Cryptography Reference
In-Depth Information
of their identity then we call this
mutual
entity authentication. For example,
when someone presents their card and PIN at an ATM then they are engaging
in unilateral entity authentication to the bank. The bank does not authenticate
itself to the customer. Indeed this 'weakness' of ATM authentication has been
regularly exploited by attackers who present fake ATMs to bank customers in
order to harvest their card details and PINs. If the entity authentication process
had been mutual then the customer would have been able to reject the bank. In
fact, ATMs attempt to weakly authenticate themselves simply by 'looking like'
genuine ATMs, but a determined attacker can easily make something that defeats
this by also 'looking like' a real ATM.
8.3.1
A problem with entity authentication
It is important to recognise that entity authentication is a security service
that is only provided for an 'instant in time'. It establishes the identity of a
communicating entity at a specific moment, but just seconds later that entity
could be replaced by another entity, and we would be none the wiser.
To see this, consider the following very simple attack scenario. Alice walks
up to an ATM, inserts her payment card and is asked for her PIN. Alice
enters her PIN. This is an example of entity authentication since the card/PIN
combination is precisely the information that her bank is using to 'identify'
Alice. As soon as the PIN is entered, Alice is pushed aside by an attacker who
takes over the communication session and proceeds to withdraw some cash. The
communication session has thus been 'hijacked'. Note that there was no failure of
the entity authentication mechanism in this example. The only 'failure' is that it is
assumed (fairly reasonably in this case) that the communication that takes place
just a few seconds after the entity authentication check is still with the entity who
successfully presented their identity information to the bank via the ATM.
This instantaneous aspect of entity authentication might suggest that for
important applications we are going to have to conduct almost continuous entity
authentication in order to have assurance of the identity of an entity over a
longer period of time. In the case of the ATM, we would thus have to request
Alice to enter her PIN every time she selects an option on the ATM. This will
really annoy Alice and does not even protect against the above attack, since
the attacker can still push Alice aside at the end of the transaction and steal
her money (we can at least prevent the attacker controlling the amount that is
withdrawn).
Fortunately, cryptography can provide a means of prolonging an entity auth-
entication check in many situations. The solution is to combine entity authen-
tication with the establishment of a cryptographic key. Through the entity
authentication we gain assurance that the key was established with the claimed
entity. Every time the key is correctly used in the future then it should be the case
that the entity who was authenticated is involved in that session, since nobody
