Skip to main content Accessibility help
×
Home
Hostname: page-component-99c86f546-4k54s Total loading time: 0.363 Render date: 2021-12-03T05:36:25.738Z Has data issue: true Feature Flags: { "shouldUseShareProductTool": true, "shouldUseHypothesis": true, "isUnsiloEnabled": true, "metricsAbstractViews": false, "figures": true, "newCiteModal": false, "newCitedByModal": true, "newEcommerce": true, "newUsageEvents": true }

3 - Authentication and digital signature

from I - E-security

Published online by Cambridge University Press:  11 September 2009

Mohammad Obaidat
Affiliation:
Monmouth University, New Jersey
Noureddine Boudriga
Affiliation:
Université du 7 Novembre à Carthage, Tunis
Get access

Summary

This chapter considers the techniques developed to provide assurance that the identity of a user is as declared and that a transmitted message has not been changed after its signature. This prevents impersonation and maintains message integrity. Weak authentication and strong authentication schemes are addressed and the most common authentication services are also elaborated on in this chapter.

Introduction

As stated in the previous chapters, entity authentication can be defined as the process through which the identity of an entity (such as an individual, a computer, an application, or a network) is demonstrated. Authentication involves two parties, a prover (called also claimant) and a verifier (called also recipient). The prover presents its identity and a proof of that identity. The verifier ensures that the prover is, in fact, who he/she claims to be by checking the proof. Authentication is distinct from identification, which aims at determining whether an individual is known to the system. It is also different from authorization, which can be defined as the process of granting the user access to specific system resources based on his/her profile and the local/global policy controlling the resource access. In the following sections, however, we will use the terms identification and authorization to designate the same concept.

Message authentication, on the other hand, provides the assurance that a message has not been modified during its transmission.

Type
Chapter
Information
Publisher: Cambridge University Press
Print publication year: 2007

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Anshel, M. and Goldfeld, D. (1997). Zeta functions, one-way functions, and pseudorandom generators. Duke Math Journal, 88, 371–90.CrossRefGoogle Scholar
Bellovin, S. M. and Merrit, M. (1991). Limitations of Kerberos authentication system. In Proceedings of the Winter 1991 Usenix Conference (available at http://research.att.com/dist/internet_security/kerblimit.usenix.ps).Google Scholar
ElGamel, T. (1985). A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, IT 31, 4, 469–72.CrossRefGoogle Scholar
Fiat, A. and Shamir, A. (1987). How to prove yourself: practical solutions to identification and signature problems. In Advances in Cryptology (CRYPTO 86), Lecture Notes in Computer Science 263, Springer-Verlag, 186–94.Google Scholar
Itoi, N. and Honeyman, P. (1999). Practical Security Systems with Smartcards. In Workshop on Hot Topics in Operating Systems 1999. IEEE Computer Society Press, 185–190.Google Scholar
Kohl, J., Neuman, B., and Ts'o, T. (1994). The evolution of Kerberos authentication service. In Distributed Open Systems. IEEE Computer Society Press, pp. 78–94.Google Scholar
Maughan, D., M. Schertler, M. Scheider, and J. Turner (1998). Internet Security Association and Key Management Proto (ISAKMP) RFC 2408. Retrieved October 25, 2006 from http.//dc.qut.edu.au/rfc/rfc2408.txt.
Menezes, A., Oorschot, P., and Vanstone, S. (1996). The Handbook of Applied Cryptography. CRC Press.CrossRefGoogle Scholar
Nicopolitidis, P., Obaidat, M. S., Papadimitriou, G. I., and Pomportsis, A. S. (2003). Wireless Networks. Wiley.Google Scholar
Obaidat, M. S. and Macchairllo, D. (1994). A multilayer neural network system for computer access security. IEEE Transactions on Systems, Man, and Cybernetics, Vol. 24, No. 5, 806–13.CrossRefGoogle Scholar
Obaidat, M. S. and Sadoun, B. (1997). Verification of computer users using keystroke dynamics. IEEE Transactions on Systems, Man, and Cybernetics, Part B, Vol. 27, No. 2, 261–9.CrossRefGoogle ScholarPubMed
Obaidat, M. S. and B. Sadoun (1999). Keystroke dynamics based identification. In Biometrics: Personal Identification in Networked Society, Anil, Jainet al. (eds.), Kluwer, pp. 213–29.Google Scholar
Robshaw, M. (1995). MD2, MD4, MD5, SHA and other hash functions. RSA laboratories Technical Report TR-101 (available at www.rsasecurity.com/rsalabs/index.html).
Syverson, P. (1994). A taxonomy of Replay attacks. In Computer Security Foundations Workshop VII. IEEE Computer Society Press, pp. 131–6.Google Scholar
Tzeng, Z. G. and Hu, C. M. (1999). Inter-protocol interleaving attacks on some authentication and key distribution protocols. Information Processing L., 69(6), 297–302.Google Scholar

Send book to Kindle

To send this book to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about sending to your Kindle.

Note you can select to send to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be sent to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

Available formats
×

Send book to Dropbox

To send content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about sending content to Dropbox.

Available formats
×

Send book to Google Drive

To send content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about sending content to Google Drive.

Available formats
×