UNIT –III AUTHENTICATION, INTEGRITY AND ACCESS CONTROL

3.1 SECURE HASH FUNCTION

The one-way hash function, or secure hash function, is important not only in message authentication
but also in digital signatures.
Simple Hash Functions All hash functions operate using the following general principles. The input
(message, file, etc.) is viewed as a sequence of n-bit blocks. The input is processed one block at a time
in an iterative fashion to produce an n-bit hash function. One of the simplest hash functions is the bit-
by-bit exclusive-OR (XOR) of every block. This can be expressed as follows:

Figure 3.1 illustrates this operation; it produces a simple parity for each bit position and is known as a
longitudinal redundancy check. It is reasonably effective for random data as a data integrity check.
Each n-bit hash value is equally likely. Thus, the probability that a data error will result in an
unchanged hash value is 2-n. With more predictably formatted data, the function is less effective. For
example, in most normal text files, the high-order bit of each octet is always zero. So if a 128-bit hash
value is used, instead of an effectiveness of 2-128, the hash function on this type of data has an
effectiveness of 2-112.

FIG 3.1 Simple Hash Function Using Bitwise XOR

Step 4: Process message in 1024-bit (128-word) blocks.
Step 5: Output. After all N 1024-bit blocks have been processed, the output from the Nth stage is the
512-bit message digest.
SHA-3
SHA-2, particularly the 512-bit version, would appear to provide unassailable security. However,
SHA-2 shares the same structure and mathematical operations as its predecessors, and this is a cause
for concern. Because it would take years to find a suitable replacement for SHA-2, should it become
vulnerable, NIST announced in 2007 a competition to produce the next generation NIST hash
function, to be called SHA-3. The basic requirements that must be satisfied by any candidate for
SHA-3 are the following: 1. It must be possible to replace SHA-2 with SHA-3 in any application by a
simple drop-in substitution. Therefore, SHA-3 must support hash value lengths of 224, 256, 384, and
512 bits. 2. SHA-3 must preserve the online nature of SHA-2. That is, the algorithm must process
comparatively small blocks (512 or 1024 bits) at a time instead of requiring that the entire message be
buffered in memory before processing it.

3.2 HMAC

HMAC Algorithm

Figure 3.2 the overall operation of HMAC. Define the following terms
 Fig 3.2 HMAC Structure

Security of HMAC
3.3 Electronic User Authentication Principles
• NIST SP 800-63-2 defines EUA as: the process of establishing confidence in user identity
that are electronically presented
• The NIST SP 800-63-2 model
– User applies to registration authority (RA) and becomes a subscriber of a
credential service provider (CSP)
– RA is a trusted entity
– The CSP exchanges with the subscriber
– The credential (a data structure) binds an identity to a token possessed by the
subscriber
– Claimant: the party to be authenticated
– Verifier: the party verifying
– The verifier passes an assertion about the subscriber to the relaying party (PR)

Password based Authentication

• Widely used user authentication method

– user provides name/login and password
– system compares password with that saved for specified login
• Authenticates ID of user logging and
– that the user is authorized to access system
– determines the user’s privileges
– is used in discretionary access control
 • Token-based authentication Object user possesses to authenticate, e.g.
– memory card (magnetic stripe)
– smartcard
Remote User Authentication
• Authentication over network more complex
– Problems of eavesdropping, replay
• Generally, use challenge-response
– user sends identity
– host responds with random number r
– user computes f (r, h(P)) and sends back
– host compares value from user with own computed value, if match user authenticated
• Protects against a number of attacks
3.4 Internet Authentication Application
 Authentication applications uses authentication functions and they are developed to support
application-level authentication & digital signatures.
 Kerberos is a private-key third party authentication service whereas X.509 is a directory
authentication service
3.5 KERBEROS

Kerberos Requirements
 Secure
 Reliable
 Transparent
 Scalable
Kerberos version 4 overview
Kerberos is a basic third-party authentication scheme has Authentications Server (AS) and Ticket
Granting server (TGS). The Authentication Server (AS) does authentication by users initially
negotiate with AS to identify self. AS provides a non-corruptible authentication credential (ticket
granting ticket TGT.
Kerberos v4 Dialogue
3.6: X.509

It is a part of CCITT X.500 directory service standards. The directory is in effect, a server or
distributed servers maintaining some information about users to the database. X.509 defines a
framework for authentication services.

It acts as a repository to store public-key certificates with public key of user that is signed with the
private key of the certification authority. X.509 is an important standard because the certificate
structure also defines authentication protocols defined in X.509 are used in a variety of contexts. For
example, X.509 certificate format is used in S/MIME but the algorithms are not standardised, but
RSA recommended.

X.509 Certificates The heart of X.509 is the public key certificate associated with each user. The
certificates area created and issued by a Certification Authority (CA), containing the following fields:

Version: Differentiates among successive versions of the certificate format; the default is version 1.
If the issuer unique identifier or subject unique identifier are present, the value must be version 2. If
one or more extensions are present, the version must be version 3.

Serial number: An integer value unique within the issuing CA that is unambiguously associated with
this certificate.
3.7 Access Control Principles

In a broad sense, all of computer security is concerned with access control. Indeed, RFC 4949 defines
computer security as follows: Measures that implement and assure security services in a computer
system, particularly those that assure access control service. This chapter deals with a narrower, more
specific concept of access control: Access control implements a security policy that specifies who or
what (e.g., in the case of a process) may have access to each specific system resource and the type of
access that is permitted in each instance
3.8 SUBJECTS, OBJECTS AND ACCESS RIGHTS

A subject is an entity capable of accessing objects. Generally, the concept of subject equates with that
of process. Any user or application actually gains access to an object by means of a process that
represents that user or application. The process takes on the attributes of the user, such as access
rights.

 Owner, Group, World.

An object is a resource to which access is controlled. In general, an object is an entity used to contain
and/or receive information. Examples include records, blocks, pages, segments, files, portions of files,
directories, directory trees, mailboxes, messages, and programs. Some access control systems also
encompass, bits, bytes, words, processors, communication ports, clocks, and network nodes.

An access right describes the way in which a subject may access an object. Access rights could
include the following:

 Read
 Write
 Execute
 Delete
 Search
3.9 DISCRETIONARY ACCESS CONTROL

Discretionary access control (DAC) is a type of security access control that grants or restricts object
access via an access policy determined by an object’s owner group and/or subjects. DAC mechanism
controls are defined by user identification with supplied credentials during authentication, such as
username and password. DACs are discretionary because the subject (owner) can transfer
authenticated objects or information access to other users. In other words, the owner determines
object access privileges.

In DAC, each system object (file or data object) has an owner, and each initial object owner is the
subject that causes its creation. Thus, an object’s access policy is determined by its owner.

A typical example of DAC is Unix file mode, which defines the read, write and execute permissions
in each of the three bits for each user, group and others.

DAC attributes include:

 User may transfer object ownership to another user(s).

 User may determine the access type of other users.

 After several attempts, authorization failures restrict user access.

 Unauthorized users are blind to object characteristics, such as file size, file name and
directory path.

 Object access is determined during access control list (ACL) authorization and based on user
identification and/or group membership.

DAC is easy to implement and intuitive but has certain disadvantages, including:

 Inherent vulnerabilities (Trojan horse)

 ACL maintenance or capability

 Grant and revoke permissions maintenance

 Limited negative authorization power

3.10 Example Unix File Access Control

3.11 Role Based Access Control

Traditional DAC systems define the access rights of individual users and groups of users. In contrast,
RBAC is based on the roles that users assume in a system rather than the user’s identity.

3.12 Attribute Based Access Control

A relatively recent development in access control technology is the attribute-based access control
(ABAC) model. An ABAC model can define authorizations that express conditions on properties of
both the resource and the subject.

The following are the three types of attributes in the ABAC model:

o Subject
o Object
o Environment

ABAC Logical Architecture

3.13 Identity, Credential and Access Management

ICAM is a comprehensive approach to managing and implementing digital identities (and associated
attributes), credentials, and access control. ICAM has been developed by the U.S. government, but is
applicable not only to government agencies, but also may be deployed by enterprises looking for a
unified approach to access control. ICAM is designed to

3.14 Trust Frame works

Online or network transactions involving parties from different organizations, or between an

organization and an individual user such as an online customer, generally require the sharing of
identity information. This information may include a host of associated attributes in addition to a
simple name or numerical identifier. Both the party disclosing the information and the party receiving
the information need to have a level of trust about security and privacy issues related to that
information.