• active token

• authentication database

• authentication factors

• average attack space

• base secret

• challenge-response token

• character set

• credential

• cryptographic building block

• cryptographic function

• cryptographic randomness

• diceware

• dictionary attack

• digest authentication

• entropy

• extreme threat

• hash value

• keystroke logger

• low-hanging fruit

• lower bound

• nonce

• offline attack

• one-time password token

• one-way hash

• passive token

• passphrase

• password cracking

• password manager

• procedure diagram

• process diagram

• random

• search space

• shoulder surfing

• smart card

• sniff

• social engineering

• strong threat

• three-factor authentication

• two-factor authentication

• upper bound

• weak threat

• work factor

• ASCII—American Standard Code for Information Interchange

• ATM—automated teller machine

• DES—Data Encryption Standard

• EFF—Electronic Frontier Foundation

• FAR—false acceptance rate

• FRR—false rejection rate

• MD5—Message Digest 5

• NFC—near-field communication

• PIN—personal identification number

• PRNG—pseudorandom number generator

• QR—Quick Response

• RFID—radio frequency identification

• SHA-x—Secure Hash Algorithm, x is version or bit size

• SIM—subscriber identity module

• SMS—short message service

• SS7—Signaling System 7

1. R1.     Explain the difference between authentication and authorization.

2. R2.     Describe the general steps taken during the authentication process.

3. R3.     Identify and describe the three basic authentication factors.

4. R4.     Explain the role of hard to forge information in authentication. Give examples of such information.

5. R5.     Describe the type of authentication environment examined in this chapter.

6. R6.     Explain the differences between the three levels of threat described in this chapter.

7. R7.     Describe the five basic attacks on authentication systems.

8. R8.     Describe how password hashing works.

9. R9.     Why can’t an attacker masquerade by using a hashed password?

10. R10.   Describe a way to sniff passwords.

11. R11.   Describe a way to limit trial-and-error guessing.

12. R12.   Why might it improve security to make users change passwords periodically? What problems arise when passwords are changed periodically?

13. R13.   Describe the operation of an offline attack on password hashes.

14. R14.   How do we calculate the search space in variable-length passwords given the maximum length and the number of characters in the character set?

15. R15.   Explain the difference between “real” random number generators and “pseudo” random number generators.

16. R16.   Explain how a dictionary attack works.

17. R17.   Describe some biases that cause passwords to be more vulnerable to attack than they might be if they were completely random.

18. R18.   Describe how to perform an average attack space calculation.

19. R19.   Explain the difference between active and passive tokens.

20. R20.   Describe how one-time password tokens determine the next password to use.

21. R21.   Explain how challenge-response authentication works.

22. R22.   For each of the three authentication factors, give an example of how it is used to unlock a smartphone.

23. R23.   Describe the process of performing biometric authentication.

24. R24.   Describe FAR and FRR.

25. R25.   How do you calculate the average attack space for a biometric?

26. R26.   Explain how biometric systems are vulnerable to the five generic attacks on authentication systems.

27. R27.   Summarize risks associated with weak versus strong threats.

28. R28.   Explain how the physical location of a system affects its authentication security policy in the face of weak threats.

1. E1.     Calculate the search space for passwords in the following situations:

   1. Exactly seven characters long, chosen from uppercase and lowercase letters and digits.

   2. Seven characters or shorter, chosen from the printable ASCII character set.

   3. Exactly 14 characters long, mixed-case letters only.

   4. 14 characters or shorter, mixed-case letters only.

2. E2.     Some password systems set a minimum length for passwords. We want to compare two systems in which the maximum password length is 16 characters, and passwords may contain any printable ASCII characters. One system allows passwords to be any length, while the other requires passwords to be at least eight characters long. Calculate the search space for these two systems. (Hint: One system reduced the search space because they subtracted a collection of passwords from the range of possibilities. What is the search space of the subtracted passwords?)

Exercises E3–E8 describe authentication techniques and the populations that use them. Calculate the average attack space for each.

1. E3.     SBoondock Bank has an ATM with six-digit PINs. Until a year ago, all PINs were randomly assigned. Since then, an “account representative” explains the PIN process to each new customer and helps them choose a PIN. The rep says to pick a date, because they’re easy to remember. Now 25 percent of all PINs are 6-digit dates.

2. E4.     People at Barkley Corporation get to choose their own passwords. To help, there is a password choosing program that picks the password randomly from a list of 23,000 words. 60 percent of the users use this procedure.

3. E5.     People at Foonly Corporation have a password selection program like the one in Exercise E4, but users must make passwords out of TWO words randomly chosen from the list. Assume that 60 percent of the Foonly users use this program.

4. E6.     Marsha’s company has a token-based system with 64-bit base secrets stored inside each token, yielding 1.84 x 10¹⁹ possible secrets. Everyone in the company (100 percent) has that kind of token.

5. E7.     Joe’s company has installed fingerprint sensors for logging in. The company is proud of the “proven” 99.9 percent accuracy of these machines. Everyone (100 percent) in the company uses them for logging in.

6. E8.     Sam’s company has installed fingerprint sensors that use an elaborate new matching technique. They can adjust the system’s overall sensitivity to balance FAR and FRR to tolerable levels. After a lot of adjusting, the FAR is now 0.0003 though the FRR is 0.08. People find this tolerable.

7. E9.     Some vendors required users to enter a PIN when using a challenge-response token. Redraw the diagram in Figure 6.16 to show how the calculation could incorporate a PIN.

8. E10.   Draw a diagram showing how a computer might authenticate a user who uses a challenge-response token. Be sure to show the output of the challenge, the input of the response, and the incorporation of the base secret. Assume that the process uses a one-way hash.

9. E11.   Review news reports from a specific data breach. Choose a breach for which plausible news reports have identified how the attack occurred and have identified the likely attacker. This could be a group project in which individuals work on different reports. Complete the following reports:

   1. Write a threat agent profile of the likely attacker.

   2. Write an attack scenario for the data breach.

   3. Write an attack case study about the data breach.

10. E12.   Following the background information provided for Alice’s threat assessment and policy development earlier in the text, do the following:

    1. Make a list of specific authentication threats Alice might face.

    2. Make a list of specific authentication risks Alice might face. For each risk, note if it applies to weak threats, strong threats, or both.

11. E13.   Based on your answer to Exercise E12, develop an authentication policy for Alice, assuming she faces weak authentication threats at home.

12. E14.   Based on your answer to Exercise E12, develop an authentication policy for Alice, assuming she faces weak authentication threats at work.

13. E15.   Based on your answer to Exercise E12, develop a complete authentication policy for Alice, assuming she faces strong authentication threats and will use passwords alone for authentication.

14. E16.   Based on your answer to Exercise E12, develop a complete authentication policy for Alice, assuming she faces strong authentication threats and will use a password and token.

15. E17.   Based on your answer to Exercise E12, develop a complete authentication policy for Alice, assuming she faces strong authentication threats, and will use a password and biometric.

16. E18.   Review news reports of cyber attacks. Identify a cyber attack that relied on masquerade to succeed. Write an attack case study about that attack. Be sure to explain how the masquerade was supposed to work and whether or not it succeeded.

17. E19.   The Unix password system incorporates “salt” to reduce the risk of dictionary attacks. The salt is a nonce. When the password is created, the hash is computed from the password text concatenated with the nonce. Both the nonce and the hashed password are stored as the user’s base secret. Draw a diagram to show how the nonce and password would be used to check a text password for correctness.

18. E20.   Our smartphone contains a copy of SecurID software that allows us to generate one-time passwords for the company server. We keep the smartphone locked to protect the SecurID software from misuse. We unlock the smartphone with our fingerprint.

    Draw a diagram showing the smartphone and the company server. Show the server’s authentication system and trust boundary. Within the smartphone, show the following components:

    • ■   Fingerprint reader

    • ■   Phone unlocking software

    • ■   SecurID software

    Show the correct trust boundary around the smartphone’s components. Show where both the fingerprint credential and SecurID credential travel, relative to the trust boundaries, in order to unlock the phone and authenticate to the company server.

19. E21.   We will apply the EFF’s password selection strategy using five standard six-sided dice.

    1. Calculate the search space of a password produced by a single roll of the five dice.

    2. To produce really strong passwords, we roll the five dice multiple times to produce a series of words. If we roll the group of dice six (6) times in a row to select a password, how large does the search space become?

    3. What is the size in bits of the search space calculated in b? Use the decimal to binary conversion approximation 10³ = 2¹⁰. Calculate this binary value in scientific notation; it should be larger than the answer in b.