lightweight authentication for email and web
play

Lightweight Authentication for Email (and Web?) Ben Adida - PowerPoint PPT Presentation

Sep 05, 2023 •124 likes •335 views

Lightweight Authentication for Email (and Web?) Ben Adida ben@mit.edu PAW/DIG Meeting June 30th, 2005 (joint work with Susan Hohenberger and Ronald L. Rivest) Distributed Phishing Friends and Colleagues Jakobsson & Young 2005

  1. Lightweight Authentication for Email (and Web?) Ben Adida ben@mit.edu PAW/DIG Meeting June 30th, 2005 (joint work with Susan Hohenberger and Ronald L. Rivest)

  8. Distributed Phishing • Friends and Colleagues • Jakobsson & Young 2005

  9. Review SMTP Today DNS foo.com 2 MX MX Record mail.foo.com wonderland.com mail.foo.com outgoing incoming 3 mail server mail server 4 1 Alice Bob

  10. Review No Proof of Origin phish.com ? wonderland.com mail.foo.com outgoing incoming mail server mail server Alice Bob

  11. Review ID-Based Crypto "bob@foo.com" keyserver MPK MSK PK bob SK bob Alice Bob

  12. New ID-based Domains MPK foo.com MPK wonderland . com wonderland.com foo.com keyserver keyserver MSK wonderland . com MSK foo.com SK bob @ foo . com SK alice @ wonderland . com Alice Bob

  13. DNS to distribute New Master Public Keys DNS wonderland.com MPK wonderland . com Publish foo.com MPK foo . com wonderland.com key server MSK wonderland . com [DomainKeys]

  14. Email-Based New Authentication SK alice @ wonderland . com wonderland.com wonderland.com keyserver incoming MSK wonderland . com mail server [Gar2003] Alice

  15. Tweaks & Optimizations • Key Revocation - expiration date in the ID string: “ ben@mit.edu - 2005-04-26” • Domain Policies immediate deletion of spoofed emails. • Alternate Keyserver bootstrap individual users. Different Trust.

  16. Repudiability Alice Bob Eve Repudiability is about Privacy

  17. Ad-Hoc Group Sigs From: Alice To: Bob Subject: Account Your monthly balance is available at: http://wonderbank.com Signed: Alice or Bob

  18. Hijacking Keys for AHGS I signed this message, OR I have your secret key - Signature or Encryption key - Factoring-, DL-, BM-based algorithms - All known keypairs work! [AHR2005]

  19. Putting it All Together [AHR2005] DNS wonderbank.com MPK bank 1 1 PUBLISH PUBLISH foo.com MPK foo wonderbank.com foo.com key server key server MPK foo 3 6 MPK bank SK A 2 4 "bob@foo.com" PK B 9 From: Alice To: Bob Subject: Account 7 "alice@wonderbank.com" Your monthly balance is available at: http://wonderbank.com Alice Bob Signed: Alice or Bob PK A Wonderbank.com foo.com 5 8 Network Network

  20. Web Authentication? Request for Resource Web Server Request for Authentication PK Alice Signature on Nonce, Repudiable Against PK

  21. Questions?

Recommend

OPT : LIGHTWEIGHT SOURCE AUTHENTICATION & PATH VALIDATION

OPT : LIGHTWEIGHT SOURCE AUTHENTICATION & PATH VALIDATION

OPT : LIGHTWEIGHT SOURCE AUTHENTICATION & PATH VALIDATION Tiffany Hyun-Jin Kim , 1 Cris(na Basescu, 2 Limin Jia, 1 Soo Bum Lee, 3 Yih-Chun Hu, 4 and Adrian

502 views • 26 slides
A new lightweight Crypto Library for supporting an Advanced Grid Authentication Process

A new lightweight Crypto Library for supporting an Advanced Grid Authentication Process

A new lightweight Crypto Library for supporting an Advanced Grid Authentication Process with Smart Cards Roberto BARBERA (1)(2) , Vincenzo CIASCHINI (3) , Alberto FALZONE (4) , Giuseppe LA ROCCA (1)

456 views • 32 slides
KRB-CCN: Lightweight Authentication & Access Control for Private Content-Centric Networks

KRB-CCN: Lightweight Authentication & Access Control for Private Content-Centric Networks

KRB-CCN: Lightweight Authentication & Access Control for Private Content-Centric Networks Ivan O. Nunes and Gene Tsudik University of California Irvine {ivanoliv, gene.tsudik}@uci.edu ACNS 2018 1 Agenda CCN Overview

604 views • 59 slides
Lightweight Encryption for Email Ben Adida ben@mit.edu 7 July 2005 joint work with Susan

Lightweight Encryption for Email Ben Adida ben@mit.edu 7 July 2005 joint work with Susan

Lightweight Encryption for Email Ben Adida ben@mit.edu 7 July 2005 joint work with Susan Hohenberger and Ronald L. Rivest MIT Cryptography and Information Security Group Motivation To Improve/Restore the Usefulness of Email

487 views • 28 slides
Lightweight Authentication of Freshness in Outsourced Key-Value Stores (ACSAC14) Yuzhe Tang,

Lightweight Authentication of Freshness in Outsourced Key-Value Stores (ACSAC14) Yuzhe Tang,

Lightweight Authentication of Freshness in Outsourced Key-Value Stores (ACSAC14) Yuzhe Tang, Ting Wang, Ling Liu, Xin Hu, Jiyong Jang Cloud Computing Cloud computing has arrived: Almost all human activities can be supported by cloud

486 views • 31 slides
FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware

FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware

FIDES: Lightweight Authentication Cipher with Side-Channel Resistance for Constrained Hardware Begl Bilgin, Andrey Bogdanov, Miroslav Kne evi , Florian Mendel, and Qingju Wang 1 DIAC 2013, Chicago Side Channel Resistance 2 Side

1.29k views • 76 slides
A Lightweight Statistical Authentication Protocol for Access Control in Wireless LANs Haoli Wang,

A Lightweight Statistical Authentication Protocol for Access Control in Wireless LANs Haoli Wang,

A Lightweight Statistical Authentication Protocol for Access Control in Wireless LANs Haoli Wang, Joel Cardo, Yong Guan ECE, Iowa State University ASWN 2004 Introduction Emergence of visitor networks Visitor Networks: LANs that are

671 views • 13 slides
Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1.

Its time to Think Lightweight! www.thinklightweight.com TO D A Y S TO P IC S 1. About Think Lightweight 2. What are Lightweight Structures? 3. Industry Applications 4. Product Line Review 5. Think Lightweight Component

832 views • 43 slides
Peer-to-peer Sender Authentication for Email Vivek Pathak and Liviu Iftode Rutgers University

Peer-to-peer Sender Authentication for Email Vivek Pathak and Liviu Iftode Rutgers University

Peer-to-peer Sender Authentication for Email Vivek Pathak and Liviu Iftode Rutgers University Email Trustworthiness Sender can be spoofed Need for Sender Authentication Importance depends on sender Update on Spam Filters

1.02k views • 55 slides
View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert,

View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert,

View The Email to Get Hacked: Attacking SMS-based Two-Factor Authentication Philipp Markert, Florian Farke, and Markus Drmuth Santa Clara, California, USA | WAY 2019 | August 11, 2019 Two-Factor Authentication 1 1 2 1 Gmail 2FA

415 views • 28 slides
AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is

SECURITY TOPICS PART 2 AUTHENTICATION AUTHENTICATION Authentication is the process by which you decide that someone is who they say they are and therefore permitted to access the requested resources: getting entrance to a computer lab

833 views • 44 slides
HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication

288 views • 10 slides
Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a

Authentication Most technical security safeguards have Authentication authentication as a precondition How to authenticate: Something you know Password, Secrets Something you have Smart Card, Token Something you are Biometrie

607 views • 4 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

1.66k views • 27 slides
Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication

Cryptography Authentication and Data Integrity Aims of Authentication Authentication and Data Integrity Authentication with Symmetric Key Encryption Authentication with Hash Cryptography Functions Authentication with MACs School of

613 views • 27 slides
UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity

UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity

UCSB Identity and LDAP The central campus directory and authentication system UCSB Identity System UCSBnetID authentication UCSB-wide student and employee info http://www.identity.ucsb.edu/ LDAP Overview Lightweight Directory Access Protocol

604 views • 24 slides
The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will

The lightweight beam for Heavyweight applications The impact of this lightweight steel beam will revolutionise the international high-rise construction industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight

417 views • 12 slides
Email Authentication for Penetration Testers 29.12.2019, 36c3 Andrew Konstantjnov,

Email Authentication for Penetration Testers 29.12.2019, 36c3 Andrew Konstantjnov,

Email Authentication for Penetration Testers 29.12.2019, 36c3 Andrew Konstantjnov, andrejs@cert.lv Who am I? Andrew, andrejs@cert.lv 679A C8D4 A391 6736 D558 07C1 D3D9 0B7C 666A EDCD Currently work for: cert.lv Previously worked

861 views • 56 slides
A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization,

A2: Broken Authentication and Session Management But first Authentication, Authorization, Sessions Authentication Determining user identity Multiple ways What you know (password) What you have (phone, RSA SecureID, Yubikey)

1.57k views • 28 slides
Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password

Web Authentication Thierry Sans Several Methods Local authentication with login and password Token-based authentication Third party authentication Local Authentication How to store and verify password? Clear Data can be hacked

615 views • 14 slides
The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept

The lightweight beam for Heavyweight applications The impact of this lightweight beam concept will revolutionise the aviation industry Tony Zaccarini and Dr Patrick OBrien The lightweight beam for Heavyweight applications Patent Applied For

479 views • 12 slides
The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch

The Authentication Jungle An overview of all sorts of authentication technologies Karol Babioch Security Engineer kbabioch@suse.de New authentication standards ... 2 Some authentication technologies ... 3 - Authentication theory -

1.28k views • 88 slides
Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239

Outline Introduction Authentication Basic authentication mechanisms CS 239 Authentication on a single machine Computer Security Authentication across a network February 21, 2007 Lecture 9 Lecture 9 Page 1 Page 2 CS 236,

302 views • 8 slides
I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform

I know who you are, but you can't come in Authentication and single sign-on in the SAS platform Agenda Authentication Inbound authentication Outbound authentication Single Sign-on Definitions Stage Process Method Physical

781 views • 48 slides

More recommend