0% found this document useful (0 votes)

58 views10 pages

Entity Authentication

Entity authentication is a technique where one party proves their identity to another. It involves a claimant proving their identity to a verifier. Common methods of authentication include something the claimant knows (like a password), possesses (like an ID card), or is (like fingerprints). Password authentication involves the claimant demonstrating they know a secret password. Challenge-response authentication avoids sending the secret by having the verifier send a challenge that the claimant responds to using the secret. Digital signatures using public/private key cryptography allow for authentication without shared secrets.

Uploaded by

kishorerajan777

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

58 views10 pages

Entity Authentication

Uploaded by

kishorerajan777

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PPTX, PDF, TXT or read online on Scribd

You are on page 1/ 10

ENTITY AUTHENTICATION

Kishore Rajan R
INTRODUCTION
 ENTITY AUTHENTICATION IS A TECHNIQUE DESIGNED TO
LET ONE PARTY PROVE THE IDENTITY OF ANOTHER PARTY.
 AN ENTITY CAN BE A PERSON, A PROCESS, A CLIENT, OR A
SERVER
 THE ENTITY WHOSE IDENTITY NEEDS TO BE PROVED IS
CALLED THE CLAIMANT; THE PARTY THAT TRIES TO PROVE
THE IDENTITY OF THE CLAIMANT IS CALLED THE VERIFIER.
MESSAGE AUTHENTICATION (DATA ORIGIN)
VERSUS ENTITY AUTHENTICATION
• THERE ARE TWO DIFFERENCES BETWEEN MESSAGE AUTHENTICATION
(DATAORIGIN AUTHENTICATION), AND ENTITY AUTHENTICATION –
MESSAGE AUTHENTICATION MIGHT NOT HAPPEN IN REAL TIME; ENTITY
AUTHENTICATION DOES.
• MESSAGE AUTHENTICATION: WHEN BOB VERIFIES THE MESSAGE THAT
ALICE SENT, ALICE MAY OR MAY NOT BE PRESENT IN THE VERIFICATION
PROCESS.
EG. AUTHENTICATE THAT ALICE SENT AN EMAIL TO BOB • ENTITY
AUTHENTICATION: NO REAL MESSAGE COMMUNICATION INVOLVED UNTIL
ALICE IS AUTHENTICATED BY BOB.
VERIFICATION CATEGORIES
• • SOMETHING KNOWN – A SECRET KNOWN ONLY BY THE CLAIMANT THAT CAN
BE CHECKED BY THE VERIFIER
• EG. PASSWORD, PIN, SECRET KEY, PRIVATE KEY
• SOMETHING POSSESSED – SOMETHING THAT CAN PROVE THE CLAIMANT’S
IDENTITY PASSPORT.
DRIVER’S LICENSE, IDENTIFICATION CARD, CREDIT CARD • SOMETHING INHERENT
– INHERENT CHARACTERISTICS OF THE CLAIMANT • CONVENTIONAL SIGNATURE,
FINGERPRINTS, FACIAL CHARACTERISTICS
PASSWORDS
• • THE SIMPLEST AND OLDEST METHOD OF ENTITY AUTHENTICATION IS THE PASSWORD-
BASED AUTHENTICATION, WHERE THE PASSWORD IS SOMETHING THAT THE CLAIMANT
KNOWS. – FIXED PASSWORD – ONE-TIME PASSWORD
• FIXED PASSWORD: POSSIBLE ATTACKS – EAVESDROPPING – STEALING A PASSWORD • WHEN
ALICE WRITE A PASSWORD SOMEWHERE – ACCESSING A PASSWORD FILE – GUESSING
• ONE-TIME PASSWORD :• FIRST APPROACH – USER AND THE SYSTEM AGREE UPON A LIST OF
PASSWORDS.
• • SECOND APPROACH – USER AND THE SYSTEM AGREE TO SEQUENTIALLY UPDATE THE
PASSWORD.
• • THIRD APPROACH - LAMPORT – USER AND THE SYSTEM CREATE A SEQUENTIALLY
UPDATED PASSWORD USING A HASH FUNCTION
CHALLENGE RESPONSE
• IN PASSWORD AUTHENTICATION, THE CLAIMANT PROVES HER IDENTITY BY
DEMONSTRATING THAT SHE KNOWS A SECRET, THE PASSWORD. – USER NEEDS TO
SEND THE PASSWORD AND THUS IT IS SUSCEPTIBLE TO ADVERSARY
• IN CHALLENGE-RESPONSE AUTHENTICATION, THE CLAIMANT PROVES THAT SHE
KNOWS A SECRET WITHOUT SENDING THE SECRET TO THE VERIFIER.
• THE CHALLENGE IS A TIME-VARYING VALUE SUCH AS A RANDOM NUMBER OR A
TIMESTAMP THAT IS SENT BY THE VERIFIER .
• THE CLAIMANT APPLIES A FUNCTION TO THE CHALLENGE AND SENDS A
RESPONSE TO THE VERIFIER.
SYMMETRIC-KEY : NONCE
CHALLENGE
A TIME-VARYING VALUE IS A NONCE – A RANDOM NUMBER
USED ONLY ONCE, RB

NONCE IS A RANDOM BIT-STRING USED ONLY ONCE: ALICE

 BOB: E(KPUB, (N, A, KAB)) • BOB MUST CHECK THAT HE
HAS NOT RECEIVED THAT N BEFORE
SYMMETRIC-KEY

TIMESTAMP
NONCE CHALLENGE CHALLENGE BIDIRECTIONAL
AUTHENTICATION
A TIME-VARYING VALUE IS A NONCE • A TIME-VARYING VALUE IS A ALICE IS AUTHENTICATED TO BOB
– A RANDOM NUMBER USED ONLY TIMESTAMP, T AND BOB IS AUTHENTICATED TO
ONCE, RB ALICE
KEYED HASH FUNCTION
(MAC)
• THE METHOD PRESERVES THE INTEGRITY OF
CHALLENGE AND RESPONSE MESSAGES AND
ALSO USES A SECRET, KEY.

• WHEN BOB RECEIVES THE MESSAGE, HE TAKES

PLAINTEXT AND APPLIES THE KEYED HASH
FUNCTION AND THEN COMPARES HIS CALCULATION
WITH WHAT HE RECEIVED TO DETERMINE
AUTHENTICITY OF ALICE.
ASYMMETRIC KEY CIPHER – DIGITAL
SIGNATURE

BIDIRECTIONAL UNIDIRECTIONAL
ALICE  BOB: ALICE BOB  ALICE: RB ALICE  BOB: ALICE BOB  ALICE: RB ALICE 
ALICE  BOB: BOB; E(H(RB ||BOB),KPRA) BOB: RA ; BOB; E(H(RB ||BOB),KPRIA) B: D(E(H(RB ||
BOB: D(E(H(RB ||BOB),KPRA), KPUA) = BOB),KPRIA), KPUBA) = H(RB ||BOB), VERIFY THE
H(RB ||BOB); VERIFY SIGNATURE
SIGNATURE BOB  ALICE: ALICE; E(H(RA ||
ALICE),KPRIB)

Lelia Green-Technoculture From Alphabet To Cybersex (2002)
No ratings yet
Lelia Green-Technoculture From Alphabet To Cybersex (2002)
288 pages
Ebook Google Tag Manager For Beginners With GA4
100% (1)
Ebook Google Tag Manager For Beginners With GA4
44 pages
Spring Boot Security Cheat Sheet: WWW - Snyk.io
0% (1)
Spring Boot Security Cheat Sheet: WWW - Snyk.io
1 page
Epp Ict Grade 6 Long Quiz
100% (7)
Epp Ict Grade 6 Long Quiz
4 pages
Entity Authentication
No ratings yet
Entity Authentication
30 pages
CCN Slides
No ratings yet
CCN Slides
7 pages
Entity Authentication
No ratings yet
Entity Authentication
24 pages
Unit 4
No ratings yet
Unit 4
39 pages
Entity Authentication
No ratings yet
Entity Authentication
37 pages
Ch-14 Entity Authentication - New Upload
No ratings yet
Ch-14 Entity Authentication - New Upload
26 pages
Entity Authentication
No ratings yet
Entity Authentication
33 pages
Entity Authentication
No ratings yet
Entity Authentication
38 pages
Chapter 14.entity Authentication
No ratings yet
Chapter 14.entity Authentication
38 pages
Lecture 6 - Authentication-Notes
No ratings yet
Lecture 6 - Authentication-Notes
60 pages
08 Entity Authentication 14
No ratings yet
08 Entity Authentication 14
33 pages
ICT 6541 Lecture6
No ratings yet
ICT 6541 Lecture6
40 pages
08 Entity Authentication14
No ratings yet
08 Entity Authentication14
33 pages
My Cryptographic Authentication Final
No ratings yet
My Cryptographic Authentication Final
51 pages
23-Design Considerations For Digital Certificates-10-03-2025
No ratings yet
23-Design Considerations For Digital Certificates-10-03-2025
22 pages
CSS Module 4 Part 1
No ratings yet
CSS Module 4 Part 1
82 pages
CH 3 Access Control
No ratings yet
CH 3 Access Control
51 pages
Module IV
No ratings yet
Module IV
27 pages
CNS Unit 4 New
No ratings yet
CNS Unit 4 New
55 pages
Lecture 17 - Entity Authentication
No ratings yet
Lecture 17 - Entity Authentication
34 pages
ISS L5 User Authentication
No ratings yet
ISS L5 User Authentication
35 pages
Module - 4 Authentication Protocols & Digital Signature Schemes
No ratings yet
Module - 4 Authentication Protocols & Digital Signature Schemes
32 pages
Authentication Techniques
No ratings yet
Authentication Techniques
29 pages
Authentication
No ratings yet
Authentication
50 pages
CO-1 PPT 5
No ratings yet
CO-1 PPT 5
79 pages
Authentication
No ratings yet
Authentication
152 pages
Unit 3 Authentication
No ratings yet
Unit 3 Authentication
16 pages
Cryptography
No ratings yet
Cryptography
25 pages
Authentication
No ratings yet
Authentication
56 pages
Lecture5 Cryptography
No ratings yet
Lecture5 Cryptography
37 pages
Note
No ratings yet
Note
9 pages
Unit 4 (Authentication)
No ratings yet
Unit 4 (Authentication)
12 pages
Elliptic Curve Cryptography Project
No ratings yet
Elliptic Curve Cryptography Project
21 pages
Mid Term Assignment
No ratings yet
Mid Term Assignment
6 pages
Notes On Network Security Issues: From Security Courses At: Stern School of Business, NYU Georgia Tech
100% (4)
Notes On Network Security Issues: From Security Courses At: Stern School of Business, NYU Georgia Tech
59 pages
Unit 4 PPT_CNS
No ratings yet
Unit 4 PPT_CNS
44 pages
Bscs5past PDF
No ratings yet
Bscs5past PDF
34 pages
Unit-2 User Authentication
No ratings yet
Unit-2 User Authentication
19 pages
AUTHENTICATION PROTOCOLS
No ratings yet
AUTHENTICATION PROTOCOLS
18 pages
Block Chain Technology Module-2: Decentralization and Encryption
No ratings yet
Block Chain Technology Module-2: Decentralization and Encryption
25 pages
Chapter 6
No ratings yet
Chapter 6
75 pages
Completeunit 5 1
No ratings yet
Completeunit 5 1
19 pages
CH 31 Network Security Multiple Choice Questions and Answers PDF
100% (1)
CH 31 Network Security Multiple Choice Questions and Answers PDF
9 pages
Authentication
No ratings yet
Authentication
35 pages
Wa0002.
No ratings yet
Wa0002.
45 pages
Unit 5 Authentication System
No ratings yet
Unit 5 Authentication System
40 pages
Unit 1 CNS Notes
No ratings yet
Unit 1 CNS Notes
14 pages
ISC2 CC Certified in Cybersecurity Demo
No ratings yet
ISC2 CC Certified in Cybersecurity Demo
59 pages
2 Authentication - Access Control & Cryptography
100% (1)
2 Authentication - Access Control & Cryptography
39 pages
Computer Security EITA25: Final Exam in
No ratings yet
Computer Security EITA25: Final Exam in
6 pages
Exam 2
No ratings yet
Exam 2
7 pages
CNS Unit-4
No ratings yet
CNS Unit-4
19 pages
BA Chapter5 Authentication and Key Agreement
No ratings yet
BA Chapter5 Authentication and Key Agreement
49 pages
Recitation 457
No ratings yet
Recitation 457
38 pages
Kerberos Version 4 Kerberos Version 5
No ratings yet
Kerberos Version 4 Kerberos Version 5
7 pages
Unit 5
No ratings yet
Unit 5
19 pages
Authentication IMP Pass, Token
No ratings yet
Authentication IMP Pass, Token
41 pages
CNS Unit 5
No ratings yet
CNS Unit 5
19 pages
BAIT2023 Introduction To Internet Security: Tutorial 3
No ratings yet
BAIT2023 Introduction To Internet Security: Tutorial 3
20 pages
Take Their Breath Away: How Imaginative Service Creates Devoted Customers
From Everand
Take Their Breath Away: How Imaginative Service Creates Devoted Customers
Chip R. Bell
3/5 (1)
Bank Details
No ratings yet
Bank Details
5 pages
Mrunmayee Kulkarni Cyber PPT 2
No ratings yet
Mrunmayee Kulkarni Cyber PPT 2
14 pages
Sunilkumar - Goleytamang Lab 3 22.07.2024
No ratings yet
Sunilkumar - Goleytamang Lab 3 22.07.2024
16 pages
SCMILIT L13-14 Manipulative and Multimedia Information and Media
No ratings yet
SCMILIT L13-14 Manipulative and Multimedia Information and Media
4 pages
jcp11 01 Rms 20230824
No ratings yet
jcp11 01 Rms 20230824
13 pages
Online Portal User Manual PDF
No ratings yet
Online Portal User Manual PDF
199 pages
SEEDS User Guidelines v4 (Student) PDF
No ratings yet
SEEDS User Guidelines v4 (Student) PDF
29 pages
How To Spy Whatsapp in A Few Easy Steps
No ratings yet
How To Spy Whatsapp in A Few Easy Steps
9 pages
Introduction To Networking
No ratings yet
Introduction To Networking
5 pages
Internet & Web Design Concepts1
No ratings yet
Internet & Web Design Concepts1
26 pages
Chris Ani: @iamchrisani
No ratings yet
Chris Ani: @iamchrisani
6 pages
Business Online
No ratings yet
Business Online
12 pages
OWASP Top 10 2021 Https WWW Crunch Co Uk What We Do Crunch Free Free Signup Referrer Self Assessment ST
No ratings yet
OWASP Top 10 2021 Https WWW Crunch Co Uk What We Do Crunch Free Free Signup Referrer Self Assessment ST
33 pages
Hack Yourself First Final
100% (1)
Hack Yourself First Final
62 pages
Introduction To Information Technology GEED
No ratings yet
Introduction To Information Technology GEED
23 pages
Tor-V1 6
No ratings yet
Tor-V1 6
144 pages
UDP Based Chat Application
No ratings yet
UDP Based Chat Application
4 pages
Web Mining
No ratings yet
Web Mining
15 pages
Help Desk Tips Tricks
No ratings yet
Help Desk Tips Tricks
46 pages
Sekilas Pandang Cyberpreneurship: M. Fakhrurrazi, Skom, MSC
No ratings yet
Sekilas Pandang Cyberpreneurship: M. Fakhrurrazi, Skom, MSC
31 pages
Node - Js Security
No ratings yet
Node - Js Security
17 pages
Upload 1 Document To Download: 01.colloquial Bengali
No ratings yet
Upload 1 Document To Download: 01.colloquial Bengali
2 pages
Blockchain Based Proxy Re-Encryption
No ratings yet
Blockchain Based Proxy Re-Encryption
8 pages
Safe and Responsible Use of Ict For Older Pupils
No ratings yet
Safe and Responsible Use of Ict For Older Pupils
1 page
Csa V1 Mocktest: Email
No ratings yet
Csa V1 Mocktest: Email
50 pages
Ruben Tiongson JR - Amazon Va
No ratings yet
Ruben Tiongson JR - Amazon Va
1 page

Entity Authentication

Uploaded by

Entity Authentication

Uploaded by

ENTITY AUTHENTICATION

NONCE IS A RANDOM BIT-STRING USED ONLY ONCE: ALICE

• WHEN BOB RECEIVES THE MESSAGE, HE TAKES

You might also like