs), digital
certificates using a public key infrastructure (PKI), physical devices such as
smart cards, one-time passwords (OTPs), USB plug-ins or other types of
“tokens”, transaction profile scripts, biometric identification, and others. (The
appendix to this guidance contains a more detailed discussion of
Page 3 of 22
Passwords have dominated human-computer authentication for 50 years
despite consensus among researchers that we need something more secure
and deserve something more user friendly. Much published research has
focused on specific aspects of the problem that can be easily formalized but
do not actually have a major influence on real-world design goals, which are
never authentication per se, but rather protection of user accounts and
sensitive data. As an example of this disconnect, academic research often
recommends strict password-composition policies (such as length
requirements and mandating digits and non-alphabetic characters) despite
the lack of evidence that they actually reduce harm.
We argue that critically revisiting authentication as a whole and passwords’
role therein is required to understand today’s situation and provide a
meaningful look ahead. Passwords were originally deployed in the 1960s for
access to time-shared mainframe computers, an environment
unrecognizable by today’s Web users. Many practices have survived with few
changes even if no longer appropriate. While partly attributable to inertia,
this also represents a failure of the academic literature to provide
approaches that are convincingly better than current practices.
Financial institutions engaging in any form of Internet banking should have
effective and reliable methods to authenticate customers. An effective
authentication system is necessary for compliance with requirements to
safeguard customer information,3 to prevent money laundering and terrorist
financing,4 to reduce fraud, to inhibit identity theft, and to promote the legal
enforceability of their electronic agreements and transactions. The risks of
doing business with unauthorized or incorrectly identified persons in an
Internet banking environment can result in financial loss and reputation
damage through fraud, disclosure of customer information, corruption of
data, or unenforceable agreements.
There are a variety of technologies and methodologies financial institutions
can use to authenticate customers. These methods include the use of
customer passwords, personal identification numbers (PINs), digital
certificates using a public key infrastructure (PKI), physical devices such as
smart cards, one-time passwords (OTPs), USB plug-ins or other types of
“tokens”, transaction profile scripts, biometric identification, and others. (The
appendix to this guidance contains a more detailed discussion of
Page 3 of 22
authentication techniques.) The level of risk protection afforded by each of
these techniques varies.
The selection and use of authentication technologies and methods should
depend upon the results of the financial institution’s risk assessment
process. Authentication methodologies involve three basic “factors”:
o Something the user knows (e.g., password, PIN);
o Something the user has (e.g., ATM card, smart card); and
o Something the user is (e.g., biometric characteristic, such as a
fingerprint).
The risk assessment process should:
o Identify all transactions and levels of access associated with Internet-
based customer products and services;
o Identify and assess the risk mitigation techniques, including
authentication methodologies, employed for each transaction type and
level of access; and
o Include the ability to gauge the effectiveness of risk mitigation
techniques for current and changing risk factors for each transaction
type and level of access.
The security literature distinguishes between online attackers who must
interact with a legitimate party to authenticate and offline attackers who are
limited only in terms of their computational resources.
Superficially, offline attackers are far more powerful, as they typically can
make an unbounded number of guesses and compare them against a known
hash of the password. Yet many additional avenues of attack are available to
the online attacker: stealing the password using client-side malware,
phishing the password using a spoofed site, eavesdropping the password as
it is transmitted, stealing the password from the authentication server,
stealing the password from a second authentication server where the user
has reused it, and subverting the automated password reset process.
A critical observation is that strong passwords do not help against any of
these other attacks. Even the strongest passwords are still static secrets that
can be replayed and are equally vulnerable to phishing, theft, and
Page 4 of 22
these techniques varies.
The selection and use of authentication technologies and methods should
depend upon the results of the financial institution’s risk assessment
process. Authentication methodologies involve three basic “factors”:
o Something the user knows (e.g., password, PIN);
o Something the user has (e.g., ATM card, smart card); and
o Something the user is (e.g., biometric characteristic, such as a
fingerprint).
The risk assessment process should:
o Identify all transactions and levels of access associated with Internet-
based customer products and services;
o Identify and assess the risk mitigation techniques, including
authentication methodologies, employed for each transaction type and
level of access; and
o Include the ability to gauge the effectiveness of risk mitigation
techniques for current and changing risk factors for each transaction
type and level of access.
The security literature distinguishes between online attackers who must
interact with a legitimate party to authenticate and offline attackers who are
limited only in terms of their computational resources.
Superficially, offline attackers are far more powerful, as they typically can
make an unbounded number of guesses and compare them against a known
hash of the password. Yet many additional avenues of attack are available to
the online attacker: stealing the password using client-side malware,
phishing the password using a spoofed site, eavesdropping the password as
it is transmitted, stealing the password from the authentication server,
stealing the password from a second authentication server where the user
has reused it, and subverting the automated password reset process.
A critical observation is that strong passwords do not help against any of
these other attacks. Even the strongest passwords are still static secrets that
can be replayed and are equally vulnerable to phishing, theft, and
Page 4 of 22
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
eavesdropping. Mandating stronger passwords does nothing to increase
security against such attacks.
Biometric is one authentication method. It consists in identifying
people by recognizing one or several physicals characteristics. It is probably
one of the future main solutions for providing authentication. There are
several types of authentication, based on different aspects of a user,
authentication can be based on:
o What this user has, for example a key.
o What this user knows, for example a password.
o Where this user is, for example IP-address.
o What this user is: biometrics methods.
Page 5 of 22
security against such attacks.
Biometric is one authentication method. It consists in identifying
people by recognizing one or several physicals characteristics. It is probably
one of the future main solutions for providing authentication. There are
several types of authentication, based on different aspects of a user,
authentication can be based on:
o What this user has, for example a key.
o What this user knows, for example a password.
o Where this user is, for example IP-address.
o What this user is: biometrics methods.
Page 5 of 22
TYPES AND DESCRIPTION OF BIOMETRICS
1. PHYSIOLOGICAL BIOMETRIC
o Fingerprints
o Eyes
o DNA
o Face
o Handprints
o Voice
2. BEHAVIORAL BIOMETRIC
o Signature
o Gait
o Keystrokes
Advantages of the biometric authentication
The Biometric authentication has several advantages. First, the biometrics
authenticates only people. It cannot authenticate computer as the classical
authentication methods which are based on IP address or public key. The
Page 6 of 22
1. PHYSIOLOGICAL BIOMETRIC
o Fingerprints
o Eyes
o DNA
o Face
o Handprints
o Voice
2. BEHAVIORAL BIOMETRIC
o Signature
o Gait
o Keystrokes
Advantages of the biometric authentication
The Biometric authentication has several advantages. First, the biometrics
authenticates only people. It cannot authenticate computer as the classical
authentication methods which are based on IP address or public key. The
Page 6 of 22
biometric characteristics that are used in authentication systems are unique
for each person.
The major advantage of the biometrics is
that you have always with you your way to authenticate yourself. For
example, you can forget a password or lost an access card. It is impossible to
forget your fingerprint, your gait, your signature. Biometric is more practical
for the user as to remember several passwords for example. It can reduce
the cost of password and access-card administration. As soon as the
biometric system is set up, there is only a few of administration.
In most of the case, it is more difficult to attack a biometric authentication
system as attacking an authentication system based on password or access-
card. You can guess a password or steal an access card. It seems more
difficult to fool a good biometric authentication system.
Drawbacks of the biometric authentication
The first drawback of biometric authentication is that some methods can’t
work for some people. For example, it is impossible to use fingerprint
authentication for someone who has no hands. Some behavioral
authentication methods can’t work if something is changed in your life.
For example, if you have new shoes, perhaps your gait will change, and it
can be a problem to authenticate you. Furthermore, if one of your fingers is
severely hurt, the fingerprints authentication will not work. Some
characteristics as your face can also change with the age. Moreover, most of
the biometrics authentications systems are still in developing state and it
Page 7 of 22
for each person.
The major advantage of the biometrics is
that you have always with you your way to authenticate yourself. For
example, you can forget a password or lost an access card. It is impossible to
forget your fingerprint, your gait, your signature. Biometric is more practical
for the user as to remember several passwords for example. It can reduce
the cost of password and access-card administration. As soon as the
biometric system is set up, there is only a few of administration.
In most of the case, it is more difficult to attack a biometric authentication
system as attacking an authentication system based on password or access-
card. You can guess a password or steal an access card. It seems more
difficult to fool a good biometric authentication system.
Drawbacks of the biometric authentication
The first drawback of biometric authentication is that some methods can’t
work for some people. For example, it is impossible to use fingerprint
authentication for someone who has no hands. Some behavioral
authentication methods can’t work if something is changed in your life.
For example, if you have new shoes, perhaps your gait will change, and it
can be a problem to authenticate you. Furthermore, if one of your fingers is
severely hurt, the fingerprints authentication will not work. Some
characteristics as your face can also change with the age. Moreover, most of
the biometrics authentications systems are still in developing state and it
Page 7 of 22
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
can be expensive to install them. As shown in the first part, someone can
fool the biometric authentication.
Some biometrics authentication systems are not really user-friendly such as
DNA or retinal recognition. It can be also not very clean. It is possible that
users don’t want to use such system. Biometrics authentication raises also
the problem of respect of privacy. It is worrying if your fingerprints are asked
everywhere that you want to go or if every time that you speak, someone
can identify you by analyzing your voice. Some movies are based on a world
leading by biometric, and it is really frightening. If biometric is widespread in
our everyday life and all your activities are stored in database, there is no
more privacy. Personal information taken by biometrics device can be
misused. We must decide in which system we must authenticate by
biometrics and in which system we must not. Using biometric authentication
should be a choice for a user not an obligation. Laws have to be done in
order to limit the use of biometrics information in a reasonable way.
There are at least ten biometric techniques commercially available and new
techniques are in the stage of research and development. What conditions
must be fulfilled for a biological measure- good to become a biometric? Any
Page 8 of 22
fool the biometric authentication.
Some biometrics authentication systems are not really user-friendly such as
DNA or retinal recognition. It can be also not very clean. It is possible that
users don’t want to use such system. Biometrics authentication raises also
the problem of respect of privacy. It is worrying if your fingerprints are asked
everywhere that you want to go or if every time that you speak, someone
can identify you by analyzing your voice. Some movies are based on a world
leading by biometric, and it is really frightening. If biometric is widespread in
our everyday life and all your activities are stored in database, there is no
more privacy. Personal information taken by biometrics device can be
misused. We must decide in which system we must authenticate by
biometrics and in which system we must not. Using biometric authentication
should be a choice for a user not an obligation. Laws have to be done in
order to limit the use of biometrics information in a reasonable way.
There are at least ten biometric techniques commercially available and new
techniques are in the stage of research and development. What conditions
must be fulfilled for a biological measure- good to become a biometric? Any
Page 8 of 22
human physiological or behave- biometrics oral characteristics can become a
biometric provided the following properties are fulfilled.
Universality: This means that every person should have the characteristics. It
is really difficult to get 100% coverage. There are mute people, people
without fingers or with injured eyes. All these cases must be handled.
Uniqueness: This means that no two persons should be the same in terms of
the biometric characteristics. Fingerprints have a high discrimination rate
and the probability of two persons with the same iris is estimated as low as
1: 1052. Identical twins, on the other side, cannot be easily distinguished by
face recognition and DNA-analysis systems.
Permanence: This means that the characteristics should be invariant with
time. While the iris usually remains stable over decades, a person’s face
changes significantly with time. The signature and its dynamics may change
as well and the finger is a frequent subject to injuries.
Collectability: This means that the characteristics must be measured
quantitatively and obtaining the characteristics should be easy. Face
recognition systems are not intrusive and obtaining of a face image is easy.
In the contrast the DNA analysis requires a blood or other bodily sample. The
retina scan is rather intrusive as well.
Performance: This refers to the achievable identification/verification accuracy
and the resources and working or environmental conditions needed to
achieve an acceptable accuracy. The crossover accuracy of iris-based
systems is under 1% and the system is able to compare over 4.
Acceptability: This indicates to what extend people are willing to accept the
biometric system. Face recognition systems are personally not intrusive, but
there are countries where taking pictures of persons is not viable. The retina
scanner requires an infrared laser beam directed through the cornea of the
eye. This is rather invasive and only few users accept this technology.
Page 9 of 22
biometric provided the following properties are fulfilled.
Universality: This means that every person should have the characteristics. It
is really difficult to get 100% coverage. There are mute people, people
without fingers or with injured eyes. All these cases must be handled.
Uniqueness: This means that no two persons should be the same in terms of
the biometric characteristics. Fingerprints have a high discrimination rate
and the probability of two persons with the same iris is estimated as low as
1: 1052. Identical twins, on the other side, cannot be easily distinguished by
face recognition and DNA-analysis systems.
Permanence: This means that the characteristics should be invariant with
time. While the iris usually remains stable over decades, a person’s face
changes significantly with time. The signature and its dynamics may change
as well and the finger is a frequent subject to injuries.
Collectability: This means that the characteristics must be measured
quantitatively and obtaining the characteristics should be easy. Face
recognition systems are not intrusive and obtaining of a face image is easy.
In the contrast the DNA analysis requires a blood or other bodily sample. The
retina scan is rather intrusive as well.
Performance: This refers to the achievable identification/verification accuracy
and the resources and working or environmental conditions needed to
achieve an acceptable accuracy. The crossover accuracy of iris-based
systems is under 1% and the system is able to compare over 4.
Acceptability: This indicates to what extend people are willing to accept the
biometric system. Face recognition systems are personally not intrusive, but
there are countries where taking pictures of persons is not viable. The retina
scanner requires an infrared laser beam directed through the cornea of the
eye. This is rather invasive and only few users accept this technology.
Page 9 of 22
Circumvention: This refers to how difficult it is to fool the system by
fraudulent techniques. An automated access control system that can be
easily fooled with a fingerprint model or a picture of a user’s face does not
provide much security.
Comparison
The currently computed characteristics are then compared with the
characteristics obtained during enrollment. This process is very dependent
on the nature of the biometric technology used. Sometimes the desired
security threshold is a parameter of the matching process, sometimes the
biometric system returns a score within similarity a range. If the system
performs verification then the newly trained characteristics are compared
only with one master template (or with a small number of master templates,
e.g. a set of master templates for a few different fingers). For an
identification request the new characteristics are matched against a large
number of master templates (either against all the records in the database
or if the database is clustered then against the relevant part of the database)
Page 10 of 22
fraudulent techniques. An automated access control system that can be
easily fooled with a fingerprint model or a picture of a user’s face does not
provide much security.
Comparison
The currently computed characteristics are then compared with the
characteristics obtained during enrollment. This process is very dependent
on the nature of the biometric technology used. Sometimes the desired
security threshold is a parameter of the matching process, sometimes the
biometric system returns a score within similarity a range. If the system
performs verification then the newly trained characteristics are compared
only with one master template (or with a small number of master templates,
e.g. a set of master templates for a few different fingers). For an
identification request the new characteristics are matched against a large
number of master templates (either against all the records in the database
or if the database is clustered then against the relevant part of the database)
Page 10 of 22
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Conclusions
Even if the accuracy of the biometric techniques is not perfect yet, there are
many mature biometric systems available now. Proper design and
implementation of the biometric system can indeed increase the overall
security, especially the smartcard based solutions seem to be very
promising. Making a secure biometric system is, however, not as easy as it
might appear. The word biometrics is very often used as a synonym for the
perfect security. This is a misleading view. There are numerous conditions
that must be taken in account when designing a secure biometric system.
First, it is necessary to realize that biometrics are not secrets. This implies be
careful that biometric measurements cannot be used as capability tokens
and it is not secure to generate any cryptographic keys from them. Second,
it is necessary to trust the input device and make the communication link
secure. Third, the input device needs to check the liveness of the person
being measured and the device itself should be verified for example by a
challenge-response protocol.
References:
Books:
[1] Introduction to Computer Security (Matt Bishop)
[2] Network Security- Private Communication in a public world (Charlie
Kaufman, Radia Perlman, Mike Spenicer)
Web:
[3] http://en.wikipedia.org/wiki/Biometrics
[4]http://www.biometrics.dod.mil
[5]http://www.eff.org/Privacy/Surveillance/biometrics/
[6]http://www.globalsecurity.org/security/systems/biometrics.htm
Page 11 of 22
Even if the accuracy of the biometric techniques is not perfect yet, there are
many mature biometric systems available now. Proper design and
implementation of the biometric system can indeed increase the overall
security, especially the smartcard based solutions seem to be very
promising. Making a secure biometric system is, however, not as easy as it
might appear. The word biometrics is very often used as a synonym for the
perfect security. This is a misleading view. There are numerous conditions
that must be taken in account when designing a secure biometric system.
First, it is necessary to realize that biometrics are not secrets. This implies be
careful that biometric measurements cannot be used as capability tokens
and it is not secure to generate any cryptographic keys from them. Second,
it is necessary to trust the input device and make the communication link
secure. Third, the input device needs to check the liveness of the person
being measured and the device itself should be verified for example by a
challenge-response protocol.
References:
Books:
[1] Introduction to Computer Security (Matt Bishop)
[2] Network Security- Private Communication in a public world (Charlie
Kaufman, Radia Perlman, Mike Spenicer)
Web:
[3] http://en.wikipedia.org/wiki/Biometrics
[4]http://www.biometrics.dod.mil
[5]http://www.eff.org/Privacy/Surveillance/biometrics/
[6]http://www.globalsecurity.org/security/systems/biometrics.htm
Page 11 of 22
[7] Common Criteria for Information Technology Security Evaluation, v 2.1,
1999.
[8] Department of Defense (1985). Trusted Computer System Evaluation
Criteria.
[9] Jain, A., Bolle, R. and Pankanti S. (1999). BIOMETRICS: Personal
Identification in Networked Society. Kluwer Academic Publishers. Biometric
Authentication — Security and Usability 13
[10] National Institute of Standards and Technology (1994 and 2001).
Security Requirements for Cryptographic Modules, FIPS PUB 140-1/2.
[11] Newham, E. (1995). The biometric report. SBJ Services.
[12] Maty´aˇs, V., ˇ R´ıha, Z. (2000). Biometric Authentication Systems.
Technical report.
http://www.ecom-monitor.com/papers/biometricsTR2000.pdf.
Token authentication in banking industry
Password has been the standard means for user authentication on
computers. However, as users are required to remember more, longer, and
changing passwords, it is evident that a more convenient and secure solution
to user authentication is necessary. This paper examines passwords, security
tokens, and biometrics – which we collectively call authenticators – and
compares these authenticators and their combinations. We examine
effectiveness against several attacks and suitability for particular security
specifications such as compromise detection and non-repudiation.
Examples of authenticator combinations and protocols are described to show
tradeoffs and solutions that meet chosen, practical requirements. The paper
endeavors to offer a comprehensive picture of user authentication solutions
for the purposes of evaluating options for use and identifying deficiencies
requiring further research.
Page 12 of 22
1999.
[8] Department of Defense (1985). Trusted Computer System Evaluation
Criteria.
[9] Jain, A., Bolle, R. and Pankanti S. (1999). BIOMETRICS: Personal
Identification in Networked Society. Kluwer Academic Publishers. Biometric
Authentication — Security and Usability 13
[10] National Institute of Standards and Technology (1994 and 2001).
Security Requirements for Cryptographic Modules, FIPS PUB 140-1/2.
[11] Newham, E. (1995). The biometric report. SBJ Services.
[12] Maty´aˇs, V., ˇ R´ıha, Z. (2000). Biometric Authentication Systems.
Technical report.
http://www.ecom-monitor.com/papers/biometricsTR2000.pdf.
Token authentication in banking industry
Password has been the standard means for user authentication on
computers. However, as users are required to remember more, longer, and
changing passwords, it is evident that a more convenient and secure solution
to user authentication is necessary. This paper examines passwords, security
tokens, and biometrics – which we collectively call authenticators – and
compares these authenticators and their combinations. We examine
effectiveness against several attacks and suitability for particular security
specifications such as compromise detection and non-repudiation.
Examples of authenticator combinations and protocols are described to show
tradeoffs and solutions that meet chosen, practical requirements. The paper
endeavors to offer a comprehensive picture of user authentication solutions
for the purposes of evaluating options for use and identifying deficiencies
requiring further research.
Page 12 of 22
Enter the computer era and authentication has changed. Now we cannot
“see” the entity on the remote end of a computer network, and indeed the
entity could be a friend, a machine, or an attacker. We exchange information
about our finances and health that we wish to remain as private as any spy
correspondence. The World Wide Web adds a new complication since
attackers can access our records without the need for physical presence.
Whether it is for protection of our own records or our own digital identities,
we have been forced to adopt more formal authentication methods even in
our common lives.
Pass phrases, identity tokens and biometrics are no longer just the domain of
spies. We now use these authentication methods routinely in our interactions
with computers and over computer networks. For this purpose, it is
important to understand the authentication options, how effective they are,
and how they compare.
Page 13 of 22
“see” the entity on the remote end of a computer network, and indeed the
entity could be a friend, a machine, or an attacker. We exchange information
about our finances and health that we wish to remain as private as any spy
correspondence. The World Wide Web adds a new complication since
attackers can access our records without the need for physical presence.
Whether it is for protection of our own records or our own digital identities,
we have been forced to adopt more formal authentication methods even in
our common lives.
Pass phrases, identity tokens and biometrics are no longer just the domain of
spies. We now use these authentication methods routinely in our interactions
with computers and over computer networks. For this purpose, it is
important to understand the authentication options, how effective they are,
and how they compare.
Page 13 of 22
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
Security systems and methods are often described as strong or weak. When
used in relative terms, the meanings are clear. A door with a lock offers
stronger security than one with no lock. A credit card number alone offers
“weak” defense against repudiation because a user can easily deny a credit
card charge by claiming that his credit card number was stolen. However, a
credit card number plus a signature has “strong” defense (meaning
“stronger” defense than without a signature) because the user leaves
evidence of his presence by his signature.
Types of Authenticators
Authentication factors are usually grouped into these three categories: 1)
what you know (e.g., password), 2) what you have (e.g., token), and 3) who
you are (e.g., biometric).
This is a good mnemonic scheme and unlikely to fall from use, but it is not
without problems. For instance, a password is not strictly known; it is
memorized. Implying otherwise risks minimizing a major problem with
passwords, forgetting them. Biometrics are definitely not “who you are” any
more than hair color or body build indicates your true self. A biometric is
simply one feature of your appearance.
We prefer the following authenticator labels: knowledge-based, object-based,
and ID-based.
Page 14 of 22
used in relative terms, the meanings are clear. A door with a lock offers
stronger security than one with no lock. A credit card number alone offers
“weak” defense against repudiation because a user can easily deny a credit
card charge by claiming that his credit card number was stolen. However, a
credit card number plus a signature has “strong” defense (meaning
“stronger” defense than without a signature) because the user leaves
evidence of his presence by his signature.
Types of Authenticators
Authentication factors are usually grouped into these three categories: 1)
what you know (e.g., password), 2) what you have (e.g., token), and 3) who
you are (e.g., biometric).
This is a good mnemonic scheme and unlikely to fall from use, but it is not
without problems. For instance, a password is not strictly known; it is
memorized. Implying otherwise risks minimizing a major problem with
passwords, forgetting them. Biometrics are definitely not “who you are” any
more than hair color or body build indicates your true self. A biometric is
simply one feature of your appearance.
We prefer the following authenticator labels: knowledge-based, object-based,
and ID-based.
Page 14 of 22
1. Knowledge-Based (“what you know”) – are characterized by secrecy or
obscurity. This type includes the memorized password. It can also include
information that is not so much secret as it is “obscure,” which can be
loosely defined as “secret from most people.” Mother’s maiden name and
your favorite color are examples in this category. A security drawback of
secrets is that, each time it is shared for authentication, it becomes less
secret.
2. Object-Based (“what you have”) – are characterized by physical
possession. Physical keys – which we call metal keys to distinguish them
from cryptographic keys – are tokens that have stood the test of time well. A
security drawback of a metal house key is that, if lost, it enables its finder to
enter the house. This is why many digital tokens combine another factor, an
associated password to protect a lost or stolen token. There is a distinct
advantage of a physical object used as an authenticator; if lost, the owner
sees evidence of this and can act accordingly.
3. ID-Based (“who you are”) – are characterized by uniqueness1 to one
person. A driver’s license, passport, credit card, university diploma, etc., all
belong in this category. So does a biometric, such as a fingerprint, eye scan,
voiceprint, or signature. For both ID documents and biometrics, the dominant
security defense is that they are difficult to copy or forge. However, if a
biometric is compromised or a document is lost, they are not as easily
replaceable as passwords or tokens.
Page 15 of 22
obscurity. This type includes the memorized password. It can also include
information that is not so much secret as it is “obscure,” which can be
loosely defined as “secret from most people.” Mother’s maiden name and
your favorite color are examples in this category. A security drawback of
secrets is that, each time it is shared for authentication, it becomes less
secret.
2. Object-Based (“what you have”) – are characterized by physical
possession. Physical keys – which we call metal keys to distinguish them
from cryptographic keys – are tokens that have stood the test of time well. A
security drawback of a metal house key is that, if lost, it enables its finder to
enter the house. This is why many digital tokens combine another factor, an
associated password to protect a lost or stolen token. There is a distinct
advantage of a physical object used as an authenticator; if lost, the owner
sees evidence of this and can act accordingly.
3. ID-Based (“who you are”) – are characterized by uniqueness1 to one
person. A driver’s license, passport, credit card, university diploma, etc., all
belong in this category. So does a biometric, such as a fingerprint, eye scan,
voiceprint, or signature. For both ID documents and biometrics, the dominant
security defense is that they are difficult to copy or forge. However, if a
biometric is compromised or a document is lost, they are not as easily
replaceable as passwords or tokens.
Page 15 of 22
Password
A single password is an excellent authenticator. Its secrecy is a good defense
against theft. It can have a higher key space than most other authenticators,
and because of this it defends well against search attacks at the client. High
key space and hashing protect against host attacks. Its ability to participate
in challenge-response protocols protects against replay, eavesdropping, and
other attacks in transmission.
Page 16 of 22
A single password is an excellent authenticator. Its secrecy is a good defense
against theft. It can have a higher key space than most other authenticators,
and because of this it defends well against search attacks at the client. High
key space and hashing protect against host attacks. Its ability to participate
in challenge-response protocols protects against replay, eavesdropping, and
other attacks in transmission.
Page 16 of 22
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Token
A token can provide three major advantages when combined with a
password. One is that it can store or generate multiple passwords. This
changes the task of remembering multiple, changing passwords to one of
remembering only the single password needed to access the token: a single
sign-on device. A second advantage is that it provides compromise detection
since its absence is observable (loss of a password is not). The Proceedings
of the IEEE, Vol. 91, No. 12, Dec. 2003, pp. 2019-2040 Proceedings of the
Page 17 of 22
A token can provide three major advantages when combined with a
password. One is that it can store or generate multiple passwords. This
changes the task of remembering multiple, changing passwords to one of
remembering only the single password needed to access the token: a single
sign-on device. A second advantage is that it provides compromise detection
since its absence is observable (loss of a password is not). The Proceedings
of the IEEE, Vol. 91, No. 12, Dec. 2003, pp. 2019-2040 Proceedings of the
Page 17 of 22
IEEE, Dec. 2003 31 third advantage is that it provides added protection
against denial of service attacks. For an account with only a password, an
attacker can enter incorrect passwords for that user until the account locks
out; whereas if combined with token, the attacker cannot just enter incorrect
passwords because he has to steal the token first (presumably a more
difficult task and one requiring physical presence).
The two main disadvantages of a token are inconvenience and cost.
Equipment cost is higher than a password, but comparable to a biometric
that requires a reader. Because of vulnerability to theft, a single-factor token
should only be used in special circumstances, such as behind a first line of
defense (within a house or restricted office building). A token plus biometric
combination has similar security characteristics to a token plus password.
However, this combination is likely to cost more due to two required readers,
and it may be less convenient (the inconvenience of false non-matches for a
biometric versus the inconvenience of remembering a password is a matter
of user preference).
Page 18 of 22
against denial of service attacks. For an account with only a password, an
attacker can enter incorrect passwords for that user until the account locks
out; whereas if combined with token, the attacker cannot just enter incorrect
passwords because he has to steal the token first (presumably a more
difficult task and one requiring physical presence).
The two main disadvantages of a token are inconvenience and cost.
Equipment cost is higher than a password, but comparable to a biometric
that requires a reader. Because of vulnerability to theft, a single-factor token
should only be used in special circumstances, such as behind a first line of
defense (within a house or restricted office building). A token plus biometric
combination has similar security characteristics to a token plus password.
However, this combination is likely to cost more due to two required readers,
and it may be less convenient (the inconvenience of false non-matches for a
biometric versus the inconvenience of remembering a password is a matter
of user preference).
Page 18 of 22
If the user needs only to remember a single password, then the relative
simplicity and (arguably) better security of the token and password
combination is compelling – unless there is a need for non-repudiation.
Biometric
One advantage of a biometric is that it is less easily lent or stolen than the
other authenticators, so it provides a stronger defense against repudiation.
Since stable biometric signals can be stolen and copied (either now or with
higher probability within the lifetime of an implemented system), a biometric
should not be deployed in single factor mode. Furthermore, since biometrics
best operate in verification mode, a good second factor choice is a token that
stores the identity of the user. The use of biometrics should not give the
adopter a false sense of guaranteed non-repudiation. Stable biometric
signals have been forged in the past and will be in the future. So a user may
be able to repudiate a transaction by claiming forgery.
Attempting to address the vulnerability to theft and forgery of the stable
biometric signal, we examined alterable biometric signals employed in a
challenge-response protocol in. In contrast to stable biometric signals, this
authenticator is resistant to forgery and replay. Furthermore, it has the
advantage of providing stronger non-repudiation than for stable biometrics.
The potential downside of this scheme is that the recognition rate for
speaker verification may not be high enough to provide security without
inconveniencing the user by many false non-matches.
Recommendations
1. If it is only one password that you need to remember (congratulations on
your uncomplicated lifestyle!) and you don’t need to protect against
repudiation, then choose a good, high entropy password, memorize it, and
keep it secret. There is no need to encumber yourself with a token or deal
with the cost of biometrics.
2. If you need to remember multiple passwords, a single sign-on approach is
convenient. One option is a token that stores or generates multiple
passcodes in a secure manner and is accessed via a single password. The
token must be secure and available when needed. You also have to perform
the administrative tasks (backup). A single sign-on service is a good option
for corporate access or Internet access. The tradeoff of service versus token
is that the service handles administration for you, but you have some risk
Page 19 of 22
simplicity and (arguably) better security of the token and password
combination is compelling – unless there is a need for non-repudiation.
Biometric
One advantage of a biometric is that it is less easily lent or stolen than the
other authenticators, so it provides a stronger defense against repudiation.
Since stable biometric signals can be stolen and copied (either now or with
higher probability within the lifetime of an implemented system), a biometric
should not be deployed in single factor mode. Furthermore, since biometrics
best operate in verification mode, a good second factor choice is a token that
stores the identity of the user. The use of biometrics should not give the
adopter a false sense of guaranteed non-repudiation. Stable biometric
signals have been forged in the past and will be in the future. So a user may
be able to repudiate a transaction by claiming forgery.
Attempting to address the vulnerability to theft and forgery of the stable
biometric signal, we examined alterable biometric signals employed in a
challenge-response protocol in. In contrast to stable biometric signals, this
authenticator is resistant to forgery and replay. Furthermore, it has the
advantage of providing stronger non-repudiation than for stable biometrics.
The potential downside of this scheme is that the recognition rate for
speaker verification may not be high enough to provide security without
inconveniencing the user by many false non-matches.
Recommendations
1. If it is only one password that you need to remember (congratulations on
your uncomplicated lifestyle!) and you don’t need to protect against
repudiation, then choose a good, high entropy password, memorize it, and
keep it secret. There is no need to encumber yourself with a token or deal
with the cost of biometrics.
2. If you need to remember multiple passwords, a single sign-on approach is
convenient. One option is a token that stores or generates multiple
passcodes in a secure manner and is accessed via a single password. The
token must be secure and available when needed. You also have to perform
the administrative tasks (backup). A single sign-on service is a good option
for corporate access or Internet access. The tradeoff of service versus token
is that the service handles administration for you, but you have some risk
Page 19 of 22
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
that the service may not be secure and may not maintain the privacy of your
authentication information as would a privately maintained token.
3. If you are designing a system where it is critical that the person gaining
access is the authorized person, or where security against repudiation is
desired, then biometrics is a reasonable choice. This should be combined
with a token, such as an ID card with the user’s identity.
4. No matter what the authenticator choice, it should be emphasized that
this is only one component of a full system. The system is only as good as its
weakest defense, and multiple lines of defense are better than one.
Authentication technologies will continue to progress, as will attackers’
technologies. Understand your vulnerabilities, continually monitor for new
threats, and react accordingly.
Summary
We categorize authenticators by three types according to how they provide
security We categorize authenticators by three types according to how they
provide security: knowledge-based, object-based, and ID-based. A
knowledge-based authenticator provides security by secrecy, and examples
are a combination lock and a password. An object-based authenticator
provides security by being closely held, and examples are a metal key and
an ATM card. An ID-based authenticator provides security by uniqueness and
copy-resistance, and examples include a passport and a biometric.
We compare authenticators with respect to potential attacks and other
issues. The attacks include: client and host search attacks, eavesdropping,
theft (including biometric forging), replay, Trojan horse, and denial of
service. Other security issues include: nonrepudiation, compromise
detection, and the administrative issues of registration/enrollment, reset or
compromise recovery, and revocation. Although an appropriate
authentication solution depends upon the particular application, a few
combinations of authenticators are recommended. One is the simple
password, which has very high security – if the user can remember it.
Page 20 of 22
authentication information as would a privately maintained token.
3. If you are designing a system where it is critical that the person gaining
access is the authorized person, or where security against repudiation is
desired, then biometrics is a reasonable choice. This should be combined
with a token, such as an ID card with the user’s identity.
4. No matter what the authenticator choice, it should be emphasized that
this is only one component of a full system. The system is only as good as its
weakest defense, and multiple lines of defense are better than one.
Authentication technologies will continue to progress, as will attackers’
technologies. Understand your vulnerabilities, continually monitor for new
threats, and react accordingly.
Summary
We categorize authenticators by three types according to how they provide
security We categorize authenticators by three types according to how they
provide security: knowledge-based, object-based, and ID-based. A
knowledge-based authenticator provides security by secrecy, and examples
are a combination lock and a password. An object-based authenticator
provides security by being closely held, and examples are a metal key and
an ATM card. An ID-based authenticator provides security by uniqueness and
copy-resistance, and examples include a passport and a biometric.
We compare authenticators with respect to potential attacks and other
issues. The attacks include: client and host search attacks, eavesdropping,
theft (including biometric forging), replay, Trojan horse, and denial of
service. Other security issues include: nonrepudiation, compromise
detection, and the administrative issues of registration/enrollment, reset or
compromise recovery, and revocation. Although an appropriate
authentication solution depends upon the particular application, a few
combinations of authenticators are recommended. One is the simple
password, which has very high security – if the user can remember it.
Page 20 of 22
Another is the token and password combination, especially if the token can
store or generate multiple passwords and act as a personal single sign-on
device. A third is a biometric in combination with a token if non-repudiation
is required, and an alterable biometric signal used in a challenge response
protocol is recommended for the biometric in this case.
References:
1. D. Kahn, The Codebreakers: The Story of Secret Writing, Scribner, New
York,
1996.
2. G. Stocksdale, “NSA glossary of terms used in security and intrusion
detection,” SANS Institute Resources,
http://www.sans.org/newlook/resources/glossary.htm
3. E. Rescorla, “SSL and TLS: Designing and Building Secure Systems,”
Addison- Wesley, Massachusetts, 2000.
4. Federal Information Processing Standards Publication, FIPS-197,
“Specification for the Advanced Encryption Standard”, NIST, Nov, 2001.
http://csrc.nist.gov/encryption/aes/
5. R. Morris, K. Thompson, “Password security: A case history,” Comm. ACM,
Vol. 22, no. 11, Nov. 1979, pp. 594-597.
6. B. L. Riddle, M. S. Miron, J. A. Semo, “Passwords in use in a university
timesharing environment,” Computers and Security, Vol. 8, no. 7, 1989, pp.
569- 579.
Page 21 of 22
store or generate multiple passwords and act as a personal single sign-on
device. A third is a biometric in combination with a token if non-repudiation
is required, and an alterable biometric signal used in a challenge response
protocol is recommended for the biometric in this case.
References:
1. D. Kahn, The Codebreakers: The Story of Secret Writing, Scribner, New
York,
1996.
2. G. Stocksdale, “NSA glossary of terms used in security and intrusion
detection,” SANS Institute Resources,
http://www.sans.org/newlook/resources/glossary.htm
3. E. Rescorla, “SSL and TLS: Designing and Building Secure Systems,”
Addison- Wesley, Massachusetts, 2000.
4. Federal Information Processing Standards Publication, FIPS-197,
“Specification for the Advanced Encryption Standard”, NIST, Nov, 2001.
http://csrc.nist.gov/encryption/aes/
5. R. Morris, K. Thompson, “Password security: A case history,” Comm. ACM,
Vol. 22, no. 11, Nov. 1979, pp. 594-597.
6. B. L. Riddle, M. S. Miron, J. A. Semo, “Passwords in use in a university
timesharing environment,” Computers and Security, Vol. 8, no. 7, 1989, pp.
569- 579.
Page 21 of 22
7. D. L. Jobusch, A. E. Oldehoeft, “A survey of password mechanisms:
Weaknesses and potential improvements,” Computers and Security, Vol. 8,
no. 8, 1989, pp. 675-689.
8. D.C. Feldmeier and P.R. Karn, “UNIX password security – ten years later,”
Advances in Cryptology – CRYPTO ’89 Proceedings, Springer-Verlag, 1990,
pp. 44-63.
9. M. Bishop, D. V. Klein, “Improving system security via proactive password
checking,” Computers and Security, Vol. 14, no. 3, 1995, pp. 233-249.
10. J. Bunnell, J. Podd, R. Henderson, R. Napier, J. Kennedy-Moffat, Cognitive,
associative, and conventional passwords: Recall and guessing rates,”
Computers and Security, Vol. 16, no. 7, 1997, pp. 645-657.
11. S. M. Furnell, P. S. Dowland, H. M. Illingworth, P. L. Reynolds,
“Authentication and supervision: A survey of user attitudes,” Computers and
Security, Vol. 19, no. 6, 2000, pp. 529-539.
12. R. Pond, J. Podd, J. Bunnell, R. Henderson, “Word association computer
passwords: The effect of formulation techniques on recall and guessing
rates,” Computers and Security, Vol. 19, no. 7, 2000, pp. 645-656.
Page 22 of 22
Weaknesses and potential improvements,” Computers and Security, Vol. 8,
no. 8, 1989, pp. 675-689.
8. D.C. Feldmeier and P.R. Karn, “UNIX password security – ten years later,”
Advances in Cryptology – CRYPTO ’89 Proceedings, Springer-Verlag, 1990,
pp. 44-63.
9. M. Bishop, D. V. Klein, “Improving system security via proactive password
checking,” Computers and Security, Vol. 14, no. 3, 1995, pp. 233-249.
10. J. Bunnell, J. Podd, R. Henderson, R. Napier, J. Kennedy-Moffat, Cognitive,
associative, and conventional passwords: Recall and guessing rates,”
Computers and Security, Vol. 16, no. 7, 1997, pp. 645-657.
11. S. M. Furnell, P. S. Dowland, H. M. Illingworth, P. L. Reynolds,
“Authentication and supervision: A survey of user attitudes,” Computers and
Security, Vol. 19, no. 6, 2000, pp. 529-539.
12. R. Pond, J. Podd, J. Bunnell, R. Henderson, “Word association computer
passwords: The effect of formulation techniques on recall and guessing
rates,” Computers and Security, Vol. 19, no. 7, 2000, pp. 645-656.
Page 22 of 22
1 out of 22
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.