DOCSLIB.ORG

(TOTP,HOTP,CROTP) to Prevent Replay Attack in RADIUS Protocol

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
(TOTP,HOTP,CROTP) to Prevent Replay Attack in RADIUS Protocol Islamic University of Gaza Deanery of Higher Studies Faculty of Information Technology Information Technology Program Implementing and Comprising of OTP Techniques (TOTP,HOTP,CROTP) to Prevent Replay Attack in RADIUS Protocol Prepared by Amna S.M Abukeshipa Supervised by Dr. Tawfiq SM Barhoom A Thesis Submitted in Partial Fulfillment of the Requirements for the Degree of Master in Information Technology 2014 Dedication To My Loving Parents ,,, To My Dear husband ,,, To My Loving Children ,,, To My Dear Brothers ,,, To My Sincere Sisters,,, To Faithful My Friends ,,, I Acknowledgment Thanks to God, the First and the Last. Many thanks and sincere gratefulness goes to my supervisor Dr Tawfiq SM Barhoom . I am indebted to his support, supervision and guidance. I would like to thank my father, mother, dear husband , brothers and sisters for their support which gave me the strength and enthusiasm during the whole period of this thesis. I am also grateful to Dr. Mayada Mgari , for his help in this thesis , deeply appreciate it. I would like to extend sincere gratitude and appreciation to the people who helped me to accomplish this thesis. I would like to thank all my academic teachers, staff members and colleagues for their support throughout my study in Islamic university . II الملخص أمن الشبكة ىي مسألة في غاية اﻷىمية لممنظمات من أجل حماية البيانات الحساسة الخاصة بيم من المياجمين . عدد من الباحثين وفرت عدد من البروتوكوﻻت اﻻمنية المعتمدة لتعزيز الخصوصية والسرية عبر الشبكات. RADIUS ىي واحدة من البروتوكوﻻت اﻷكثر شعبية المستخدمة في شبكة اﻻتصاﻻت لمصادقة المستخدم . لسوء الحظ، ىناك العديد من نقاط الضعف التي تواجو بروتوكول RADIUS واحدة من نقاط الضعف ىذه ىي مشكمة إعادة اليجوم وىي تحتاج إلى الى تمنع. قدمت البروتوكوﻻت السابقة عدد من التقنيات لمحد من آثار ىجوم اﻻعادة في بروتوكول RADIUS. التقنية OTP ىي واحدة من أىم التقنيات التي تستخدم لتعزيز أمن مصادقة المستخدم في بيئات عديدة ولسد الفجوة المحتممة في أمن الشبكات .مع العديد من التقنيات OTP , مساىمتنا ىي اختيار ثﻻثة تقنيات وىي كممة المرور لمرة واحدة باستخدام الوقت (TOTP)، كممة المرور لمرة واحدة باستخدام التجزئة (HOTP) كممة المرور لمرة واحدة باستخدام التحدي واﻻستجابة (CROTP) ىذا يدفعنا لتقديم ELSBOT نظام التعمم اﻹلكتروني القائم عمى كممة المرور لمرة واحدة لمنع تكرار اليجمات في بروتوكول RADIUS . تقدم ىذه الرسالة مقارنة بين ىذه التقنيات ىذه المقارنة اعتمدت عمى مجموعة من العوامل مثل منع ىجوم اﻻعادة، ، سرعة الخوارزمية، وقت استجابة الخادم .بعد قياس ىذه العوامل من خﻻل ELSBOT لدينا، فقد بينت النتائج أن التقنيات في OTP قد منعت تكرار اليجوم في بيئة RADIUS، وسرعة خوارزمية في تقنية TOTPىو أعمى في حين أن سرعة خوارزمية في تقنية CROTPأعمى من تقنية HOTP، تقنية TOTP ىي اﻷفضل من حيث وقت استجابة الممقم .أخيرا، من منظور أمني، نجد ان TOTP ىو اﻷسموب اﻷكثر أمنا في عممنا ﻷن OTP صالحة لفترة قصيرة، في حين أن CROTP ىو أكثر أمانا من HOTP ﻷن الممقم يتحدانا مع PIN عشوائي في CROTP. ونتوصل الى ان ELSBOT ىو الحل الفعال، حيث يكون أكثر صعوبة لممياجمين الوصول إلى الخادم. III Abstract Network security is a very important issue for organizations in order to protect their sensitive data from attackers. Number of researchers have provided a different security solution supported network protocols to enhance data privacy and confidentiality over networks. RADIUS is one of the most popular protocols used in network communication for user authentication. Unfortunately, there are many vulnerabilities facing the security issue in RADIUS network protocol. One of these vulnerabilities is a replay attack problem which is need to be prevented. The previous protocols have presented number of techniques to reduce the effects of replay attack in RADIUS protocol. One time password (OTP) technique is one of the most important techniques which are used to enhance the security of user authentication in numerous environments and to close the potential gap in network security. With several OTP techniques, our contribution are to chosen three techniques namely Time OTP(TOTP), Hash OTP(HOTP) and Challenge Response OTP (CROTP). This motivates us to present the ELSBOT (E-Learning System Based OTP techniques) for implementing the three OTP techniques to prevent the replay attacks in RADIUS protocol. This thesis presents a comparison between these OTP techniques in the ELSBOT. This comparison considers a set of factors like preventing replay attack, CPU overhead, algorithm speed, server response time and OTP duration. After measuring these factors through our ELSBOT, the results show that the three OTP techniques of ELSBOT prevent the replay attack in RADIUS environment, the CPU overhead at TOTP technique is less than the CPU overhead at HOTP and CROTP techniques, the algorithm speed at TOTP technique is the highest while the algorithm speed at CROTP technique is higher than HOTP technique, the TOTP technique is the best in terms of the server response time. Finally, from security perspective, the authors reach that the TOTP is the most secure technique in our work because its OTP is valid for a short time, while the CROTP is a more secure than HOTP because the server challenges us with the random PIN in the CROTP. The ELSBOT is an efficient overall solution and it will be much more difficult for attackers to reach the ELSBOT server. Keywords: RADIUS protocol , replay attacks ,One Time Password IV List of Tables Table 2.1 Major protocols authentication -7- Table 3.1 Advantage and Disadvantage between techniques -20- Table 4.1 Illustrate the steps of TOTP -24- Table 4.2 Illustrate the steps of CROTP -26- Table 4.3 Illustrate the steps of HOTP -28- Table 4.4 Software Requirement -30- Table 4.5 Replay attack components -49- Table 4.6 Steps or replay attack architecture -51- Table 5.1 User login cases -56- Table 5.2 Server response time in many times -58- Table 5.3 Average response time -59- Table 5.4 Synchronization cases for TOTP -61- Table 5.5 CROTP/HOTP cases -63- Table 5.6 Test replay attack -67- Table 5.7 Comparison analytical for OTP techniques -65- V List of Figures Figures Topics Figure Page Figure 2.1 Security Architecture 5 Figure 2.2 Separate session for each client 7 Figure 2.3 RADIUS Architecture 8 Figure 2.4 RADIUS package 9 Figure 2.5 Authentication Flow 10 Figure 2.6 RADIUS Accounting 10 Figure 2.7 OTP generation 13 Figure 4.1 Functional architecture of ELSBOT 23 Figure 4.2 TOTP architecture 24 Figure 4.3 TOTP flowchart 25 Figure 4.4 CROTP architecture 26 Figure 4.5 CROTP flowchart 27 Figure 4.6 HOTP architecture 28 Figure 4.7 HOTP flowchart 29 Figure 4.8 ELSBOT database 32 Figure 4.9 Sequence diagram for sign in 33 Figure 4.10 Sequence diagram for sign up 34 Figure 4.11 Sequence diagram for OTP generation 35 Figure 4.12 Putty configuration 36 Figure 4.13 Execute radius with command radius-x XAMPP module 37 Figure 4.14 Server witting 37 Figure 4.15 Httpd of LAMP 38 Figure 4.16 Mysql of LAMP 38 Figure 4.17 Start service 38 Figure 4.18 Command ll 39 Figure 4.19 Sing up page 39 Figure 4.20 A secret key example 40 Figure 4.21 Sing in page 40 Figure 4.22 OTP page 40 Figure 4.23 Course page 41 Figure 4.24 Admin page 41 Figure 4.25 OTP application 42 Figure 4.26 TOTP steps 43 Figure 4.27 CROTP steps 45 Figure 4.28 HOTP steps 47 Figure 4.29 Attacker database 48 Figure 4.30 Replay attack architecture 50 Figure 4.31-a User logs to system (TOTP) 52 Figure 4.31-b Attacker implement replay attack 52 Figure 4.32-a User logs to system(CROTP) 53 VI Figure 4.32-b Attacker implement replay attack 53 Figure 4.33-a user logs to system(HOTP) 54 Figure 4.33-b Attacker implement replay attack 54 Figure 5.1 Average response time 59 Figure 5.2 Represent the system process for TOTP 60 Figure 5.3 System algorithms for TOTP 61 Figure 5.5 Code for CROTP/HOTP 63 Figure 5.6 The time is takes in hash process 65 Figure 5.7 CROTP/HOTP Synchronization 65 VII Abbreviations and Acronyms AAA Authentication, Authorization and Accounting ELSBOT E-Learning System Based OTP Techniques. NAS Network Access Server AES Advanced Encryption Standard TDES Triple Data Encryption Standard OTP One-Time Password PKI Public Key Infrastructure RADIUS Remote Authentication Dial In User Service SHA Secure Hash Algorithm TCP Transmission Control Protocol UDP User Datagram Protocol VPN virtual private network IPSec IP Security PRNG pseudorandom number generator EAB Extensible Authentication Protocol PAP Password Authentication Protocol CHAP Challenge-Handshake Protocol DOS Denial of service EKE Encrypted Key Exchange EPPKE Efficient Password-Proven Key Exchange RSA Ron Rivest, Adi Shamir and Leonard Adelman S/Key Secret-key algorithms PSK pre-shared key PAKE password-authenticated key exchange TOTP Time one time password HOTP Hash one time password CROTP The OATH Challenge-Response Algorithm SOAP Simple Object Access Protocol JMS The Java Message Service PIN Personal identify number SMS Short Message Service AS authentication server CIA Confidentiality ,Integrity ,Availability MOE The margin of error VIII List of Contents No. Subject Page Dedication …………………………………………………………………………………………. -I- Acknowledgement …………………………………………………………………………… -II- -III- .…………………………………………………………………………………………… الملخص Abstract ……………………………………………………………………………………………. -IV- List of Tables………………………………………………………………………………………. -V- List of Figures………………………………………………………………………………………. -VII- List of Abbreviations………………………………………………………………………….… -VIII- 1. Chapter 1: Introduction ……………………………………………………………………… -1- 1. 1.1 Statement of the problem ……………………………………………………… -2- 2. 1.2 Objectives ……………………………………………………………………. -2- 3. 1.3 Scope of limitation ……………………………………………………........ -3- 4. 1.4 Thesis structure ……………………………………………………………… -3- 2. Chapter Two: Literature Review …………………………………………………..……… -4- 2.1 Computer Security …………………………………………………………………………… -4- 2.1.1 Goal of Security …………………………………………..……………….. - 4 - 2.1.2 Components of Security ……………………………………………..……… -4- 2.1.3 Security architecture …………………………………………………… -5- 2.1.4 Information Security ………………………………………………………… -5- 2.1.5 Type of attacks ………………………………………………………….
Load more

Recommended publications
  • Ipsec, SSL, Firewall, Wireless Security
    IPSec 1 Outline • Internet Protocol – IPv6 • IPSec – Security Association (SA) – IPSec Base Protocol (AH, ESP) – Encapsulation Mode (transport, tunnel) 2 IPv6 Header • Initial motivation: – 32-bit address space soon to be completely allocated. – Expands addresses to 128 bits • 430,000,000,000,000,000,000 for every square inch of earth’s surface! • Solves IPv4 problem of insufficient address space • Additional motivation: – header format helps speedy processing/forwarding – header changes to facilitate QoS IPv6 datagram format: – fixed-length 40 byte header – no fragmentation allowed 3 IPv6 Header (Cont) Priority: identify priority among datagrams in flow Flow Label: identify datagrams in same “flow.” (concept of“flow” not well defined). Next header: identify upper layer protocol for data 4 Other Changes from IPv4 • Checksum: removed entirely to reduce processing time at each hop • Options: allowed, but outside of header, indicated by “Next Header” field • ICMPv6: new version of ICMP – additional message types, e.g. “Packet Too Big” – multicast group management functions 5 IPv6 Security – IPsec mandated • IPsec is mandated in IPv6 – This means that all implementations (i.e. hosts, routers, etc) must have IPsec capability to be considered as IPv6-conformant • When (If?) IPv6 is in widespread use, this means that IPsec will be installed everywhere – At the moment, IPsec is more common in network devices (routers, etc) than user hosts, but this would change with IPsec • All hosts having IPsec => real end-to-end security possible 6 IPv6 Security • Enough IP addrs for every imaginable device + Real end-to-end security = Ability to securely communicate from anything to anything 7 IPv6 Security – harder to scan networks • With IPv4, it is easy to scan a network – With tools like nmap, can scan a typical subnet in a few minutes see: http://www.insecure.org/nmap/ – Returning list of active hosts and open ports – Many worms also operate by scanning • e.g.
    [Show full text]
  • Formally Analysing a Security Protocol for Replay Attacks
    Formally Analysing a Security Protocol for Replay Attacks Benjamin W. Long School of Information Technology and Electrical Engineering The University of Queensland, 4072, Australia [email protected] Colin J. Fidge School of Software Engineering and Data Communications Queensland University of Technology, 4001, Australia c.fi[email protected] Abstract We are in an age that requires us to follow rigorous devel- opment processes. For example, the Common Criteria [31], The Kerberos-One-Time protocol is a key distribution an international standard for development and evaluation of protocol promoted for use with Javacards to provide secure security systems, requires formal methods to be used in or- communication over the GSM mobile phone network. From der to obtain the highest level of assurance (EAL7). inspection we suspected a replay attack was possible on the In this paper we take advantage of the Object-Z [11] protocol. To check this, we formally specified the proto- specification language and the SAL [9] model checker to col using Object-Z and then analysed its behaviour in the presence of an attacker using the Symbolic Analysis Lab- • present a formal specification of the Kerberos-One- oratory’s model checker. To produce accurate results effi- Time protocol; ciently, our formalism included an abstraction of the pro- • tocol’s data structures that captured just those character- produce the suspected replay attack, thus verifying its istics that we believed made the protocol vulnerable. Ulti- existence; and mately, the model checker’s analysis confirmed our suspi- • prove that a suggested fix will prevent this or similar cions about the protocol’s weakness.
    [Show full text]
  • Key Replay Attack on Improved Bluetooth Encryption
    Key Replay Attack on Improved Bluetooth Encryption Kaarle Ritvanen and Kaisa Nyberg Nokia Research Center Helsinki, Finland fkaarle.ritvanen,[email protected] Abstract— The Bluetooth encryption algorithm E0 is consid- against the EAP-AKA protocol [4] when a Bluetooth link is ered weak, and there are plans to extend the specification so used between the victim devices [5]. that it would support several algorithms. However, this does not Before presenting the details of our attack, some background improve the overall security because an active attacker can set up a previously used encryption key by a replay attack. In this information is covered. Section II reviews the state-of-the-art paper, we show how this vulnerability can be exploited to thwart attacks on E0. The Bluetooth encryption key exchange and any improvement in the encryption method. We also investigate authentication procedures are described in Section III. alternative modifications to the Bluetooth security architecture to overcome this problem. II. ATTACKS ON ENCRYPTION ALGORITHM E0 Index Terms— ACO, Barkan–Biham–Keller attack, Bluetooth, E0, key replay In 1999, Hermelin and Nyberg showed how it is possible to recover the initial state of the LFSRs from 264 consecutive 264 I. INTRODUCTION keystream bits doing a work of [6]. The amount of work has later been reduced to 261 and the required knowledge of Bluetooth is a wireless communications standard intended keystream bits to 250 [7]. These attacks exploit linear correla- to be used in personal area networks. Many handheld devices, tions in the summation combiner. Nevertheless, these attacks such as mobile phones, personal digital assistants and laptop are of theoretical nature since the LFSRs are reinitialized after computers incorporate a Bluetooth radio to enable low-cost each packet and the length of the keystream never exceeds wireless data transmission.
    [Show full text]
  • Attacking NTP's Authenticated Broadcast Mode
    Attacking NTP’s Authenticated Broadcast Mode Aanchal Malhotra Sharon Goldberg Boston University Boston University [email protected] [email protected] ABSTRACT We present an on-path replay attack on authenticated We identify two attacks on the Network Time Protocol (NTP)'s broadcast mode (CVE-2015-7973) that causes the NTP client cryptographically-authenticated broadcast mode. First, we to get stuck at a particular time (Section 3), and an off-path present a replay attack that allows an on-path attacker to denial-of-service attack on authenticated broadcast mode indefinitely stick a broadcast client to a specific time. Sec- (CVE-2015-7979) that also applies to all of NTP's \preempt- ond, we present a denial-of-service (DoS) attack that al- able" and \ephemeral" modes of operation (Section 4). Both lows an off-path attacker to prevent a broadcast client from of these attacks exploit issues in the NTP protocol specifica- ever updating its system clock; to do this, the attacker tion in RFC5905 [11], and have been experimentally verified sends the client a single malformed broadcast packet per on ntpd v4.2.8p3. We conclude by discussing the inherent query interval. Our DoS attack also applies to all other challenges of cryptographically authenticating NTP's broad- NTP modes that are `ephemeral' or `preemptable' (includ- cast mode, and provide several recommendations for the way ing manycast, pool, etc). We then use network measure- forward (Section 6). ments to give evidence that NTP's broadcast and other Disclosure. These results were disclosed on October 7, ephemeral/preemptable modes are being used in the wild.
    [Show full text]
  • Upgrade of Bluetooth Encryption and Key Replay Attack
    Upgrade of Bluetooth Encryption and Key Replay Attack Kaarle Ritvanen and Kaisa Nyberg Nokia Research Center Helsinki, Finland fkaarle.ritvanen,[email protected] Abstract— After adoption of the Advanced Encryption Stan- attack is carried out in the Bluetooth system. The fundamental dard (AES), security systems of many information and com- cause of the problem is that it is possible to replay encryption munication systems are being upgraded to support AES based keys. In Section IV-D, we present our recommendations for the encryption mechanisms. Also within Bluetooth SIG, discussions about replacing the proprietary Bluetooth encryption algorithm counter-measures that would be sufficient to allow a second E0 with a new, possibly AES based algorithm have been initiated. encryption algorithm to be securely taken into use in Bluetooth The purpose of this paper is to show that this action alone does system. not improve the overall security because in the Bluetooth system, It should be noted that recovering encryption keys is not an active attacker can set up a previously used encryption key the only exploit of the possibility for encryption key replay. by a replay attack. We analyze the problem and show that it is possible to overcome it. Finally, we present alternative modifi- For instance, Gauthier presented a key replay attack applicable cations to the Bluetooth Baseband and Profiles specifications to against the EAP-AKA protocol [5] when a Bluetooth link is support secure use of two different encryption algorithms. used between the victim devices [6]. Index Terms— AES, Bluetooth, E0, encryption, key replay Before presenting the details of our attack, some background attack information is covered.
    [Show full text]
  • Beacon Based Authentication
    University of Wollongong Research Online Faculty of Engineering and Information Faculty of Informatics - Papers (Archive) Sciences 1994 Beacon based authentication Azad Jiwa Jennifer Seberry University of Wollongong, [email protected] Yuliang Zheng University of Wollongong, [email protected] Follow this and additional works at: https://ro.uow.edu.au/infopapers Part of the Physical Sciences and Mathematics Commons Recommended Citation Jiwa, Azad; Seberry, Jennifer; and Zheng, Yuliang: Beacon based authentication 1994. https://ro.uow.edu.au/infopapers/1162 Research Online is the open access institutional repository for the University of Wollongong. For further information contact the UOW Library: [email protected] Beacon based authentication Abstract Reliable authentication of communicating entities is essential for achieving security in a distributed computing environment. The design of such systems as Kerberos, SPX and more recently KryptoKnight and Kuperee, have largely been successful in addressing the problem. The common element with these implementations is the need for a trusted thirdparty authentication service. This essentially requires a great deal of trust to be invested in the authentication server which adds a level of complexity and reduces system flexibility. The use of a Beacon to promote trust between communicating parties was first suggested by M. Rabin in "Transactions protected by beacons," Journal of Computer and System Sciences, Vol 27, pp 256-267, 1983. In this paper we revive Rabin's ideas which have been largely overlooked in the past decade. In particular we present a novel approach to the authentication problem based on a service called Beacon which continuously broadcasts certified nonces. eW argue that this approach considerably simplifies the solution ot the authentication problem and we illustrate the impact of such a service by "Beaconizing" the well know Needham and Schroeder protocol.
    [Show full text]
  • Nist Sp 800-77 Rev. 1 Guide to Ipsec Vpns
    NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel Karen Scarfone Paul Wouters This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 C O M P U T E R S E C U R I T Y NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel* Computer Security Division Information Technology Laboratory Karen Scarfone Scarfone Cybersecurity Clifton, VA Paul Wouters Red Hat Toronto, ON, Canada *Former employee; all work for this publication was done while at NIST This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 June 2020 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]
  • Solutions Problem 1. the Ipsec Architecture Documents States That
    Homework 5 - Solutions Problem 1. The IPSec architecture documents states that when two transport mode SA are bundled to allow both AH and ESP protocols on the same end-to-end flow, only one ordering of security protocols seems appropriate: performing the ESP protocol before performing the AH protocol. Why is this approach recommended rather than authentication before encryption? Solution This order of processing facilitates rapid detection and rejection of replayed or bogus packets by the receiver, prior to decrypting the packet, hence potentially reducing the impact of denial of service attacks. It also allows for the possibility of parallel processing of packets at the receiver, i.e., decryption can take place in parallel with authentication. Problem 2. Consider the following threats to web security and describe how each is countered by a particular feature of IPSec. a. Brute force cryptoanalitic attack. An exhaustive search of the key space for a conventional encryption algorithm. b. Known plaintext dictionary. Many messages will have predictable plaintext such as HTTP DET command. An attacker can construct a dictionary containing every possible encryption of the known plaintext message. When an encrypted message is intercepted, the attacker takes the portion containing the encrypted known plaintext and looks up the ciphertext in the dictionary. The ciphertext should match against an entry that was encrypted with the same secret key. This attack is especially effective against small key sizes (e.g. 40-bit keys). c. Replay attack. Earlier SSL handshake messages are replayed. d. Man in the middle. An attacker interposes during key exchange, acting as the client to the server and a server to the client.
    [Show full text]
  • Security Analysis of an Open Car Immobilizer Protocol Stack
    Security Analysis of an Open Car Immobilizer Protocol Stack Stefan Tillich and Marcin W´ojcik University of Bristol, Computer Science Department, Merchant Venturers Building, Woodland Road, BS8 1UB, Bristol, UK {tillich,wojcik}@cs.bris.ac.uk Abstract. An increasing number of embedded security applications| which traditionally have been heavily reliant on secret and/or proprietary solutions|apply the principle of open evaluation. A recent example is the specification of an open security protocol stack for car immobilizer applications by Atmel, which has been presented at ESCAR 2010. This stack is primarily intended to be used in conjunction with automo- tive transponder chips of this manufacturer, but could in principle be deployed on any suitable type of transponder chip. In this paper we re-evaluate the security of this protocol stack. We were able to uncover a number of security vulnerabilities. We show that an attacker with a cheap standard reader close to such a car key can track it, lock sections of its EEPROM, and even render its immobilizer functionality completely useless. After eavesdropping on a genuine run of the authentication pro- tocol between the car key and the car, an attacker is enabled to read and write the memory of the car key. Furthermore, we point out the threats of relay attacks and session hijacking, which require slightly more elaborate attack setups. For each of the indicated attacks we propose possible fixes and discuss their overhead. Keywords: Security, car immobilizer, protocols, openness, analysis. 1 Introduction Embedded security systems like car immobilizers have traditionally relied on proprietary algorithms and protocols where the specifications have been kept confidential.
    [Show full text]
  • A Privacy-Preserving Authentication Protocol for Smart Tags Michael Chih Huong Fong Iowa State University
    Iowa State University Capstones, Theses and Graduate Theses and Dissertations Dissertations 2010 A privacy-preserving authentication protocol for smart tags Michael Chih Huong Fong Iowa State University Follow this and additional works at: https://lib.dr.iastate.edu/etd Part of the Computer Sciences Commons Recommended Citation Fong, Michael Chih Huong, "A privacy-preserving authentication protocol for smart tags" (2010). Graduate Theses and Dissertations. 11648. https://lib.dr.iastate.edu/etd/11648 This Thesis is brought to you for free and open access by the Iowa State University Capstones, Theses and Dissertations at Iowa State University Digital Repository. It has been accepted for inclusion in Graduate Theses and Dissertations by an authorized administrator of Iowa State University Digital Repository. For more information, please contact [email protected]. A privacy-preserving authentication protocol for smart tags by Michael Chih Huong Fong A thesis submitted to the graduate faculty in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE Major: Computer Science Program of Study Committee: Wensheng Zhang, Major Professor Yong Guan Ting Zhang Iowa State University Ames, Iowa 2010 Copyright c Michael Chih Huong Fong, 2010. All rights reserved. ii DEDICATION This thesis is dedicated to my lovely sister Melissa and to my wonderful parents, Joseph and Lilian, who have raised me to be the person I am today. You have been with me every step of the way, through good and bad times. Thank you for all the unconditional love and support that you have always given me and instilling into me that I am capable of doing anything I put my mind into.
    [Show full text]
  • Replay Attack Prevention by Using a Key with Random Number in Kerberos Authentication Protocol
    ISSN(Online) : 2319-8753 ISSN (Print) : 2347-6710 International Journal of Innovative Research in Science, Engineering and Technology (An ISO 3297: 2007 Certified Organization) Vol. 4, Issue 7, July 2015 Replay Attack Prevention by Using a Key with Random Number in Kerberos Authentication Protocol Tanuja Thakur 1, Sachin Dogra2, Yamini Sood 3 P.G. Student, Department of Electronics and Communication Engineering, Sri Sai University, Palampur, H.P, India1 Assistant Professor, Department of Electronics and Communication Engineering, Sri Sai University, Palampur, H.P, India2 Head of Department, Department of Computer Engineering, Sri Sai University, Palampur, H.P, India3 ABSTRACT: Now a day computer networks are growing day by day. With this growth these networks are required to be inter connected with each other which leads to the major usage of internet. Although internet makes accessibility easier for these networks but it decrease data security i.e not acceptable by any user. Hence to increase data security we required strong cryptography in authentication protocol .Kerberos is one of the best window authentication protocols but one of the major drawback of Kerberos is Replay attack. In this attack the intruder replays the same ticket to the application server to use services again and again. Hence we are trying to increase security notations in Kerberos in order to minimize replay attacks. We using a random number generated by TGS. This random number is being used by TGS in a key which is required to encrypt ticket by TGS. KEYWORDS: Authentication, BAN Logic, Kerberos, Replay attacks , TGS. I. INTRODUCTION Authentication Protocol are protocols concerning with security properties e.g.
    [Show full text]
  • EAM: Architecting Efficient Authentication Model for Internet Security Using Image-Based One Time Password Technique
    ISSN (Print) : 0974-6846 Indian Journal of Science and Technology, Vol 9(7), DOI: 10.17485/ijst/2016/v9i7/85017, February 2016 ISSN (Online) : 0974-5645 EAM: Architecting Efficient Authentication Model for Internet Security using Image-Based One Time Password Technique A. Jesudoss1* and N. P. Subramaniam2 1Faculty of Computer Science and Engineering, Sathyabama University, Chennai – 600119, Tamil Nadu, India; [email protected], [email protected] 2Department of EEE, Pondicherry Engineering College, Puducherry – 605014, Tamil Nadu, India; [email protected] Abstract In the era of Internet world, passwords are essential to protect our data and the application. Relying on a simple plaintext password would lead to vulnerability. Apart from choosing strong passwords, the authentication model plays a crucial Objectives: The role in Internet Security by protecting the web applications efficiently from various security attacks. aim of the paper is to provide an Efficient Authentication Model and adopt a new techniqueMethods: in generatingThe One Time a dynamic Password salt from the client. Hence it protects Internet applications from five types of security attacks, namely password-guessing attack, keylogger attack,Findings: replay attack, streaming bots, and screen-capture attacks. between(OTP) based the clientimage-selection and the server. enables The thedependency user to protect on hardware the Internet devices application for authentication from streaming can be completely bots, keyloggers eradicated and screen-capture attacks. The architecture has been designed efficiently to minimize the number of transactions higher levels of security. Application: It is a single solution for multiple security problems with minimal cost and highly by using Efficient Authentication Model (EAM).
    [Show full text]