1 / 10

Authentication Approaches

Authentication Approaches. Phillip Hallam-Baker VeriSign Inc. Why?. Authentication + Authorization = Access Control Authentication IP Address Cryptographic Authorization Email Address Whitelists [alice@example.com] Domain Whitelists [example.com] Payment [$0.01 stamp].

teneil
Télécharger la présentation

Authentication Approaches

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authentication Approaches Phillip Hallam-Baker VeriSign Inc.

  2. Why? Authentication + Authorization = Access Control • Authentication • IP Address • Cryptographic • Authorization • Email Address Whitelists [alice@example.com] • Domain Whitelists [example.com] • Payment [$0.01 stamp]

  3. How Strong is Enough? • LIST Kiddies • Like a script kiddie but they pay for the mailing list • Actually a spam victim, they get worthless service in return • SPAM Houses • Will adapt to heuristic authentication approaches • But it will cost them

  4. PKI • Infrastructure exists to • Ensure that a party owns the purported domain name • Ensure that legal process can be served on the certificate holder • With a high (but not absolute) degree of confidence SECURITY IS RISK CONTROLNOT RISK ELIMINATION

  5. Deployment Argument • Authentication Compliments Filtering • Network effect, aka Chicken and Egg problem • Avoid false positives • Without creating backdoors • ‘Allow all mail from hotmail.com, they use rate limiting’ • Allows more aggressive criteria • Cryptographic Authentication is robust • Asymmetric work factor • No viable counter-strategies

  6. Problem – Email Insecure by Default • Downgrade attack • I can tell a signed message comes from the sender • I cannot assume an unsigned message is false • Key is to know the security policy of the domain

  7. DNS Based Security Policy • Reverse IP look up • Some Current Use • Only demonstrates that the IP address has been assigned • IPv4 address exhaustion will make this uninteresting • Configuration problem – servers handling 1000’s of domains • Many ISPs do not delegate reverse DNS as they should • Get a new ISP is an idiotic deployment strategy

  8. Forward DNS • Address based authentication • RCPT From [Vixie] • Reverse MX • Pro: Lightweight, almost costless • Pro: Obsoletes most existing spamware • Con: Could be vulnerable to new spamware • Con: Some operational issues • Con: Only works if mail from domain is relayed

  9. Generalized Security Policy • Security Policy Advertisement Mechanism • Advertise any form of security policy • ALWAYS comes from address X, Y or Z • OPTIONAL uses STARTTLS, cert root has SHA1 P • OPTIONAL uses S/MIME, cert root has SHA1 Q • OPTIONAL uses PGP, validate against XKMS R • NEVER uses NULL Authentication • Can be generalized to other protocols • IPSEC, SSH, NNTP, POP, IMAP…

  10. This is Just a Bug We Are going to FIX IT

More Related