Client authentication has been a continuous source of problems on the Web. Although many well-studied techniques exist for authentication, Web sites continue to use extremely weak authentication schemes, especially in non-enterprise environments such as store fronts. These weaknesses often result from careless use of authenticators within Web cookies. Of the twenty-seven sites we investigated, we weakened the client authentication on two systems, gained unauthorized access on eight, and extracted the secret key used to mint authenticators from one. We provide a description of the limitations, requirements, and security models specific to Web client authentication. This includes the introduction of the interrogative adversary, a surprisingly powerful adversary that can adaptively query a Web site. We propose a set of hints for designing a secure client authentication scheme. Using these hints, we present the design and analysis of a simple authentication scheme secure against forgeries by the interrogative adversary. In conjunction with SSL, our scheme is secure against forgeries by the active adversary.

Abstract not found

In this paper modes of operation for block ciphers are considered. The focus is on a special class of modes, called the block chaining modes. We discuss modes with finite and infinite error propagation and propose the Accumulated Block Chaining (ABC) mode of the latter type. ABC is proposed for application for the Advanced Encryption Standard.

. The linearity of "check vectors" -- a technique of secure distributed computation -- gives an efficient solution to the problem of blind weak signatures (where a weak signature requires the on-line participation of a third party [17]). We refine aspects of the notion of "blinding a signature," and apply our weak schemes to on-line digital cash and other problems. The protocols we present are distinctly short, simple, and of low complexity. 1 Introduction Blind signature schemes, as introduced by Chaum [4], allow a message holder to obtain a signature without disclosing the contents of the message to the signer. In this paper, we explore the possibility of blind signature without any cryptographic assumptions at all. This may seem an unlikely prospect, since any secure signature scheme -- blind or otherwise -- requires some intractability assumptions (one-way functions) [13]. However, what is true for standard signature schemes is not true for "weak" signature schemes. Weak signature...

Kerberos is a widely-deployed network authentication protocol that is being considered for standardization. Many works have analyzed its security, identifying flaws and often suggesting fixes, thus helping the protocol’s evolution. Several recent results present successful formalmethods-based verification of a significant portion of the current version 5, and some even imply security in the computational setting. For these results to hold, encryption in Kerberos should satisfy strong cryptographic security notions. However, neither currently deployed as part of Kerberos encryption schemes nor their proposed revisions are known to provably satisfy such notions. We take a close look at Kerberos ’ encryption and confirm that most of the options in the current version provably provide privacy and authenticity, some with slight modification that we suggest. Our results complement the formal-methods-based analysis of Kerberos that justifies its current design.

this document, a basis for the cooperation between the LiPS group and the Transis group is proposed. As an initial step for collaboration we describe the realization of a tool called TRIPS.

Client authentication has been a continuous source of problems on the Web. Although many well-studied techniques exist for authentication, Web sites continue to use extremely weak authentication schemes, especially in non-enterprise environments such as store fronts. These weaknesses often result from careless use of authenticators within Web cookies. Of the twenty-seven sites we investigated, we weakened the client authentication on two systems, gained unauthorized access on eight, and extracted the secret key used to mint authenticators from one.

This paper investigates the famous TTP network authentication service Kerberos[1] to find out its structural weak points in order to suggest solutions for them. The solutions presented in this paper are used to infer the design criteria of a new better authentication system that is called Anubis after the cemetery guard in the pharonic myth.