This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Tuesday, February 28 • 13:40 - 15:10
Entity Authentication

Sign up or log in to save this to your schedule and see who's attending!

Learning objectives

Gain insight into

  • entity authentication protocols,
  • the benefits and limitations of authentication factors,
  • key establishment protocols,
  • why and how to use authentication servers.

Authentication methods are based on something known, owned, biometric, location or evidence of trusted third party authentication.

  • A password is a case of something known. Passwords are a vulnerable, but cheap and convenient way of authenticating an entity. Several techniques to augment their effectiveness are in use including challenge-response and one-time passwords.
  • Secure devices such as smart cards and USB tokens often combine the 'owned' with the 'known', since secret keys are locked in the token with a password or PIN code. However, within the broad category of secure tokens, trustworthiness is variable, depending on whether keys can be extracted, passwords can be eavesdropped or the device can be tampered with.
  • Biometry identifies a person via physical characteristics.
  • Location is often used as the sole authentication factor, but is insecure given the relative ease of spoofing IP or MAC addresses.
  • Multi-factor authentication is stronger than single-factor.
  • The Kerberos protocol uses a key distribution-based authentication server. Service consumers must authenticate with a central server to obtain a secret session key with service providers. Such schemes require a single sign-on to access servers across a trust domain.

While public key cryptography is well suited to entity authentication, performance constraints often mandate a symmetric algorithm for encrypting data passed between systems. Key establishment should be linked to authentication, so that a party has assurances that a key is only shared with the authenticated party. The Diffie-Hellman key agreement protocol underlies a host of current technologies such as STS (Station-to-Station protocol) and IKE.

avatar for Bart Preneel

Bart Preneel

Professor, imec-COSIC, KU Leuven
Professor Bart Preneel of KU Leuven heads the  imec-COSIC (COmputer Security and Industrial Cryptography) research group. His main research areas are information security and privacy with a focus on cryptographic algorithms and protocols and efficient and secure implementations.  He has authored more than 400 scientific publications and is inventor of five patents. He teaches cryptology, network security and discete algebra at the... Read More →

Tuesday February 28, 2017 13:40 - 15:10
Room: Lemaire

Attendees (4)