User AuthenticationUser Authentication

By Eric Sita

Message SecurityMessage Security

Privacy: To expect confidentiality from a sender.

Authentication: To be sure of someone's identity.

Integrity: Make sure message arrives as sent.

Nonrepudiation: To prove a message came from a particular sender.

Methods CoveredMethods Covered

Use of a symmetric KeyUsing a nonceBi-directionalSSH example

Symmetric KeySymmetric Key

Using a nonceUsing a nonce

Bi-directional Bi-directional

Example SystemExample System

SSH – Used for our UNIX accounts Consists of three protocols:

1) SSH-TRANS -Transport Layer Protocol

2) SSH-AUTH - Authentication Protocol

3) SSH-CONN - Connection Protocol

SSH-TRANSSSH-TRANS

Provide an encrypted channel between client and server

Runs on top of a TCP connectionThis is first step in logging on to systemUses RSA to authenticateEstablish a session key

SSH-AUTHSSH-AUTH

Three methods:1) Since connection is secure send password

2) Public key encryption

3) Host-based authentication

Extra Info on SSHExtra Info on SSH

OpenSSH a package on most UNIX systems supports the command, “SSH-keygen” to create private/public key pairs

Is used on other TCP applications like X Windows and IMAP mailers, otherwise known as “SSH tunnel”

This is called Port Forwarding, used in the SSH-CONN protocol

Applicationclient

Applicationserver

SSH SSHForwarded connection

Direct connection

Host A Host B

SSH ExampleSSH Example

ReferencesReferences

Forouzan, Behrouz Data Communications and Networking McGraw-Hill 2004

Peterson, Larry Computer Networks A Systems Approach Morgan Kaufman 2003

Leon-Garcia, Alberto Communication Networks McGraw-Hill 2000