CIS 551/TCOM 401  Notes

March 2, 2006

SSH, Human Authentication

• Secure Shell (SSH)
  - Passwords are sent in plaintext in telnet, ftp, etc.
  - Developed as a replacement for those insecure tools.
  - Uses a key to authenticate a remote server. Such public key needs to be passed to the client beforehand.
  - Compatible with Kerberos.
  - In order to support different versions of SSH clients and servers, the protocol and encryption methods to be used in a particular session need to be negotiated every time.
  　
• SSH Protocol
  - Checks if client and server are compatible based on their version numbers.
  - Sends a list of preferred algorithms each other (e.g. Diffee-Hellman : 192bits : DES)
  - If client and server are the same version and developed by the same author, then most likely they will send the same list of algorithms each other.
  
  Note: DSA stands for Digital Signature Algorithm and is used only for digital signatures
  　
• SSH Protection
  - Uses hash to protect from modification of data.
  - To protect from spoofed connections to an X11 server, SSH tunneling provides a way for a user to forward the X11 connection to the SSH encrypted channel, although the X11 server itself may not explicitly support the SSH connection.
  　
• SSH1 vs. SSH2
  - SSH2 is a newer version.
  - SSH2 can be compatible with SSH1, but not vice versa.
  　
• Human Authentication
  - People use passwords, ID cards, and biometrics for authentication.
  　
• Authenticating Humans
  - Cannot forget passwords.
  - Passwords, licenses, Penn Cards may be stolen.
  　
• Passwords
  - Shapes are very easy to be recognized by humans, but very hard for machines.
  - Helps prevent automated attacks.
  　
• Leaks
  - Better not to reuse passwords for different services (if one is down, everything else is down).
  - In reality, very hard to keep track of all the passwords if one must choose them all differently.
  - Then if they wrote them down, that would be more insecure.
  　
• Counter-hacks
  - Slowing down the time to prompt for login after failing to provide the correct user name/password does not have much impact on a legitimate user who remembers them correctly, but can slow down a malicious user from randomly guessing.
  　
• Hash-based 1-time Passwords
  - Given a secret w, can decide how many times one wants to authenticate ahead of time.