Cryptographic Authentication 2010

Cryptographic
Authentication
For
DEPARTMENT OF COMPUTER
APPLICATIONS,CUSAT
A Seminar report
Submitted for partial fulfillment of Degree of
Master Of Computer Applications
By
NIRMAL PODDAR

DEPARTMENT OF COMPUTER APPLICATIONS

COCHIN UNIVERSITY OF SCIENCE AND TECHNOLOGY

KOCHI- 682022
KERALA.

Cryptographic Authentication Page 1

 Cryptographic Authentication 2010

Certificate
Certified that this bonafide record of seminar entitled

SECURE EMAIL SYSTEM

Done by

NIRMAL PODDAR

of the Vth semester, Department of Computer Applications in

the June 2010 in partial fulfillment of the requirements to the

award of Degree of Master of Computer Applications Of Cochin

University Of Science and Technology.

Dr. K. V. Pramod

Seminar Report Head Of Department

Cryptographic Authentication Page 2

 Cryptographic Authentication 2010

CONTENTS
 Introduction to Cryptography
 Cryptographic Authentication
 Three Basic Cryptographic Methods
o Something you know
 Password, OTP
o Something you have
 Smart Card, ATM Card , OTP Card
o Something you are
 Finger Print
 Multifactor Authentication
 Other cryptographic Authentication Methods
o Password
o One Time Password
o Public Key Cryptographic
 Elliptic Curve Cryptography
o Zero Knowledge Proofs
 Fiet – Shamir Protocol
 Ali – Baba’s Cave
o Digital Certificate

Cryptographic Authentication Page 3

 Cryptographic Authentication 2010

Cryptography is a method of storing and transmitting data in a form that only those
it is intended for can read and process. It is a science of protecting information by encoding
it into an unreadable format.
Cryptography is an effective way of protecting sensitive information as it is stored on
media or transmitted through network communication paths. Although the ultimate goal of
cryptography, and the mechanisms that make it up, is to hide information from un-
authorized individuals, most algorithms can be broken and the information can be revealed
if the attacker has enough time, desire, and resources. So a more realistic goal of
cryptography is to make obtaining the information too work-intensive to be worth it to the
attacker.

The first encryption methods date back to 4,000 years ago and were considered more of an
ancient art. As encryption evolved, it was mainly used to pass messages through hostile
environments of war, crisis, and for negotiation processes between conflicting groups of
people.
Throughout history, individuals and governments have worked to protect
communication by encrypting it. As time went on, the encryption algorithms and the devices
that used them increased in complexity, new methods and algorithms were continually
introduced, and it became an integrated part of the computing world.

Cryptography Definitions
• Algorithm Set of mathematical rules used in encryption and decryption

• Cryptography Science of secret writing that enables you to store and

transmit
data in a form that is available only to the intended individuals

• Cryptosystem Hardware or software implementation of cryptography that

transforms a message to cipher text and back to plaintext

• Cryptanalysis Practice of obtaining plaintext from cipher text without a key

or breaking the the encryption

• Cryptology The study of both cryptography and cryptanalysis

• Cipher text Data in encrypted or unreadable format

• Encipher Act of transforming data into an unreadable format

• Decipher Act of transforming data into a readable format

Cryptographic Authentication Page 4

 Cryptographic Authentication 2010

• Key Secret sequence of bits and instructions that governs the act of
encryption
and decryption

 Cryptographic authentication :
 The process of identifying one’s identity

 Authentication is the process of reliably verifying the identity of

someone (or something)
 A computer
authenticates another
computer
 A computer is
authenticates a person
 User’s secret must be
remembered by the user
 Authentication is the concept of proving user identity, typically in or to
establish communication order to gain access to a system or network.

 There are three basic authentication means by which an

individual may authenticate his identity :
 Something you have
o Can be stolen
 Such as key , card
 Something you know
o Can be guessed , shared , stolen
 Such as password ,
 Something you are
o Can be costly , copied
 Such as biometrics

Cryptographic Authentication Page 5

 Cryptographic Authentication 2010

Something you Know

Authentication based on what you know

I am alice ,my password is 123axc235

Alice Bob

 Problem :
Eavesdropping

Solution -> Cryptography based

 Storing User Password :

Password cannot stored as in clear text
Store hashed password
Password should be encrypted when you enter to login
 Pros : It is simple to use . It is simple for understanding by user .
 Cons : It can be guessed . It can be cracked easily .

To avoid the problem of using same password each time ,it’s alternative
One Time Password (OTP) has been developed . But it is difficult to remember
new password each time .

Something you have

 OTP Cards (e.g. SecurID): It is an electronic device that generates new password
each time. When the code button is pushed a new dynamic password is displayed on
the card.

The card is based on event-synchronous dynamic password system. The crypto-

algorithm incorporated in the card uses a counter that stays "in sync" with the server
based on the number of passwords generated.

 Smart Card: A smart card is more useful and secure than a magnetic strip card.
The card can hold up to 80 times more data and is much harder to copy a chip than
Cryptographic Authentication Page 6
 Cryptographic Authentication 2010
magnetic strip. Data is protected because it is encrypted inside the chip. Although it
is not possible to steal data from the chip, the high cost and computing power
required deters criminals. The memory chip requires authentication before stored
data is unlocked.

Smart card uses

 In money – people use smart cards to access their individual bank accounts and
withdraw money or check their account information.

 Telephone calls – prepaid telephone cards are credited with a number units to make
calls
 Cell Phones – Smart cards in cell phones contain subscriber information to identify
the user to the network.
 Computer Security – to gain access to a personal computer, a smart card can
authenticate the user.
 Travel – Many subway systems use prepaid smart cards instead of tickets,
passengers swipe their cards to gain access.
 Health – smart cards provide an easy and safe way of storing and checking
confidential medical information.

 tamper-resistant, stores secret information, entered into a card-reader

 ATM Card : An ATM card is a plastic card that looks like a credit card. It allows you to do
the same things at a bank machine or Automatic Teller Machine (ATM) as you would at a
bank. You can get cash, deposit money, check account balances, and receive a copy of your
statement all electronically by using your ATM card and the password to your account,
which is called your Personal Identification Number, or PIN.

 Strength of authentication depends on difficulty of forging

Something you are

Cryptographic Authentication Page 7
 Cryptographic Authentication 2010

Biometrics : Biometrics is the method to recognize or verify the identity of an

individual based on its unique physiological or behavioral characteristics such as Fingerprint,
face, palm, iris, retinal, vein, voice and handwriting. Fingerprint verification is the most
established and matured biometrics techniques. We will only focus on fingerprint
technology hereafter. 

Why biometrics?
Biometrics authenticates an individual based on its unique characteristics. One can
consider himself as his own password, which can hardly be forgotten, stolen and forged.
Thus, biometrics provides a securer solution comparing with PIN or Smart Card
identification. Biometrics can also be widely found in many other applications such as time
attendance management. 

What are the biometrics applications?

The need for biometrics can be found in most of the security departments, military,
government and commercial applications. 

One of the major biometrics applications is access control. PIN and Smart Card system
recognize the PIN or the card instead of you - it identifies what you posses. In other words,
someone can claim that he is you by using your PIN or your smart card. However, a
biometrics system with fingerprint technology recognizes your finger instead of the PIN or
card - it identifies who you are. It will never grant access to anyone else except you. 

Another major biometrics application is time attendance management. Most of the existing
time attendance systems are based on smart card. Lost and damaged cards and cheating on
the system can lead to huge financial loss to the company. Using employee's fingerprint to
mark attendance instead is far more accurate, efficient, cost saving and cheat proof. The
daily attendance report can help the HR manager to save a bundle of time. 

There are various types of Biometrics Authentication Methods :

Finger Print , Iris ,Retinal ,DNA ,etc.

All of these are used widely by users . It is easy to use .

Two Factor Authentication

The two components of two factor authentication

Cryptographic Authentication Page 8

 Cryptographic Authentication 2010
are:
Something you know
Something you have
Traditional authentication schemes used username and password pairs to authenticate
users. This provides minimal security, because many user passwords are very easy to guess.

In two factor authentication, the password still provides the something you know
component. In the most common implementations of two factor authentication, the
something you have component is provided by a small token card. The token card is a
compact electronic
device which displays a number on a small screen. By entering this number into the system
when you attempt to authenticate (login), you prove that that you are in possession of the
card.

 Multi-factor authentication, sometimes called strong authentication, is

an extension of two-factor authentication. While two-factor
authentication only involves exactly two factors, multi-factor
authentication involves two or more factors. Thus, every two-factor
authentication is a multi-factor authentication, but not vice versa.

Other cryptographic Authentication

Methods
Various cryptographic Authentication Methods are used .Some of these are as
follow :
Password
One Time Password
Public Key Cryptography
Zero Knowledge Proofs
Digital Signature

Password :
What is password security?

In order to keep your information secure you must keep your password secure. The
following are not the only ways to keep your password secure but they are a good
start:

 Use passphrases (see below).

Cryptographic Authentication Page 9

 Cryptographic Authentication 2010

 Do not keep your password in open and public spaces (no sticky notes on
your monitors!).
 Change your password periodically.
 Do not use the same password for everything.
 If you think your password may have been compromised, change it
immediately.
 Never tell anyone your password.

Passphrase versus password:

Passphrases are more secure than passwords because they are generally longer,
making them less vulnerable to attack. With technology increasing every day we
strongly recommend using passphrases to secure your accounts.

Passphrase selection:

 Long enough to be hard to guess (eg, automatically by a search program, as

from a list of famous phrases).
 Not a famous quotation from literature, holy books, etc.
 Hard to guess by intuition—even by someone who knows the user well.
 Easy to remember and type accurately.

 One time passwords :

For application that requires higher level of security than static password can
deliver , the KerPass mobile client allows setting a dedicated token that
generates OATH (time synchronous) one time password. A new "PassCode"
can be generated every 30 seconds , and it remains valid for at most 5 minutes.

Cryptographic Authentication Page 10

 Cryptographic Authentication 2010

 Public Key Cryptography : Public key cryptography was invented

in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is
sometime called Diffie-Hellman encryption. It is also called 
asymmetric encryption  because it uses two keys instead of one key (symmetric
encryption).

Public-key encryption (also called asymmetric encryption) involves a pair of

keys--a public key and a private key--associated with an entity that needs to
authenticate its identity electronically or to sign or encrypt data. Each public
key is published , and the corresponding private key is kept secret . Data
encrypted with your public key can be decrypted only with your private
key. Figure  shows a simplified view of the way public-key encryption works.

Figure     Public-key encryption

The scheme shown in Figure , lets you freely distribute a public key, and only
you will be able to read data encrypted using this key. In general, to send
encrypted data to someone, you encrypt the data with that person's public
key, and the person receiving the encrypted data decrypts it with the
corresponding private key.
One Important Authentication method : ECC

 ECC : Elliptic Curve Cryptography

an Elliptic Curve is a set of point on a curve y 2  x 3  ax  b given certain

real numbers a and b . For example

Elliptic Curve Groups: The set of points on an elliptic curve, plus a special
point  form and additive group. The addition of two points on an elliptic
curve is defined geometrically, as shown in the following example.

Cryptographic Authentication Page 11

 Cryptographic Authentication 2010

Elliptic Curve Encryption Algorithms depend on the difficulty of calculating kP where k is a

product of two large primes and P is an element in the Elliptic Curve Group. Geometrically
to add a point P to it self you first construct the tangent line to the curve at the point.
Then the line will intersect the curve at only one point, and the addition of 2P is then
defined to be the negative of the point of intersection as seen below.

Elliptic curve groups over real numbers are not practical for cryptography due to slowness of
calculations and round-off error. This Elliptic Curves Over Finite Fields are used. An elliptic
Fp
curve over a finite field of characteristic greater than three can be formed by choosing
F
the variables a and b within the field p .

Roughly speaking the elliptic curve is then the set of points ( x, y ) which satisfy the elliptic
x, y  Fp
curve equation y  x  ax  b modulo p , where
2 3
; together with a special point 

Cryptographic Authentication Page 12

 Cryptographic Authentication 2010

. If x  ax  b contains no repeated factors, or equivalently if 4a  27b  0(mod p) , then

3 3 2

these points form a group.

It is well known that EGC (the Elliptic Curve Group) is an additive abelian group with 
serving as its identity element.

Example: In the ECG of y  x  x over the field F23 the point (9,5) satisfies the equation
2 3 2

y 2  x 3  x 2 (mod 23) as 25  729  9(mod 23) .

The elements of this ECG are given in the pictured below.

Obviously we no longer have a curve to define our addition geometrically. Emulating the
Fp
geometric construction for addition, the formulas for addition over (characteristic 3) are

given as follows: Let P ( x1 , y1 ) and Q( x2 , y2 ) be elements of the ECG. Then P  Q  ( x3 , y3 )

, where
x3   2  x1  x2

y3   ( x1  x3 )  y1

and
 y2  y1
 x x if PQ
 2 1
  2
 3 x1  a if PQ
 2 y1
Cryptographic Authentication Page 13
 Cryptographic Authentication 2010

These formulas can be easily calculated with computers. For field of characteristic 2 the
equations for addition are worse!

At the heart of every cryptosystem is a hard mathematical problem that is computationally

infeasible to solve. The Discrete Logarithm Problem is the basis for the security of many
cryptosystem including the Elliptic Curve Cryptosystem.

Definition of the Discrete Logarithm Problem:

Fp
In the multiplication group , the discrete logarithm problem that is: Given
F
elements r and q in p , find a number k such that r  qk (mod p ) .

Similarly the Elliptic Curve Discrete Logarithm Problem is: Given points P and Q in an
ECG over a finite field find an integer k such that Pk  Q . Here k is called the
discrete log of Q to the base P.

This doesn’t seem like a difficult problem, but if you don’t know what k is calculating
Pk  Q takes roughly 2k 2 operations. So if k is say, 160 bits long, then it would take about
280 operations!! To put this into perspective, if you could do a billion operations per
second, this would take about 38 million years. This is a huge savings over the standard
public key encryption system where 1024 and 3074 bit keys are recommended. The smaller
size of the keys for Elliptic Curve Encryption makes it idea for applications such as encrypting
cell-phone calls, credit card transactions, and other applications where memory and speed
are an issue. There are pros and cons to both ECC and RSA encryption. ECC is faster then
RSA for signing and decryption, but slower than RSA for signature verification and
encryption. Much of the material used in this paper can be found in the websites listed in
the references.

Cryptographic Authentication Page 14

 Cryptographic Authentication 2010

Zero-Knowledge Proofs

Goldwasser, Micali, and Rackoff first put forward the basic notion of Zero-Knowledge Proof
in 1985. Zero-Knowledge (ZK) protocol is an instance of interactive proof protocol. An
interactive proof protocol is one that authenticates a prover to a verifier using challenge-
response mechanism. In this kind, the verifier can accept or reject the prover at the end of
their communication.

The ZK protocol overcomes major concerns with widely used password based
authentication. In a simple password based authentication, the verifier authenticates the
prover based on a password. The verifier has some, if not complete, knowledge of the
prover’s password. The verifier can thus impersonate the prover to a third party with whom
the prover may share the same password. The main objective of zero-knowledge protocol is
to enable the prover convince the verifier that she knows the secret without revealing any
information about the secret itself. ZK protocols are mostly probabilistic, where the proofs
hold good with a very high probability of success, and are not necessarily absolute. So, the
verifier may either accept or reject the proof after exchanging multiple messages. The
messages consist of challenges and responses. The probability of error can be reduced to a
desirable level by increasing the number of challenges and responses.

There are different variations of zero-knowledge protocols that exist. Some of them are
Perfect ZK, Resettable ZK, Concurrent ZK, Statistical ZK etc.

Properties of Zero-Knowledge Proofs

ZK protocols derive their properties from interactive proof protocols.

Completeness: The protocol is considered complete, if it succeeds with a very high

probability for an honest verifier and an honest prover. The acceptable level of probability
depends on the application.

Cryptographic Authentication Page 15

 Cryptographic Authentication 2010
Soundness: The protocol is considered sound, if it fails for any other false assertion, given a
dishonest prover and an honest verifier.

Advantages of Zero-knowledge proofs

Zero knowledge transfer – As the verifier does not learn anything about prover’s secret s (no
knowledge transferred between two parties), he cannot impersonate the prover to a third
person. Also the prover cannot cheat the verifier with several iterations of the protocol.

Efficiency – The computational efficiency of ZK protocol is because of its interactive proofs

nature. The costly computation related to encryption is avoided.

Degradation – The security of protocol itself does not get degraded with continuous use as
no information about the secret is divulged.

Unsolved mathematical assumptions – ZK protocols are based on various mathematical

Problems like discrete logarithms and integer factorization.

Fiat-Shamir Identification protocol

Fiat-Shamir identification protocol is an example of ZK protocol. In this protocol Alice proves to Bob
her knowledge of a secret, s, using many rounds of three message challenge-responses.

Step1 - A random modulus, n, product of two large prime numbers p and q, is generated by a
Trusted Party. The trusted party keeps the primes p and q secret and publishes n.

Step2 -Alice, the prover selects a secret s, relatively prime to n. Alice, then makes v (=s2) public.

Step3 -To prove her knowledge of the secret s, Alice chooses a random number r, (1 r n-1) using a
random generator. She sends x = r2 mod n, to Bob, the verifier. This is her commitment to
authentication.

Cryptographic Authentication Page 16

 Cryptographic Authentication 2010

Step4 -Bob randomly sends either a 0 or a 1 as e, his challenge.

Step5 -Alice computes the response y = r se mod n, where e  {0,1} is the challenge she receives from
Bob. Thus, depending on Bob’s challenge, 0 or 1, Alice responds with r or, r.se mod n.

Step6 -Bob accepts the response upon checking y 2  x * ve mod n, and rejects if y = 0.

Steps 3-6 are repeated every time Alice wants to prove her knowledge of the secret, symbolically
represented in Fig- 1.

A  B: x = r2 mod n

A  B: e  {0,1}

A  B: y = r * se mod n

Fig – 1 Fiat-Shamir Zero-knowledge protocol

After several iterations, with a very high probability Bob can verify Alice’s
identification. Also Alice’s response in either case does not reveal the secret s
(with y = r or y = r* s mod n).

Since the prover is required to commit a value (the random number r) before the
verifier sends a challenge, the probability that a dishonest impersonator can
authenticate as Alice is only ½. Repeating the above steps several times decreases
the probability that an impersonator without knowledge of the secret can get the
correct response.

It is important that Alice does not repeat the random number r. Bob can collect a
set of Alice’s responses and learn about the secret s, with repeated r. Later Bob
can impersonate Alice to a third person.

Cryptographic Authentication Page 17

 Cryptographic Authentication 2010

Classic Example of Zero-Knowledge Proofs

Ali Baba’s cave

Lets consider an example of Ali Baba’s Cave. Alice wants to prove to Bob her knowledge of
the secret to open the door R-S in the cave without revealing the secret.

Fig 2. Representation of Ali Baba’s Cave

They work as follows:

Alice enters the tunnel and takes the path either R or S. Bob is not aware of this, standing
outside the tunnel (P). Bob comes to Q and calls out Alice through either R or S. The
probability that Alice comes out through the right tunnel is only ½ , if she does not know the
secret. So bob can repeat this several times until he is convinced that Alice knows the secret
to open the door. In this process, Bob doesn’t learn the secret.

Real-Time Applications of Zero-Knowledge Proofs

ZK protocols are used for many real-time applications like authentication, e-voting,
watermark verification, etc. Some products like Sky’s VideoCrypt, Microsoft’s NGSCB also
use ZK protocols. Here, a few of them are mentioned.

Cryptographic Authentication Page 18

 Cryptographic Authentication 2010

Digital Signature

The Digital Signature Algorithm (DSA) is a United States Federal

Government standard or FIPS for digital signatures. It was proposed by
the National Institute of Standards and Technology (NIST) in
August 1991 for use in their Digital Signature Standard (DSS).

A digital signature is an encrypted hash value. From our previous example, if

Kevin wanted to ensure that the message he sent to Maureen was not
modified and he wants her to be sure that it came only from him, he can
digitally sign the message. This means that a one-way hashing function would
be run on the message and then Kevin would encrypt that hash value with his
private key. When Maureen receives the message, she will perform the
hashing function on the message and come up with her own hash value. Then
she will decrypt the sent hash value with Kevin’s public key. She then compares
the two values and if they are the same, she can be sure that the message was
not altered during transmission. She is also sure that the message came from
Kevin because the value was encrypted with his private key. The hashing
function ensures the integrity of the message and the signing of the hash
value provides authentication and nonrepudiation. The act of signing just
means that the value was encrypted with a private key. The steps of a digital
signature are outlined in Figure .

We need to be clear on all the available choices within cryptography, because

different steps and algorithms provide different types of security services:
• A message can be encrypted, which provides confidentiality.
• A message can be hashed, which provides integrity
• A message can be digitally signed, which provides authentication and
integrity.
• A message can be encrypted and digitally signed, which provides
confidentiality, authentication, and integrity.

Cryptographic Authentication Page 19

 Cryptographic Authentication 2010

Some algorithms can only perform encryption, whereas others can perform
digital signatures and encryption. When hashing is involved, a hashing
algorithm is used, not an encryption algorithm.

Key Generation :
p : Prime number where 2 L-1 < p < 2L
For 512 <= L <= 1024 and L is multiple of 64;
q : Prime devisor of (P-1) , where 2 159 < q < 2 160;
g : h (p-1)/q mod p, where h is any integer with 1 < h < (p-1)
such that h (p-1)/q mod p > 1

User’s Private Key :

X : Random or Pseudorandom integer with 0 < x < q

User’s Public Key :

Y = g x mod p

User’s Per-Message Secret Number

K = random or pseudorandom integer with 0 < k < q

Cryptographic Authentication Page 20

 Cryptographic Authentication 2010

Signing :
R = (g k mod) mod q
S = [k -1(H(M) + xr)] mod q
Signature = (r , s)

Verifying :
w = (s’) -1 mod q
u1 = [H(M’)w] mod q
u2 = (r’)w mod q
v = [(g u1 y u2) mod p] mod q
Test : v = r’

DSA is based on the difficulty of computing discrete logarithms and is based on

schemes originally presented by Elgamal and Schnorr .

Cryptographic Authentication Page 21

 Cryptographic Authentication 2010

Conclusion
 User authentication can be handled using one or more different
authentication methods. Some authentication methods such as plain
password authentication are easily implemented but are in general weak
and primitive.
 The fact that plain password authentication it is still by far the most
widely used form of authentication, gives credence to the seriousness of
the lack of security on both the Internet and within private networks.
 Other methods of authentication, that may be more complex and
require more time to implement and maintain, provide strong and
reliable authentication (provided one keeps its secrets secret, i.e. private
keys and phrases).

References
 Cryptography and Network Security ,Principles and Practices – William
Stallings
 http://en.wikipedia.org
 www.google.com , etc

Cryptographic Authentication Page 22