user authentication by eric sita. message security privacy: to expect confidentiality from a sender....
TRANSCRIPT
User AuthenticationUser Authentication
By Eric Sita
Message SecurityMessage Security
Privacy: To expect confidentiality from a sender.
Authentication: To be sure of someone's identity.
Integrity: Make sure message arrives as sent.
Nonrepudiation: To prove a message came from a particular sender.
Methods CoveredMethods Covered
Use of a symmetric KeyUsing a nonceBi-directionalSSH example
Symmetric KeySymmetric Key
Using a nonceUsing a nonce
Bi-directional Bi-directional
Example SystemExample System
SSH – Used for our UNIX accounts Consists of three protocols:
1) SSH-TRANS -Transport Layer Protocol
2) SSH-AUTH - Authentication Protocol
3) SSH-CONN - Connection Protocol
SSH-TRANSSSH-TRANS
Provide an encrypted channel between client and server
Runs on top of a TCP connectionThis is first step in logging on to systemUses RSA to authenticateEstablish a session key
SSH-AUTHSSH-AUTH
Three methods:1) Since connection is secure send password
2) Public key encryption
3) Host-based authentication
Extra Info on SSHExtra Info on SSH
OpenSSH a package on most UNIX systems supports the command, “SSH-keygen” to create private/public key pairs
Is used on other TCP applications like X Windows and IMAP mailers, otherwise known as “SSH tunnel”
This is called Port Forwarding, used in the SSH-CONN protocol
Applicationclient
Applicationserver
SSH SSHForwarded connection
Direct connection
Host A Host B
SSH ExampleSSH Example
ReferencesReferences
Forouzan, Behrouz Data Communications and Networking McGraw-Hill 2004
Peterson, Larry Computer Networks A Systems Approach Morgan Kaufman 2003
Leon-Garcia, Alberto Communication Networks McGraw-Hill 2000