Entity Authentication and Symmetric Key Establishment - Bart Preneel

Entity Authentication and Symmetric Key Establishment, by Bart Preneel Authentication methods are based on something known, owned, biometric, location or evidence of trusted third party authentication. + A password is a case of something known. Passwords are a vulnerable, but cheap and convenient way of authenticating an entity. Several techniques to augment their effectiveness are in use including challenge-response and one-time passwords. + Secure devices such as smart cards and USB tokens often combine the 'owned' with the 'known', since secret keys are locked in the token with a password or PIN code. However, within the broad category of secure tokens, trustworthiness is variable, depending on whether keys can be extracted, passwords can be eavesdropped or the device can be tampered with. + Biometry identifies a person via physical characteristics. + Location is often used as the sole authentication factor, but is insecure given the relative ease of spoofing IP or MAC addresses. + Multi-factor authentication is stronger than single-factor. + The Kerberos protocol uses a key distribution-based authentication server. Service consumers must authenticate with a central server to obtain a secret session key with service providers. Such schemes require a single sign-on to access servers across a trust domain. While public key cryptography is well suited to entity authentication, performance constraints often mandate a symmetric algorithm for encrypting data passed between systems. Key establishment should be linked to authentication, so that a party has assurances that a key is only shared with the authenticated party. The Diffie-Hellman key agreement protocol underlies a host of current technologies such as STS (Station-to-Station protocol) and IKE. Learning objectives Gain insight into + entity authentication protocols, + the benefits and limitations of authentication factors, + key establishment protocols, + why and how to use authentication servers. This lecture was delivered by Bart Preneel in Leuven on Tuesday February 11th at SecAppDev 2014. Professor Bart Preneel heads the COSIC (COmputer Security and Industrial Cryptography) research group at KU Leuven. His main research area is information security with a focus on cryptographic algorithms and protocols as well as their applications to both computer and network security, and mobile communications. He teaches cryptology, network security and coding theory at the KU Leuven and was visiting professor at the Ruhr Universitaet Bochum (Germany), the T.U.Graz (Austria), the University of Bergen (Norway), and the Universiteit Gent (Belgium). In '93-'94 he was a research fellow at the University of California at Berkeley. He has taught intensive courses around the world. He undertakes industrial consulting (Mastercard International, S.W.I.F.T., Proton World International,...), and participates in the work of ISO/IEC JTC1/SC27/WG2. Professor Preneel is Vice President of the International Association for Cryptologic Research (IACR) and co-founder and chairman of LSEC vzw (Leuven Security Excellence Consortium).