Access Control

School of CSE 1
User Authentication
Three types of user authentication
1. Something You Know
2. Something You Have
3. Something You Are

School of CSE 2
 Access Control
• Two parts to access control…
• Authentication: Are you who you say you are?
– Determine whether access is allowed or not
– Authenticate human to machine
– Or, possibly, machine to machine
• Authorization: Are you allowed to do that?
– Once you have access, what can you do?
– Enforces limits on actions
• Note: “access control” often used as synonym
for authorization

School of CSE 3
 Are You Who You Say You Are?

• Authenticate a human to a machine?

• Can be based on…
– Something you know
• For example, a password
– Something you have
• For example, a smartcard
– Something you are
• For example, your fingerprint

School of CSE 4
 Something You Know

• Passwords
• Lots of things act as passwords!
– PIN
– Social security number
– Mother’s maiden name
– Date of birth
– Name of your pet, etc.

School of CSE 5
 Trouble with Passwords
• “Passwords are one of the biggest practical
problems facing security engineers today.”
• “Humans are incapable of securely storing high-
quality cryptographic keys, and they have
unacceptable speed and accuracy when
performing cryptographic operations. (They are
also large, expensive to maintain, difficult to
manage, and they pollute the environment. It is
astonishing that these devices continue to be
manufactured and deployed.)”

School of CSE 6
 Why Passwords?

• Why is “something you know” more

popular than “something you have” and
“something you are”?
• Cost: passwords are free
• Convenience: easier for sysadmin to
reset pwd than to issue a new thumb

School of CSE 7
 Keys vs Passwords

• Crypto keys • Passwords

• Spse key is 64 bits • Spse passwords are 8
characters, and 256
• Then 264 keys different characters
• Choose key at • Then 2568 = 264 pwds
random… • Users do not select
• …then attacker must passwords at random
try about 263 keys • Attacker has far less
than 263 pwds to try
(dictionary attack)
School of CSE 8
 Good and Bad Passwords

• Bad passwords • Good Passwords?

– frank – jfIej,43j-EmmL+y
– Fido – 09864376537263
– Password – P0kem0N
– incorrect – FSa7Yago
– Pikachu
– 0nceuP0nAt1m8
– 102560
– PokeGCTall150
– AustinStamp

School of CSE 9
 Password Experiment
• Three groups of users  each group
advised to select passwords as follows
– Group A: At least 6 chars, 1 non-letter
winner 
– Group B: Password based on passphrase
– Group C: 8 random characters
• Results
– Group A: About 30% of pwds easy to crack
– Group B: About 10% cracked
• Passwords easy to remember
– Group C: About 10% cracked
• Passwords hard to remember

School of CSE 10
 Password Experiment

• User compliance hard to achieve

• In each case, 1/3rd did not comply
– And about 1/3rd of those easy to crack!
• Assigned passwords sometimes best
• If passwords not assigned, best advice is…
– Choose passwords based on passphrase
– Use pwd cracking tool to test for weak pwds
• Require periodic password changes?

School of CSE 11
 Attacks on Passwords

• Attacker could…
– Target one particular account
– Target any account on system
– Target any account on any system
– Attempt denial of service (DoS) attack
• Common attack path
– Outsider  normal user  administrator
– May only require one weak password!

School of CSE 12
 Password Retry

• Suppose system locks after 3 bad

passwords. How long should it lock?
– 5 seconds
– 5 minutes
– Until SA restores service
• What are +’s and -’s of each?

School of CSE 13
 Password File?
• Bad idea to store passwords in a file
• But we need to verify passwords
• Solution? Hash passwords
– Store y = h(password)
– Can verify entered password by hashing
– If Trudy obtains the password file, she
does not (directly) obtain passwords
• But Trudy can try a forward search
– Guess x and check whether y = h(x)

School of CSE 14
 Dictionary Attack

• Trudy pre-computes h(x) for all x in a

dictionary of common passwords
• Suppose Trudy gets access to password file
containing hashed passwords
– She only needs to compare hashes to her pre-
computed dictionary
– After one-time work of computing hashes in
dictionary, actual attack is trivial
• Can we prevent this forward search attack?
Or at least make it more difficult?

School of CSE 15
 Salt

• Hash password with salt

• Choose random salt s and compute
y = h(password, s)
and store (s,y) in the password file
• Note that the salt s is not secret
– Analogous to IV
• Still easy to verify salted password
• But lots more work for Trudy
– Why?

School of CSE 16
Password based Authentication

Security of Hash Algorithms

School of CSE 17
Password based Authentication

School of CSE 18
 Math of Password Cracking
• Assumptions:
• Pwds are 8 chars, 128 choices per character
• Then 1288 = 256 possible passwords
• There is a password file with 210 pwds
• Attacker has dictionary of 220 common pwds
• Probability 1/4 that password is in dictionary
• Work is measured by number of hashes

School of CSE 19
 Math of Password Cracking: Case 1
• Attack 1 specific password without using a dictionary
• E.g., administrator’s password
• Must try 256/2 = 255 on average
• Like exhaustive key search
• Does salt help in this case?

School of CSE 20
 Math of Password Cracking: Case 2
• Attack 1 specific password with dictionary
• With salt
• Expected work: 1/4 (219) + 3/4 (255) ≈ 254.6
• In practice, try all pwds in dictionary…
• …then work is at most 220 and probability of
success is 1/4
• What if no salt is used?
• One-time work to compute dictionary: 220
• Expected work is of same order as above
• But with precomputed dictionary hashes, the “in
practice” attack is essentially free…
School of CSE 21
 Math of Password Cracking: Case 3
• Any of 1024 pwds in file, without dictionary
• Assume all 210 passwords are distinct
• Need 255 comparisons before expect to find pwd
• If no salt is used
• Each computed hash yields 210 comparisons
• So expected work (hashes) is 255/210 = 245
• If salt is used
• Expected work is 255
• Each comparison requires a hash computation

School of CSE 22
 Math of Password Cracking: Case 4
• Any of 1024 pwds in file, with dictionary
• Prob. one or more pwd in dict.: 1 – (3/4)1024 ≈ 1
• So, we ignore case where no pwd is in dictionary
• If salt is used, expected work less than 222
• Work ≈ size of dictionary / P(pwd in dictionary)
• What if no salt is used?
• If dictionary hashes not precomputed, work is
about 219/210 = 29

School of CSE 23
 Other Password Issues
• Too many passwords to remember
– Results in password reuse
– Why is this a problem?
• Who suffers from bad password?
– Login password vs ATM PIN
• Failure to change default passwords
• Social engineering
• Error logs may contain “almost” passwords
• Bugs, keystroke logging, spyware, etc.

School of CSE 24
 Passwords
• The bottom line…
• Password attacks are too easy
– Often, one weak password will break security
– Users choose bad passwords
– Social engineering attacks, etc.
• Trudy has (almost) all of the advantages
• All of the math favors bad guys
• Passwords are a BIG security problem
– And will continue to be a problem

School of CSE 25
 Password Cracking Tools
• Popular password cracking tools
– Password Crackers
– Password Portal
– L0phtCrack and LC4 (Windows)
– John the Ripper (Unix)
• Admins should use these tools to test for
weak passwords since attackers will
• Good articles on password cracking
– Passwords - Conerstone of Computer Security
– Passwords revealed by sweet deal

School of CSE 26
Biometrics

School of CSE 27
 Something You Are
• Biometric
– “You are your key”  Schneier
 Examples
o Fingerprint
o Handwritten signature Are
o Facial recognition
Know Have
o Speech recognition
o Gait (walking) recognition
o “Digital doggie” (odor recognition)
o Many more!

School of CSE 28
 Why Biometrics?

• May be better than passwords

• But, cheap and reliable biometrics needed
– Today, an active area of research
• Biometrics are used in security today
– Thumbprint mouse
– Palm print for secure entry
– Fingerprint to unlock car door, etc.
• But biometrics not really that popular
– Has not lived up to its promise/hype (yet?)

School of CSE 29
 Ideal Biometric
• Universal  applies to (almost) everyone
– In reality, no biometric applies to everyone
• Distinguishing  distinguish with certainty
– In reality, cannot hope for 100% certainty
• Permanent  physical characteristic being
measured never changes
– In reality, OK if it to remains valid for long time
• Collectable  easy to collect required data
– Depends on whether subjects are cooperative
• Also, safe, user-friendly, and ???

School of CSE 30
 Identification vs Authentication
• Identification  Who goes there?
– Compare one-to-many
– Example: FBI fingerprint database
• Authentication  Are you who you say you are?
– Compare one-to-one
– Example: Thumbprint mouse
• Identification problem is more difficult
– More “random” matches since more comparisons
• We are (mostly) interested in authentication

School of CSE 31
 Enrollment vs Recognition
• Enrollment phase
– Subject’s biometric info put into database
– Must carefully measure the required info
– OK if slow and repeated measurement needed
– Must be very precise
– May be a weak point in real-world use
• Recognition phase
– Biometric detection, when used in practice
– Must be quick and simple
– But must be reasonably accurate

School of CSE 32
 Something You Have

• Something in your possession

• Examples include following…
– Car key
– Laptop computer (or MAC address)
– Password generator (next)
– ATM card, smartcard, etc.

School of CSE 33
 Password Generator
1. “I’m Alice”
3. PIN, R
2. R
4. h(K,R)
password
generator 5. h(K,R)
K Alice Bob, K

• Alice receives random “challenge” R from Bob

• Alice enters PIN and R in password generator
• Password generator hashes symmetric key K with R
• Alice sends “response” h(K,R) back to Bob
• Bob verifies response
• Note: Alice has pwd generator and knows PIN

School of CSE 34
 2-factor Authentication
• Requires any 2 out of 3 of
o Something you know
o Something you have
o Something you are
• Examples
– ATM: Card and PIN
– Credit card: Card and signature
– Password generator: Device and PIN
– Smartcard with password/PIN

School of CSE 35
 Single Sign-on

• A hassle to enter password(s) repeatedly

– Alice would like to authenticate only once
– “Credentials” stay with Alice wherever she goes
– Subsequent authentications transparent to Alice
• Kerberos  a single sign-on protocol
• Single sign-on for the Internet?
– Microsoft: Passport
– Everybody else: Liberty Alliance
– Security Assertion Markup Language (SAML)

School of CSE 36
 Web Cookies

• Cookie is provided by a Website and stored on

user’s machine
• Cookie indexes a database at Website
• Cookies maintain state across sessions
– Web uses a stateless protocol: HTTP
– Cookies also maintain state within a session
• Sorta like a single sign-on for a website
– But, very, very weak form of authentication
• Cookies also create privacy concerns
School of CSE 37