Module III:

Authentication:
Authentication:
Authentication is the process of determining if a user or identity is who they claim
to be. Authentication is accomplished using something the user knows (e.g.
password), something the user has (e.g. security token) or something of the user
(e.g. biometric).
Authentication enables the network to only admit the authorized users to have
access to its resources. It provides the way where the claimed identifier is
verified by the access control mechanisms through some means.

Authentication Methods:
Passwords :
Passwords are the most popular authentication methods, and all the subjects used them for
multiple services. Authentication with this method is very straight forward and people
perceived it as "secure enough". Subjects were conscious about the length of their
password and security. On the other side looking from the negative point of view this
leads to multiple passwords and it gets hard to remember.

The usability perceptions were consistent with the questionnaire results where people
think passwords are acceptable method of authentication. When asked if they would
consider using weaker passwords on services for mobile devices, which may have limited
input capabilities (for instance a small keypad), most of respondents wouldn't sacrifice
security for usability by having a shorter password.

Tokens:
All the subjects used tokens in some form, either through paper tabels (for altinn), key
generators (for BankID) or through SMS (altinn, skandiabanken). The subjects perceived
tokens as secure and with high usability. Two subjects were skeptical regarding token
generators integrated in phones because of grouping too many services into one device.

Location:
The subjects were positive to the usability aspect, as location tracking happens without
user input. However some expressed concerns about privacy issues, and it is perceived a
bit too complicated at this stage. Maybe if the subjects were more familiar with this
technology we could go more in depth with this discussion.

Biometrics:
Most of the subjects liked the aspect of quick login, but are conscious about the risk of
data loss. Data loss is perceived bad because it contain sensitive information about
themselves, not necessarily because of practical issues such as the fact that one is unable
to change biometric factors, but a general impression of that loosing private data is bad
and should be avoided. Face recognition was also considered as more negative because of
giving away too much information about one self.

Fingerprint is still the one most preferred biometrical method, as it was in the
questionnaire results. Some users have experience with it, although these ranged from
very positive to poor, as result of the methods functionality. All the subjects had some
ideas of fingerprint, and other than privacy issues

Message digest:
A message digest (also known as a cryptographic checksum or cryptographic
hashcode) is nothing more than a number - a special number that is effectively a
hashcode produced by a function that is very difficult to reverse.
A message digest is also a hash function. It takes a variable length input - often an
entire disk file - and reduces it to a small value (typically 128 to 512 bits). Give it the
same input, and it always produces the same output. And, because the output is very
much smaller than the potential input, for at least one of the output values there must
be more than one input value that can produce it; we would expect that to be true for
all possible output values for a good message digest algorithm.
A simple hash function takes some input, usually of indefinite length, and produces a
small number that is significantly shorter than the input. The function is many to one,
in that many (possibly infinite) inputs may generate the same output value.

 The function is also deterministic in that the same output value is always generated
for identical inputs. Hash functions are often used in mechanisms that require fast
lookup for various inputs, such as symbol tables in compilers and spelling checkers.

Digital signatures:

A digital signature is (most often) a message digest encrypted with someone's private
key to certify the contents. This process of encryption is called signing. Digital
signatures can perform two different functions, both very important to the security of
your system:

Integrity - A digital signature indicates whether a file or a message has been

modified.

Authentication - A digital signature makes possible mathematically verifying the

name of the person who signed the message.

A third function that is quite valuable in some contexts is called non-repudiation.

Non-repudiation means that after you have signed and sent a message, you cannot
later claim that you did not sign the original message. You cannot repudiate your
signature, because the message was signed with your private key

Digital signature algorithm:

DSA Parameters:
A DSA digital signature is computed using a set of domain
parameters, a private key x, a per message secret number k, data
to be signed, and a hash function. A digital signature is verified
using the same domain parameters, a public key y that is
mathematically associated with the private key x used to generate
the digital signature, data to be verified, and the same hash
function that was used during signature generation. These
parameters are defined as follows:
p

a prime modulus, where 2L1 < p < 2L, and L is the bit length of p.

q
a prime divisor of (p 1), where 2N1 < q < 2 N, and N is the bit length
of q.
g
a generator of the subgroup of order q mod p, such that 1 < g < p.
x
the private key that must remain secret; x is a randomly or pseudo
randomly generated
integer, such that 0 < x < q, i.e., x is in the range [1, q1].

y
the public key, where y = gx mod p.
k
a secret number that is unique to each message; k is a randomly or
pseudo randomly
generated integer, such that 0 < k < q, i.e., k is in the range [1, q1].

Digital Signature Standards(DSS):

This Standard defines methods for digital signature generation that can be
used for the protection of binary data (commonly called a message), and
for the verification and validation of those digital signatures. Three
techniques are approved.
(1) The Digital Signature Algorithm (DSA) is specified in this Standard. The
specification
includes criteria for the generation of domain parameters, for the
generation of public and
private key pairs, and for the generation and verification of digital
signatures.
(2) The RSA digital signature algorithm is specified in American National
Standard (ANS)
X9.31 and Public Key Cryptography Standard (PKCS) #1. FIPS 186-3
approves the use
of implementations of either or both of these standards, but specifies
additional
requirements.
(3) The Elliptic Curve Digital Signature Algorithm (ECDSA) is specified in
ANS X9.62.
FIPS 186-3 approves the use of ECDSA, but specifies additional
requirements.
Recommended elliptic curves for Federal Government use are provided
herein.

This Standard includes requirements for obtaining the assurances

necessary for valid digital
Signatures.

E mail Security:
Secure Email Services:
Confidentiality
Message Integrity
Sender Authentication

Security mechanisims:

Detached signature
Leaves the original message untouched
Signature can be transmitted/stored separately
Message can still be used without the security software

Signed message
Signature is always included with the data.

Pretty Good Privacy: (PGP)

Pretty Good Privacy was originally developed by Phillip Zimmerman to provide a
means of secure communication in an insecure electronic environment. Pretty Good
is an understatement the framework it is based on, PKI (Public Key Infrastructure)
and its encryption standards (it can use Diffie-Helman or RSA algorithms of varying
strengths),have been subjected to rigorous cryptanalysis.

Working of PGP:
When someone starts using PGP, they generate a Key Pair. These are really just text
files that look like gibberish to a human. The keys can be created at various levels of
strength 512, 1024, or 2048 bit strengths are used. The higher the number, the
stronger the encryption value of the key. One key of the pair is the Private key this
key should always be kept safe and never given to anyone. The other key is the public
key this keyshould be given to as many people as possible.
Uses of PGP:
The most commonly used aspect of PGP is the signing and encryption of email or
files. Signing a document is a way of verifying the integrity of the original work.
Themethod is as follows:

1. Make a digest or hash of the file or email. A hash is an algorithm that

produces (theoretically) a unique output (the hash) from a given input (the
message).
2. Add the hash to the end of the message.
3. When someone wants to verify that the message has not been modified, they
run the hash algorithm on the message and compare it to the hash at the end of
the message. If the signatures match, the message has not been altered.
Example:
This is demonstrated in the following example:
The hash algorithm: take every third letter of the message (ignore punctuation),and
convert the letter to a number (a=1, b=2z=26). Add the numbers together.
The message:
Hello, This is a sample message to demonstrate signatures.
The hash algorithm in progress:
Hello, This is a sample message to demonstrate
signatures.
12 +20 +19 +1 +13 +5 +19 +7 +15 +13 +19 +1 +19 +14 +21
+19
= 217 (therefore the hash value is 217)

 The message after adding the hash value becomes:

Hello, This is a sample message to demonstrate signatures.
Hash value: 360
If the message is altered, the hash value will not be the same.
Altered message:
Hello, This is an altered message to demonstrate signatures.
Creates a new hash:
Hello, This is an altered message to demonstrate
signatures.
12 +20 +19 +1 +12 +18 +13 +19 +5 +4 +15 +20 +20 +9 +1
+18

= 206 (therefore the hash value is 206)

Since the hashes are not equal, the message has been altered.
Actual hashing algorithms are much more complex. Additionally, the hashing
algorithm is used in conjunction with the users private key in such a way that the
signature is unique.

That is, if different people (thus different private keys) signed the
same email, the signatures would be different. Then the public key of the key pair is used to
compare the hash created by the private key, and if the hashes match, then two things
are assured:
1) The message has not been modified since signing
2) the signature was not be forged.