For instance, we studied how a dual-factor authentication works when a password generator is used: S - U: N U → P : N,PIN P → U : {N,PIN}x U → S: {N,PIN}x Can you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobile device is involved? please submit 1. a high-level overview of how the protocol would work 2. the description of the protocol using the formal notation

Computer Networking: A Top-Down Approach (7th Edition)
7th Edition
ISBN:9780133594140
Author:James Kurose, Keith Ross
Publisher:James Kurose, Keith Ross
Chapter1: Computer Networks And The Internet
Section: Chapter Questions
Problem R1RQ: What is the difference between a host and an end system? List several different types of end...
icon
Related questions
Question
Protocols
The Dual Factor Authentication
More specifically security protocols
S - U: N
U → P : N,PIN
P → U : {N,PIN}x
U → S: {N,PIN}x
IN, PINIK
N?
**..
"specify the steps that
principals use to establish
trust relationships"
Where
• S: server
• P: password generator
The Case of the Garage
• U: User
• K: encryption K
Trust On First Use (TOFU)
EXIT
EXIT
ENTRANCE
Security module that handles
• Trust software machine
T → G : T, {T,N}KT
• Software tries to find machine ID
Where
• T: token (represented by serial number)
No id then ask the user (e.g. Whatsapp, Smart
TV ...)
G: garage
• N: "unique number"
The Case of the Dual Factor
Pay Pal
a
e
Authentication
Remote Key Management
S - U: N
U → P : N,PIN
P → U : {N,PIN}K
U → S: {N,PIN}K
KDC (A,B)
KDC
N?
Where
Alice KA. KDC (R1, Кв.крс (А,R1))
knows R1
• S: server
• P: password generator
• U: User
KB-KDC (A,R1)
Bob knows R1
• K: encryption K
When do Protocols Fail?
Alice, Bob communicate using shared session key R1
Remote Key Management
(cont'd)
User authentication is heavily based on a
protocol that uses a Password/PIN
Using protocol notation
Eavesdropping
• People looking over your shoulder
• Fake login Webpage
• Devices capturing keystrokes
- Man-in-the-middle attack
A → S: A,B
S → A : {A,B, KAB, T}KAs' {A, B, Kab, T}Kps
A → B : {A,B, KAB, T}Kps+ {M}KaB
The Challenge-Response
• Where T represents the timestamp
Protocol
Needham-Schroeder protocol
E → T: N
10:24
Aud M- Today 10 24 AM
4th St, San Francisco, CA
T → E : T, {T,N}K
Message 1 A → S: A,B,NA
Message 2 S → A : {N4,B,KAB, {KAB,A}kpg }K¼s
Message 3 A — В: (КАВ-А}крs
where
• E is the engine controller
• Tis the transponder
K is the encryption key
Message 4 B → A : {Ng}K
N random challenge
Message 5 A → B : {Ng- 1}KB
In Practice
Kerberos
User is given
access to the
system
Exit
Enter
JUser wants to enter
the system
User is presented
with a challenge
User attempts the Yes
challenge
Developed by MIT
• Network authentication tool
No
A → S : A,B
S → A : {Ts,L, KAB, B, {Ts, L, KAB,A}Kps }Kas
A → B : {Ts,L, KAB, A}Kns+ {A, TA}K,aB
B → A : {TA+1}K,B
surce: https://www.geeksforgeeks.org/challenge-response-authentication-mechanism-cram/
Challenge Response Authentication
Mechanism (CRAM)
- Completely Automated Public Turing Test
Login
Example: Microsoft ActiveDirectory
- Biometric
Transcribed Image Text:Protocols The Dual Factor Authentication More specifically security protocols S - U: N U → P : N,PIN P → U : {N,PIN}x U → S: {N,PIN}x IN, PINIK N? **.. "specify the steps that principals use to establish trust relationships" Where • S: server • P: password generator The Case of the Garage • U: User • K: encryption K Trust On First Use (TOFU) EXIT EXIT ENTRANCE Security module that handles • Trust software machine T → G : T, {T,N}KT • Software tries to find machine ID Where • T: token (represented by serial number) No id then ask the user (e.g. Whatsapp, Smart TV ...) G: garage • N: "unique number" The Case of the Dual Factor Pay Pal a e Authentication Remote Key Management S - U: N U → P : N,PIN P → U : {N,PIN}K U → S: {N,PIN}K KDC (A,B) KDC N? Where Alice KA. KDC (R1, Кв.крс (А,R1)) knows R1 • S: server • P: password generator • U: User KB-KDC (A,R1) Bob knows R1 • K: encryption K When do Protocols Fail? Alice, Bob communicate using shared session key R1 Remote Key Management (cont'd) User authentication is heavily based on a protocol that uses a Password/PIN Using protocol notation Eavesdropping • People looking over your shoulder • Fake login Webpage • Devices capturing keystrokes - Man-in-the-middle attack A → S: A,B S → A : {A,B, KAB, T}KAs' {A, B, Kab, T}Kps A → B : {A,B, KAB, T}Kps+ {M}KaB The Challenge-Response • Where T represents the timestamp Protocol Needham-Schroeder protocol E → T: N 10:24 Aud M- Today 10 24 AM 4th St, San Francisco, CA T → E : T, {T,N}K Message 1 A → S: A,B,NA Message 2 S → A : {N4,B,KAB, {KAB,A}kpg }K¼s Message 3 A — В: (КАВ-А}крs where • E is the engine controller • Tis the transponder K is the encryption key Message 4 B → A : {Ng}K N random challenge Message 5 A → B : {Ng- 1}KB In Practice Kerberos User is given access to the system Exit Enter JUser wants to enter the system User is presented with a challenge User attempts the Yes challenge Developed by MIT • Network authentication tool No A → S : A,B S → A : {Ts,L, KAB, B, {Ts, L, KAB,A}Kps }Kas A → B : {Ts,L, KAB, A}Kns+ {A, TA}K,aB B → A : {TA+1}K,B surce: https://www.geeksforgeeks.org/challenge-response-authentication-mechanism-cram/ Challenge Response Authentication Mechanism (CRAM) - Completely Automated Public Turing Test Login Example: Microsoft ActiveDirectory - Biometric
For instance, we studied how a dual-factor authentication works when a password generator is used:
S → U : N
U → P : N,PIN
P → U : {N,PIN}x
U → S: {N,PIN}K
Can you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobile
device is involved?
please submit
1. a high-level overview of how the protocol would work
2. the description of the protocol using the formal notation
Transcribed Image Text:For instance, we studied how a dual-factor authentication works when a password generator is used: S → U : N U → P : N,PIN P → U : {N,PIN}x U → S: {N,PIN}K Can you modify the set of rules outlined above to describe the protocol of dual-factor authentication when a mobile device is involved? please submit 1. a high-level overview of how the protocol would work 2. the description of the protocol using the formal notation
Expert Solution
trending now

Trending now

This is a popular solution!

steps

Step by step

Solved in 5 steps

Blurred answer
Recommended textbooks for you
Computer Networking: A Top-Down Approach (7th Edi…
Computer Networking: A Top-Down Approach (7th Edi…
Computer Engineering
ISBN:
9780133594140
Author:
James Kurose, Keith Ross
Publisher:
PEARSON
Computer Organization and Design MIPS Edition, Fi…
Computer Organization and Design MIPS Edition, Fi…
Computer Engineering
ISBN:
9780124077263
Author:
David A. Patterson, John L. Hennessy
Publisher:
Elsevier Science
Network+ Guide to Networks (MindTap Course List)
Network+ Guide to Networks (MindTap Course List)
Computer Engineering
ISBN:
9781337569330
Author:
Jill West, Tamara Dean, Jean Andrews
Publisher:
Cengage Learning
Concepts of Database Management
Concepts of Database Management
Computer Engineering
ISBN:
9781337093422
Author:
Joy L. Starks, Philip J. Pratt, Mary Z. Last
Publisher:
Cengage Learning
Prelude to Programming
Prelude to Programming
Computer Engineering
ISBN:
9780133750423
Author:
VENIT, Stewart
Publisher:
Pearson Education
Sc Business Data Communications and Networking, T…
Sc Business Data Communications and Networking, T…
Computer Engineering
ISBN:
9781119368830
Author:
FITZGERALD
Publisher:
WILEY