Introduction:
As information technologies evolved and became more important for business and home use, users demanded for ways of directly connecting to systems in different locations. From large internet service providers, operators of bulletin board systems, to businesses getting critical data to road warriors in a timely manner, remote system access and networks became critical services that administrators were required to provide. However, it was necessary to ensure that only authorized users could access the provider’s resources, they could only access the resources they needed, and the administrators could track the users’ activities and access time for purposes of ensuring system integrity and accountability of financial charge backs respectively.
In order for network service providers to meet these requirements, they had to find remote access methods ensuring security and accountability. In security terms, these concepts are referred to as authentication, authorization and accountability, also known as the AAA framework. The AAA framework intelligently controls access to computer resources, enforces policies, audits usage and provides the necessary information for service billing. The combination of these processes is considered necessary for effective implementation of network security and management. Authentication guarantees the user’s identity; authentication specifies what the user can access or not, and accountability ensures what the user can do with this access.
Remote user authentication scheme is one of the most convenient and simplest authentication mechanisms used to handle secret data over insecure networks. The scheme is applicable in wireless and wired networks, remote login systems and database management systems.
In context, user authentication is the primary line of defense and the fundamental building block for computer security. For example, a user Bob Lewis could have the user identifier BBLEWIS. However, this information requires to be stored in a server or computer system that Bob wishes to use and may be known to other users and system administrators. Typically a user password is the piece of authentication information associated with a user ID and is kept secret (known only to Bob and the system). If no one can guess or obtain Bob’s password, then a combination of Bob’s user ID and password enables system administrators to set up Bob’s access permissions and audit his activity. However, since Bob’s ID is not a secret, fellow users can email him, but since his password is secret, no one can impersonate him.
Essentially, identification is the means by which users provide a claimed identity to the system while authentication deals with establishing the validity of this claim. Remote user authentication is a user authentication mechanism in which a user attempts to access a remote system such as an ATM machine or PC over a network, a communications link, or the Internet. To counter threats to remote user authentication, systems generally rely on four general means of user identity authentication also known as challenge response protocols.
Challenge-response authentication protocols prove that users know the password without revealing the password itself. In this case, the remote client application first receive a challenge from the server and computes the response using a cryptographic hash function on the server’s challenge combined with the user password. Finally, the application sends the original challenge back to the server plus the response. Since the hash function is one-way, recovering the password from the response sent by the application is impossible.
On receiving the response, the server applies the same hash function to the challenge and combines its own copy of the user’s password. If its result matches the application’s response, then this affirms that the user has submitted the correct password. Challenge response protocols are usually used alone or in combination, and they include Password Protocol, Token Protocol, Static Biometric Protocol, and Dynamic Biometric Protocol.
The password challenge response protocol becomes initiated when a user sends user identification, U to the remote host (usually a server). The host then returns a response, in this case a random number, R, which identifies the session, a hash function, H(), and a challenge function, F(). The user then computes the response and returns it to the server. The response is the result of the function involving the hash function received from the host and the submitted user password entered by the user, H(P’), and the submitted random number, R. After the host receives the response, authentication is granted if the clients submitted result is similar to the result of the same function with a random number and hash of the real user password H(P(U)) computed by the host on its side. If the two results are not equivalent, access is denied. It is also important to note that the user’s correct password P (U) is not stored as plaintext in the host machine; instead it is hashed to form H(P(U)) which is a security precaution to avoid password theft at the host.
Token Protocol:
The remote token authentication protocol usually uses something the user possesses such as a key card or smart card, also referred to as a token. In the most basic form of this protocol, the token usually stores a static passcode or generates a random one-time use passcode. This is somehow similar to the password protocol described above, but instead ofpotentially weak password, a long and random passcode W is first hashed to H(W’) and combined with the random number challenge then the result transmitted as a response to the host. The user can access the passcode from the token’s storage medium, say a chip or magnetic strip with a password or PIN code, P’, but this password is used only between the user and the token he holds. The user passcode can be hashed and stored at the host in the form, H(W(U)), or it can be randomly generated when one-time passwords are used. Authentication of the token password, P’, can be done using the password protocol.
Static Biometrics Protocol:
This authentication protocol uses something the user is, and this may include face and fingerprint recognition or retina scanning. However, it is important to note that, for the static biometric protocol, the biometric is matched at the host, and the client only does the scanning. In this case, a Biometric, B’, is captured on a biometric device and processed at the client to obtain the biometric template, BT’. The template generated is then combined with a random number challenge, R’, and encrypted using an encryption function, E(), and returned as a response for matching at the host. For this authentication protocol, there is a rudimentary procedure to authenticate the capture device where the device returns it identification, D’, which is then matched with a list of registered devices at the host database, {D}.
In special cases where static biometric is matched at the client, the matching is similar to that at the host. However, the difference is that the biometric is captured and processed into a template, BT’, then matched to yield a YES/NO match result, BM’, at the client’s side. This information is returned to the host which determine authentication based on a correct match and the biometric device’s legitimacy. In this case, the host possesses no biometric information but rather stores the biometric template at the client side.
Dynamic Biometric Protocol:
This challenge response protocol for remote user authentication usually involves some user actions i.e. what the user does (dynamic biometrics). Such include voice pattern recognition, handwriting features, and typing rhythms. The basic challenge response protocol for a biometric signal matched at the remote host is described. The main distinction between static biometric signal and dynamic biometric signal is that actual biometric are involved in the challenge-response whereas it could not be done before.
In order to perform this authentication, a challenge, X, is sent from the remote host to the client. The challenge comprises of a random number sequence, words or just characters. This is much shorter than a random number, R, since the user has to vocalize it (speech verification), type it in (keyboard dynamic verification), or write it (handwriting verification) to generate the biometric signal, BS’(X’). The result is returned as a response to the host which then processes it to extract challenge response, X’, and biometric signal B’. The recognized X’ is compared with the challenge originally sent, X. The biometric, B’, is also compared with that in the host database corresponding to the user, B(U). If B’ matches B(U) and if R’ matches R, then authentication can be considered successful. The difference here from the static biometric protocol is that no machine authentication is required for the capturing biometric device. There is no need for machine authentication since the challenge-response protocol defends against forgery and replay attacks, and matching is done at the remote host.
The basic challenge response protocol for the dynamic biometric signal matched at the client is similar to that matched at the host. The difference is that the biometric is captured, processed to a template, BT’, and matched to yield a YES/NO match result, BM’ all at the client. The result is then sent to the remote host together with the device identifier to verify that it is registered and not modified. When compared to host matching, this protocol saves a lot of template storage space and transmission bandwidths at the host, at the cost of a more powerful and trustworthy client device.
Comparison of the challenge response protocols:
After explaining in detail what each protocol does, it is important to compare the different protocols with respect to security issues i.e. vulnerabilities and possible defenses.
The password protocol is a great authentication mechanism and secrecy if the best defense against theft. Passwords can have higher key-spaces than other authenticators thus they defend well against search attacks at the client side. Hashing and high key-spaces protect against host attacks, and the ability of this protocol to participate in challenge-response protects against eavesdropping, replay, and other transmission attacks. Furthermore, the method is flexible, convenient and less expensive.
However, there is a problem when multiple passwords come into play since human forget easily. For reason, the password benefits disappear because people compromise security for convenience purposes i.e. by choosing short, weak and easy to remember passwords. This makes passwords that are more memorable passwords but with less entropy highly susceptible to dictionary attacks. Writing down passwords also makes them vulnerable to theft. The administrative costs due to resetting lost passwords are also high and again, they do not offer much defense against repudiation or provide good compromise detection.
Tokens provide various advantages when used in combination with passwords. One is that tokens can store and/or generate multiple passwords thus changing the user’s task of remembering multiple passwords to remembering the only one required for token access. The protocol also provides compromise detection since loss of a token is observable. Another advantage of this protocol is that it provides added protection against denial of service attacks and for accounts with a single password, attackers can enter an incorrect password for a finite number of time until the account locks them out. However, if combined with a token, the attacker cannot just guess and enter passwords since they have to steal the token fast which is more difficult as it requires physical access to the token.
Tokens have a disadvantage in that they are inconvenient and expensive. The equipment cost is higher than that of a password but is comparable to biometrics that requires a reader. Since the token is vulnerable to theft, it is best to use it only in special occasions as a first line of defense in a home or office etc. A combination of token and biometrics has similar characteristics to that of a password plus token. This combination, however is more expensive since it requires two readers for the token and biometrics. It is also less convenient due to false non-matches in biometric scanners versus the inconvenience of forgetting user passwords, but this is only a matter of user preferences. If the user needs to only remember a single password, then it is relatively simple and arguably better to use the password and token combination unless there is need for repudiation.
Biometrics on the other have the advantage that they are less likely to be stolen or lent thus providing better defense against repudiation. While static biometrics may be stolen or copied, biometrics should not be applied in a single factor mode. Furthermore, biometrics works best in verification mode thus a good second factor choice is a token that stores the user identity. Static biometrics users should not have the false sense of guaranteed security as biometric signals have been forged in the past and will continue to be in the future.
Dynamic biometric protocol attempts to address the problem of theft and forgery in the static protocol. The protocol is resistant to replay attacks and forgery. It also provides stronger non-repudiation than for static biometrics. The potential disadvantage of this scheme is the recognition rate for speech recognition may not be high enough to provide security without inconveniencing users with multiple false matches.
Conclusion:
Remote user authentication protocols can be categorized as knowledge, object and ID-based depending on how they provide security. Knowledge based authenticators provide security by secrecy e.g. passwords and PINs. Object based authenticators provide security by being closely held e.g. keycards while ID-based authentication protocols provided security by copy-resistance and uniqueness e.g. static and dynamic biometrics.
Comparison of authenticators has been done with respect to potential attacks amongst other issues. Some of the attacks addressed are client and host search attacks, theft, eavesdropping, replay attacks, and denial of service attacks. Other security issues discussed though in lesser detail due to the scope of this paper include compromise detection, non-repudiation, compromise recovery, revocation and administrative issues of password recovery.
The appropriate authentication mechanism to choose depends on the area of application. However, for remote authentication a few combinations should be used e.g. a token and password combination especially if the token can generate or store multiple passwords, or static biometrics and biometric combination.
Works Cited:
"Authentication, Authorization, and Accounting." Search Security. N.p., n.d. Web. 14 Nov. 2013. <http://searchsecurity.techtarget.com/definition/authentication-authorization-and-accounting>.
"Challenge-Response Authentication." Zenfolio. N.p., n.d. Web. 15 Nov. 2013. <http://www.zenfolio.com/zf/help/api/guide/auth/auth-challenge>.
"ELECTRONIC AUTHENTICATION: A GUIDANCE FOR SELECTING SECURE TECHNIQUES." Electronic Authentication. N.p., n.d. Web. 15 Nov. 2013. <http://www.itl.nist.gov/lab/bulletns/bltnaug04.htm>.
Stallings, William. Cryptography and network security: principles and practices. 5th ed. Upper Saddle River, N.J.: Pearson/Prentice Hall, 2006. Print.
L. Rabiner, B-H. Juang, Fundamentals of Speech Recognition, New Jersey, USA,
Prentice Hall, 1993. Print
R. L. van Renesse, Optical Document Security, Artech House, Massachusetts,
1994. Print
