Add second year
This commit is contained in:
@ -0,0 +1,87 @@
|
||||
- #[[CT255 - Next Generation Technologies II]]
|
||||
- **Previous Topic:** [[Introduction to Cryptography]]
|
||||
- **Next Topic:** null
|
||||
- **Relevant Slides:** 
|
||||
-
|
||||
- What is a **password**? #card
|
||||
card-last-interval:: 4
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.6
|
||||
card-next-schedule:: 2022-10-07T14:27:05.787Z
|
||||
card-last-reviewed:: 2022-10-03T14:27:05.787Z
|
||||
card-last-score:: 5
|
||||
- A **password** is a memorised secret used to confirm the identity of a user.
|
||||
- Typically, an arbitrary string of characters including letters, digits, or other symbols.
|
||||
- A purely numeric secret is called a **Personal Identification Number (PIN)**.
|
||||
- The secret is memorised by a party called the **claimant** while the party verifying the identity of the claimant is called the **verifier**.
|
||||
- The claimant & the verifier communicate via an **authentication protocol**.
|
||||
- # Some Password Alternatives
|
||||
- One-Time Password (OTP).
|
||||
- Transaction Authentication Number (TAN) list used for online banking - they can only be used once.
|
||||
- Time-synchronised one-time passwords.
|
||||
- Biometric methods.
|
||||
- Fingerprints, irises, voice, face.
|
||||
- Cognitive passwords.
|
||||
- Use question & answer cue/response pairs to verify identity.
|
||||
-
|
||||
- # Algorithmic Generation of OTP
|
||||
- Paper-based TANs are hard to manage -> both the claimant and the verifier need to have a copy of every OTP (possibly hundreds of them).
|
||||
- Idea: each OTP may be created from the passt OTPs used.
|
||||
- An example of this type of algorithm, credited to Leslie Lamport, uses a **one-way function** (hash function).
|
||||
- ## One-Way Functions
|
||||
- What is a **hash function**? #card
|
||||
card-last-interval:: -1
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.5
|
||||
card-next-schedule:: 2022-10-03T23:00:00.000Z
|
||||
card-last-reviewed:: 2022-10-03T14:27:00.494Z
|
||||
card-last-score:: 1
|
||||
- A **one-way function** $H$ produces a fixed-size output $h$ based on a variable size input $s$.
|
||||
- $$H(s) = h$$
|
||||
- $H$ is also called a **hash function**, $h$ is called a **hash** (value).
|
||||
- Important: *one-way property*:
|
||||
- For a given hash code $h$, it is infeasible to find $s$ that $H(s) = h$.
|
||||
- ### Leslie Lamport's Algorithm #card
|
||||
card-last-interval:: -1
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.5
|
||||
card-next-schedule:: 2022-10-03T23:00:00.000Z
|
||||
card-last-reviewed:: 2022-10-03T14:26:52.424Z
|
||||
card-last-score:: 1
|
||||
- For every claimant, a random seed (starting value) $s$ is chosen.
|
||||
- A hash function $H(s)$ is applied repeatedly (e.g., 1,000 times) to the seed, giving a value of:
|
||||
- $$H(H(H(...(H(s)....))))$$
|
||||
- The user's first login uses an OTP $p$ derived by applying $H$ 999 times to the seed, i.e., $H^{999}(s)$.
|
||||
- The verifier can authenticate that this is the correct OTP, because $H(p) = H^{1000}(s)$, the value stored.
|
||||
- The value stored is then replaced by $p$ and the user is allowed to log in.
|
||||
- The next login must be accompanied by $H^{998}(s)$.
|
||||
- Again, this can be validated because hashing gives $H^{999}(s)$ which is $p$, the value stored after the previous login.
|
||||
- The new value replaces $p$ and the user is authenticated.
|
||||
- This process can be repeated another 997 times, each time the password will be $H$ applied one fewer times.
|
||||
- ### Time-Synchronised OTP #card
|
||||
card-last-interval:: -1
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.5
|
||||
card-next-schedule:: 2022-10-03T23:00:00.000Z
|
||||
card-last-reviewed:: 2022-10-03T14:26:07.581Z
|
||||
card-last-score:: 1
|
||||
- Each user has a unique piece of hardware called a **security token** that generates an OTP (e.g., mobile phone).
|
||||
- Inside the token is an accurate clock that has been synchronised with the clock of the verifer.
|
||||
- Both claimant token and verifier server calculate identical OTPs that are based on time.
|
||||
- 
|
||||
-
|
||||
- # Some New Biometric Methods
|
||||
- **Hand geometry:** Measurement & comparison of the (unique) different physical characteristics of the hand.
|
||||
- **Palm vein authentication:** Uses an infrared beam to penetrate the user's hand as it is waved over the system; the veins within the palm are returned as black lines.
|
||||
- **Retina scan:** Provides an analysis of the capillary blood vessels located in the back of the eye.
|
||||
- **Iris scan:** Provides an analysis of the rings, furrows, & freckles in the coloured ring that surrounds the pupil of the eye.
|
||||
- Face recognition, signature, & voice analysis.
|
||||
- **Behavioural biometrics:**
|
||||
- 
|
||||
-
|
||||
- # Multi-Factor Authentication
|
||||
- This may include a combination of the following:
|
||||
- Some physical object in the possession of the user, e.g., a USB stick with a secret token, a bank card, a key, etc.
|
||||
- Some secret known only to the user, such as a password, PIN, TAN, etc.
|
||||
- Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, pattern in key press intervals, etc.
|
||||
- Somewhere you are, such as connection to a specific computing network or utilising a GPS signal to identify the location.
|
||||
@ -0,0 +1,87 @@
|
||||
- #[[CT255 - Next Generation Technologies II]]
|
||||
- **Previous Topic:** [[Introduction to Cryptography]]
|
||||
- **Next Topic:** null
|
||||
- **Relevant Slides:** 
|
||||
-
|
||||
- What is a **password**? #card
|
||||
card-last-interval:: 4
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.6
|
||||
card-next-schedule:: 2022-10-07T14:27:05.787Z
|
||||
card-last-reviewed:: 2022-10-03T14:27:05.787Z
|
||||
card-last-score:: 5
|
||||
- A **password** is a memorised secret used to confirm the identity of a user.
|
||||
- Typically, an arbitrary string of characters including letters, digits, or other symbols.
|
||||
- A purely numeric secret is called a **Personal Identification Number (PIN)**.
|
||||
- The secret is memorised by a party called the **claimant** while the party verifying the identity of the claimant is called the **verifier**.
|
||||
- The claimant & the verifier communicate via an **authentication protocol**.
|
||||
- # Some Password Alternatives
|
||||
- One-Time Password (OTP).
|
||||
- Transaction Authentication Number (TAN) list used for online banking - they can only be used once.
|
||||
- Time-synchronised one-time passwords.
|
||||
- Biometric methods.
|
||||
- Fingerprints, irises, voice, face.
|
||||
- Cognitive passwords.
|
||||
- Use question & answer cue/response pairs to verify identity.
|
||||
-
|
||||
- # Algorithmic Generation of OTP
|
||||
- Paper-based TANs are hard to manage -> both the claimant and the verifier need to have a copy of every OTP (possibly hundreds of them).
|
||||
- Idea: each OTP may be created from the passt OTPs used.
|
||||
- An example of this type of algorithm, credited to Leslie Lamport, uses a **one-way function** (hash function).
|
||||
- ## One-Way Functions
|
||||
- What is a **hash function**? #card
|
||||
card-last-interval:: 1.47
|
||||
card-repeats:: 2
|
||||
card-ease-factor:: 2.36
|
||||
card-next-schedule:: 2022-10-08T21:37:51.695Z
|
||||
card-last-reviewed:: 2022-10-07T10:37:51.696Z
|
||||
card-last-score:: 3
|
||||
- A **one-way function** $H$ produces a fixed-size output $h$ based on a variable size input $s$.
|
||||
- $$H(s) = h$$
|
||||
- $H$ is also called a **hash function**, $h$ is called a **hash** (value).
|
||||
- Important: *one-way property*:
|
||||
- For a given hash code $h$, it is infeasible to find $s$ that $H(s) = h$.
|
||||
- ### Leslie Lamport's Algorithm #card
|
||||
card-last-interval:: -1
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.5
|
||||
card-next-schedule:: 2022-10-07T23:00:00.000Z
|
||||
card-last-reviewed:: 2022-10-07T10:48:57.261Z
|
||||
card-last-score:: 1
|
||||
- For every claimant, a random seed (starting value) $s$ is chosen.
|
||||
- A hash function $H(s)$ is applied repeatedly (e.g., 1,000 times) to the seed, giving a value of:
|
||||
- $$H(H(H(...(H(s)....))))$$
|
||||
- The user's first login uses an OTP $p$ derived by applying $H$ 999 times to the seed, i.e., $H^{999}(s)$.
|
||||
- The verifier can authenticate that this is the correct OTP, because $H(p) = H^{1000}(s)$, the value stored.
|
||||
- The value stored is then replaced by $p$ and the user is allowed to log in.
|
||||
- The next login must be accompanied by $H^{998}(s)$.
|
||||
- Again, this can be validated because hashing gives $H^{999}(s)$ which is $p$, the value stored after the previous login.
|
||||
- The new value replaces $p$ and the user is authenticated.
|
||||
- This process can be repeated another 997 times, each time the password will be $H$ applied one fewer times.
|
||||
- ### Time-Synchronised OTP #card
|
||||
card-last-interval:: -1
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.5
|
||||
card-next-schedule:: 2022-10-07T23:00:00.000Z
|
||||
card-last-reviewed:: 2022-10-07T10:17:02.675Z
|
||||
card-last-score:: 1
|
||||
- Each user has a unique piece of hardware called a **security token** that generates an OTP (e.g., mobile phone).
|
||||
- Inside the token is an accurate clock that has been synchronised with the clock of the verifer.
|
||||
- Both claimant token and verifier server calculate identical OTPs that are based on time.
|
||||
- 
|
||||
-
|
||||
- # Some New Biometric Methods
|
||||
- **Hand geometry:** Measurement & comparison of the (unique) different physical characteristics of the hand.
|
||||
- **Palm vein authentication:** Uses an infrared beam to penetrate the user's hand as it is waved over the system; the veins within the palm are returned as black lines.
|
||||
- **Retina scan:** Provides an analysis of the capillary blood vessels located in the back of the eye.
|
||||
- **Iris scan:** Provides an analysis of the rings, furrows, & freckles in the coloured ring that surrounds the pupil of the eye.
|
||||
- Face recognition, signature, & voice analysis.
|
||||
- **Behavioural biometrics:**
|
||||
- 
|
||||
-
|
||||
- # Multi-Factor Authentication
|
||||
- This may include a combination of the following:
|
||||
- Some physical object in the possession of the user, e.g., a USB stick with a secret token, a bank card, a key, etc.
|
||||
- Some secret known only to the user, such as a password, PIN, TAN, etc.
|
||||
- Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, pattern in key press intervals, etc.
|
||||
- Somewhere you are, such as connection to a specific computing network or utilising a GPS signal to identify the location.
|
||||
@ -0,0 +1,87 @@
|
||||
- #[[CT255 - Next Generation Technologies II]]
|
||||
- **Previous Topic:** [[Introduction to Cryptography]]
|
||||
- **Next Topic:** null
|
||||
- **Relevant Slides:** 
|
||||
-
|
||||
- What is a **password**? #card
|
||||
card-last-interval:: 3.45
|
||||
card-repeats:: 2
|
||||
card-ease-factor:: 2.46
|
||||
card-next-schedule:: 2022-10-11T01:20:19.049Z
|
||||
card-last-reviewed:: 2022-10-07T15:20:19.050Z
|
||||
card-last-score:: 3
|
||||
- A **password** is a memorised secret used to confirm the identity of a user.
|
||||
- Typically, an arbitrary string of characters including letters, digits, or other symbols.
|
||||
- A purely numeric secret is called a **Personal Identification Number (PIN)**.
|
||||
- The secret is memorised by a party called the **claimant** while the party verifying the identity of the claimant is called the **verifier**.
|
||||
- The claimant & the verifier communicate via an **authentication protocol**.
|
||||
- # Some Password Alternatives
|
||||
- One-Time Password (OTP).
|
||||
- Transaction Authentication Number (TAN) list used for online banking - they can only be used once.
|
||||
- Time-synchronised one-time passwords.
|
||||
- Biometric methods.
|
||||
- Fingerprints, irises, voice, face.
|
||||
- Cognitive passwords.
|
||||
- Use question & answer cue/response pairs to verify identity.
|
||||
-
|
||||
- # Algorithmic Generation of OTP
|
||||
- Paper-based TANs are hard to manage -> both the claimant and the verifier need to have a copy of every OTP (possibly hundreds of them).
|
||||
- Idea: each OTP may be created from the passt OTPs used.
|
||||
- An example of this type of algorithm, credited to Leslie Lamport, uses a **one-way function** (hash function).
|
||||
- ## One-Way Functions
|
||||
- What is a **hash function**? #card
|
||||
card-last-interval:: 8.35
|
||||
card-repeats:: 3
|
||||
card-ease-factor:: 2.46
|
||||
card-next-schedule:: 2022-10-17T16:51:58.310Z
|
||||
card-last-reviewed:: 2022-10-09T08:51:58.310Z
|
||||
card-last-score:: 5
|
||||
- A **one-way function** $H$ produces a fixed-size output $h$ based on a variable size input $s$.
|
||||
- $$H(s) = h$$
|
||||
- $H$ is also called a **hash function**, $h$ is called a **hash** (value).
|
||||
- Important: *one-way property*:
|
||||
- For a given hash code $h$, it is infeasible to find $s$ that $H(s) = h$.
|
||||
- ### Leslie Lamport's Algorithm #card
|
||||
card-last-interval:: -1
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.5
|
||||
card-next-schedule:: 2022-10-08T23:00:00.000Z
|
||||
card-last-reviewed:: 2022-10-08T15:02:53.292Z
|
||||
card-last-score:: 1
|
||||
- For every claimant, a random seed (starting value) $s$ is chosen.
|
||||
- A hash function $H(s)$ is applied repeatedly (e.g., 1,000 times) to the seed, giving a value of:
|
||||
- $$H(H(H(...(H(s)....))))$$
|
||||
- The user's first login uses an OTP $p$ derived by applying $H$ 999 times to the seed, i.e., $H^{999}(s)$.
|
||||
- The verifier can authenticate that this is the correct OTP, because $H(p) = H^{1000}(s)$, the value stored.
|
||||
- The value stored is then replaced by $p$ and the user is allowed to log in.
|
||||
- The next login must be accompanied by $H^{998}(s)$.
|
||||
- Again, this can be validated because hashing gives $H^{999}(s)$ which is $p$, the value stored after the previous login.
|
||||
- The new value replaces $p$ and the user is authenticated.
|
||||
- This process can be repeated another 997 times, each time the password will be $H$ applied one fewer times.
|
||||
- ### Time-Synchronised OTP #card
|
||||
card-last-interval:: -1
|
||||
card-repeats:: 1
|
||||
card-ease-factor:: 2.5
|
||||
card-next-schedule:: 2022-10-08T23:00:00.000Z
|
||||
card-last-reviewed:: 2022-10-08T15:19:40.334Z
|
||||
card-last-score:: 1
|
||||
- Each user has a unique piece of hardware called a **security token** that generates an OTP (e.g., mobile phone).
|
||||
- Inside the token is an accurate clock that has been synchronised with the clock of the verifer.
|
||||
- Both claimant token and verifier server calculate identical OTPs that are based on time.
|
||||
- 
|
||||
-
|
||||
- # Some New Biometric Methods
|
||||
- **Hand geometry:** Measurement & comparison of the (unique) different physical characteristics of the hand.
|
||||
- **Palm vein authentication:** Uses an infrared beam to penetrate the user's hand as it is waved over the system; the veins within the palm are returned as black lines.
|
||||
- **Retina scan:** Provides an analysis of the capillary blood vessels located in the back of the eye.
|
||||
- **Iris scan:** Provides an analysis of the rings, furrows, & freckles in the coloured ring that surrounds the pupil of the eye.
|
||||
- Face recognition, signature, & voice analysis.
|
||||
- **Behavioural biometrics:**
|
||||
- 
|
||||
-
|
||||
- # Multi-Factor Authentication
|
||||
- This may include a combination of the following:
|
||||
- Some physical object in the possession of the user, e.g., a USB stick with a secret token, a bank card, a key, etc.
|
||||
- Some secret known only to the user, such as a password, PIN, TAN, etc.
|
||||
- Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, pattern in key press intervals, etc.
|
||||
- Somewhere you are, such as connection to a specific computing network or utilising a GPS signal to identify the location.
|
||||
@ -0,0 +1,87 @@
|
||||
- #[[CT255 - Next Generation Technologies II]]
|
||||
- **Previous Topic:** [[Introduction to Cryptography]]
|
||||
- **Next Topic:** [[Hash Cracking Using Rainbow Tables]]
|
||||
- **Relevant Slides:** 
|
||||
-
|
||||
- What is a **password**? #card
|
||||
card-last-interval:: 3.45
|
||||
card-repeats:: 2
|
||||
card-ease-factor:: 2.46
|
||||
card-next-schedule:: 2022-10-11T01:20:19.049Z
|
||||
card-last-reviewed:: 2022-10-07T15:20:19.050Z
|
||||
card-last-score:: 3
|
||||
- A **password** is a memorised secret used to confirm the identity of a user.
|
||||
- Typically, an arbitrary string of characters including letters, digits, or other symbols.
|
||||
- A purely numeric secret is called a **Personal Identification Number (PIN)**.
|
||||
- The secret is memorised by a party called the **claimant** while the party verifying the identity of the claimant is called the **verifier**.
|
||||
- The claimant & the verifier communicate via an **authentication protocol**.
|
||||
- # Some Password Alternatives
|
||||
- One-Time Password (OTP).
|
||||
- Transaction Authentication Number (TAN) list used for online banking - they can only be used once.
|
||||
- Time-synchronised one-time passwords.
|
||||
- Biometric methods.
|
||||
- Fingerprints, irises, voice, face.
|
||||
- Cognitive passwords.
|
||||
- Use question & answer cue/response pairs to verify identity.
|
||||
-
|
||||
- # Algorithmic Generation of OTP
|
||||
- Paper-based TANs are hard to manage -> both the claimant and the verifier need to have a copy of every OTP (possibly hundreds of them).
|
||||
- Idea: each OTP may be created from the passt OTPs used.
|
||||
- An example of this type of algorithm, credited to Leslie Lamport, uses a **one-way function** (hash function).
|
||||
- ## One-Way Functions
|
||||
- What is a **hash function**? #card
|
||||
card-last-interval:: 8.35
|
||||
card-repeats:: 3
|
||||
card-ease-factor:: 2.46
|
||||
card-next-schedule:: 2022-10-17T16:51:58.310Z
|
||||
card-last-reviewed:: 2022-10-09T08:51:58.310Z
|
||||
card-last-score:: 5
|
||||
- A **one-way function** $H$ produces a fixed-size output $h$ based on a variable size input $s$.
|
||||
- $$H(s) = h$$
|
||||
- $H$ is also called a **hash function**, $h$ is called a **hash** (value).
|
||||
- Important: *one-way property*:
|
||||
- For a given hash code $h$, it is infeasible to find $s$ that $H(s) = h$.
|
||||
- ### Leslie Lamport's Algorithm #card
|
||||
card-last-interval:: 0.85
|
||||
card-repeats:: 2
|
||||
card-ease-factor:: 2.36
|
||||
card-next-schedule:: 2022-10-27T07:50:40.061Z
|
||||
card-last-reviewed:: 2022-10-26T11:50:40.061Z
|
||||
card-last-score:: 3
|
||||
- For every claimant, a random seed (starting value) $s$ is chosen.
|
||||
- A hash function $H(s)$ is applied repeatedly (e.g., 1,000 times) to the seed, giving a value of:
|
||||
- $$H(H(H(...(H(s)....))))$$
|
||||
- The user's first login uses an OTP $p$ derived by applying $H$ 999 times to the seed, i.e., $H^{999}(s)$.
|
||||
- The verifier can authenticate that this is the correct OTP, because $H(p) = H^{1000}(s)$, the value stored.
|
||||
- The value stored is then replaced by $p$ and the user is allowed to log in.
|
||||
- The next login must be accompanied by $H^{998}(s)$.
|
||||
- Again, this can be validated because hashing gives $H^{999}(s)$ which is $p$, the value stored after the previous login.
|
||||
- The new value replaces $p$ and the user is authenticated.
|
||||
- This process can be repeated another 997 times, each time the password will be $H$ applied one fewer times.
|
||||
- ### Time-Synchronised OTP #card
|
||||
card-last-interval:: 0.84
|
||||
card-repeats:: 2
|
||||
card-ease-factor:: 2.36
|
||||
card-next-schedule:: 2022-10-11T07:35:51.251Z
|
||||
card-last-reviewed:: 2022-10-10T11:35:51.251Z
|
||||
card-last-score:: 3
|
||||
- Each user has a unique piece of hardware called a **security token** that generates an OTP (e.g., mobile phone).
|
||||
- Inside the token is an accurate clock that has been synchronised with the clock of the verifer.
|
||||
- Both claimant token and verifier server calculate identical OTPs that are based on time.
|
||||
- 
|
||||
-
|
||||
- # Some New Biometric Methods
|
||||
- **Hand geometry:** Measurement & comparison of the (unique) different physical characteristics of the hand.
|
||||
- **Palm vein authentication:** Uses an infrared beam to penetrate the user's hand as it is waved over the system; the veins within the palm are returned as black lines.
|
||||
- **Retina scan:** Provides an analysis of the capillary blood vessels located in the back of the eye.
|
||||
- **Iris scan:** Provides an analysis of the rings, furrows, & freckles in the coloured ring that surrounds the pupil of the eye.
|
||||
- Face recognition, signature, & voice analysis.
|
||||
- **Behavioural biometrics:**
|
||||
- 
|
||||
-
|
||||
- # Multi-Factor Authentication
|
||||
- This may include a combination of the following:
|
||||
- Some physical object in the possession of the user, e.g., a USB stick with a secret token, a bank card, a key, etc.
|
||||
- Some secret known only to the user, such as a password, PIN, TAN, etc.
|
||||
- Some physical characteristic of the user (biometrics), such as a fingerprint, eye iris, voice, typing speed, pattern in key press intervals, etc.
|
||||
- Somewhere you are, such as connection to a specific computing network or utilising a GPS signal to identify the location.
|
||||
Reference in New Issue
Block a user