chapter 6 authenticating people. figure 6.0.f01: authentication to protect computer resources
TRANSCRIPT
Chapter 6
Authenticating People
FIGURE 6.0.F01: Authentication to protect computer resources.
FIGURE 6.0.F02: Performing the authentication.
TABLE 6.0.T01: Examples of authentication techniques
TABLE 6.0.T02: Levels of authentication threats
FIGURE 6.0.F03: Basic external attacks on authentication.
FIGURE 6.0.F04: Unix developers using a teletype.
Reprinted with permission of Alcatel-Lucent USA Inc.
FIGURE 6.0.F05: Masking the space for typing a password.
Courtesy of Dr. Richard Smith
FIGURE 6.0.F06: Procedure diagram of password hashing.
FIGURE 6.0.F07: Procedure diagram of a one-way hash function.
TABLE 6.0.T03: Modern hash functions and the size of their hash values
FIGURE 6.0.F08: Keystroke logger.
Photo courtesy of KeyGhost.com
FIGURE 6.0.F09: Offline trial-and-error attack on Alice’s password hash.
EQUATION 6.0.Eq01
EQUATION 6.0.Eq02
EQUATION 6.0.Eq03
EQUATION 6.0.Eq04
TABLE 6.0.T04: Search space for random passwords or passphrases
FIGURE 6.0.F10: Decimal dice can produce truly random numbers.
Courtesy of Dr. Richard Smith
TABLE 6.0.T05: Different degrees of cracking feasibility
FIGURE 6.0.F11: Dictionary attack by the Morris Worm.
EQUATION 6.0.Eq05
EQUATION 6.0.Eq06
FIGURE 6.0.F12: A four-digit luggage lock.
Courtesy of Dr. Richard Smith
EQUATION 6.0.Eq07
EQUATION 6.0.Eq08
FIGURE 6.0.F13: Passive authentication tokens, front and back.
Courtesy of Dr. Richard Smith
FIGURE 6.0.F14: A hand-operated challenge-response token.
Courtesy of Dr. Richard Smith
FIGURE 6.0.F15: Using a challenge-response token.
FIGURE 6.0.F16: A challenge-response calculation.
Courtesy of Dr. Richard Smith
FIGURE 6.0.F17: USB direct connect challenge response tokens.
Courtesy of Dr. Richard Smith
FIGURE 6.0.F18: One-time password token.
Courtesy of Dr. Richard Smith
FIGURE 6.0.F19: Generating a one-time password.
Courtesy of Dr. Richard Smith
FIGURE 6.0.T06: Vulnerabilities of authentication tokens
TABLE 6.0.F20: Biometric fingerprint reader on a laptop’s keyboard.
Courtesy of Dr. Richard Smith
FIGURE 6.0.F21: Elements of a biometric system.
EQUATION 6.0.Eq09
TABLE 6.0.T07: Household policy for a weak threat environment
TABLE 6.0.T08: Policy for a workplace using passwords against weak threats
TABLE 6.0.T09: Policy for a workplace using tokens and passwords against weak threats
TABLE 6.0.T10: Extending the password policy from Table 6.8 for strong threats
TABLE 6.0.T11: Policy from Table 6.8 extended to apply biometrics to strong threats
TABLE 6.0.T12: Extending the token policy from Table 6.9 for strong threats