SlideShare a Scribd company logo

Network Security Unit-2 topic Part-2.pptx

Download as PPTX, PDF
H
harshalipics

Network Security -Message Digest

Technology
1 of 31
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
Network Security
Message Digest A message digest is a fixed-length numerical representation (hash) of a piece of data, typically created by applying a cryptographic hash function to the data. It serves as a unique digital fingerprint of the original data, ensuring its integrity. Even a small change in the input data produces a significantly different digest, which is useful for verifying data integrity and authentication.
Characteristics of Good Message Digest Fixed Size: The output is always of a fixed size, irrespective of the size of the input data. Deterministic: The same input always generates the same output. Collision-Resistant: It is computationally infeasible for two different inputs to produce the same digest. Irreversibility: It is practically impossible to reconstruct the input data from the digest. Avalanche Effect: A small change in the input data causes a dramatic change in the output.
How to create a Message Digest? 1. Choose a Hash Algorithm: Select an appropriate cryptographic hash function (e.g., MD5, SHA-256). 2. Prepare Input Data: Gather the data (message, file, etc.) you want to hash. 3. Apply the Algorithm: Use the selected hash algorithm to compute the digest. 4. Obtain the Digest: The output is the message digest, represented as a string of hexadecimal values.
Popular Message Digest Algorithms MD5 (Message-Digest Algorithm 5): Produces a 128-bit hash value. Widely used in the past but is no longer considered secure due to vulnerabilities to collision attacks. SHA Family (Secure Hash Algorithm): SHA-1: Produces a 160-bit hash; deprecated due to vulnerabilities. SHA-2: Includes SHA-224, SHA-256, SHA-384, and SHA-512, offering increased security. SHA-3: A newer standard using a different construction (Keccak). BLAKE2: Faster than MD5, SHA-1, and SHA-2 while providing strong security. Supports BLAKE2b (for 64-bit platforms) and BLAKE2s (for 32-bit platforms). RIPEMD (RACE Integrity Primitives Evaluation Message Digest): Includes RIPEMD-160, which is more secure than MD5 but less commonly used than SHA-2.
Uses of Message Digests 1.Data Integrity Verification: Ensures that data has not been tampered with during transmission or storage. 2.Digital Signatures: Hashes are used to sign messages, ensuring authenticity and integrity. 3.Password Storage: Securely store hashed versions of passwords rather than plaintext passwords. 4.File Verification: Compare the hash of a downloaded file with the published hash to ensure file integrity. 5.Blockchain: Hashes are fundamental in maintaining the integrity and immutability of blockchain transactions. 6.Tokenization and API Security: Message digests are used in creating secure tokens and API keys.
Real life use case of Message Digest Checksum Generation: Verify file integrity after a download (e.g., using SHA-256 for Linux ISO files). Password Hashing: Protect user passwords in databases using bcrypt, PBKDF2, or Argon2 (not direct message digests like MD5 or SHA). Digital Certificates: Verify the authenticity of a certificate in SSL/TLS communication.
MD5 MD5 is one of the most widely known cryptographic hash functions, designed by Ronald Rivest in 1991. It produces a 128-bit (16-byte) hash value, typically represented as a 32- character hexadecimal number. MD5 was commonly used for integrity checks, digital signatures, and password hashing, but it has since become insecure due to vulnerabilities that allow for collision attacks.
MD5 Algorithm MD5 processes input data in blocks of 512 bits and produces a fixed-size 128-bit hash (16 bytes). The steps involved in creating an MD5 digest are: 1. Padding: The input message is padded so that its length is congruent to 448 modulo 512. Padding involves adding a 1 bit followed by a series of 0 bits, and then appending the length of the original message (in bits) as a 64-bit integer. 2. Initialize Variables: MD5 uses four 32-bit registers initialized to certain constants. 3. Processing in Blocks: The padded message is divided into blocks of 512 bits. Each block is processed iteratively, updating the state with each block. 4. Finalization: After all blocks are processed, the final output is a 128-bit digest, which is typically represented in hexadecimal format.
MD5 algorithm https://www.md5hashgenerator.com/
Drawbacks of MD5 Collision Vulnerability: MD5 is susceptible to collision attacks, where two different inputs produce the same hash. This undermines the security of applications that rely on MD5 for integrity verification or digital signatures. Pre-image Attack: While not as prominent as collision attacks, MD5 also shows vulnerabilities to pre-image attacks (finding the original message from the hash). Speed: The speed of MD5, while initially considered a strength, is now seen as a liability in password hashing and other security applications. Attackers can compute vast numbers of hash values quickly, enabling brute-force attacks.
SHA-256 SHA-256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function that produces a fixed-size 256-bit (32-byte) hash value. It is part of the SHA-2 family, designed by the National Security Agency (NSA). SHA-256 is widely used in various security applications and protocols, including TLS and SSL, PGP, SSH, and Bitcoin blockchain, due to its strong resistance against hash collisions (where two different inputs produce the same hash). SHA-2 256
Characteristics of SHA
Characteristics of SHA
Characteristics of SHA
Key features of SHA-256 Input size: Can process messages of arbitrary length. Output size: Always produces a 256-bit hash, regardless of input size. Deterministic: The same input always results in the same hash. Pre-image resistance: It's computationally infeasible to reverse the hash and obtain the original input. Collision resistance: It's extremely unlikely for two different inputs to produce the same hash value. Avalanche effect: A small change in the input will result in a completely different hash value.
Applications of SHA-256 Digital Signatures: Ensures message authenticity by hashing the message and signing it. Blockchain Technology: Secures transactions and links blocks in cryptocurrency systems like Bitcoin. Password Hashing: Protects passwords by storing their hashed versions instead of plaintext. Data Integrity: Verifies that data has not been altered during transmission or storage. Cryptographic Applications: Used in protocols like TLS/SSL, PGP, and SSH to secure communications. Software Integrity: Verifies that software or firmware has not been tampered with. File Fingerprinting and Deduplication: Identifies unique files and avoids storing duplicates. Time-stamping: Provides verifiable proof of when data was created or modified. SSL/TLS Certificates: Ensures the authenticity of websites by generating digital certificates. Cloud Storage: Detects duplicate files and optimizes storage. Smart Contracts: Verifies the integrity of data in blockchain-based contracts. Secure Data Sharing: Confirms that shared data has not been altered.
Step-1 Padding Bits
Step 2 Padding Length
Step3 Initialize chaining variables
Step 4 Process each block
Step 4 Process each block
Network Security Unit-2 topic Part-2.pptx
Nonlinear process
1. Message Padding : The input message is padded to ensure its length is a multiple of 512 bits. Padding involves adding a 1 bit followed by enough 0 bits, and then appending the original message length as a 64-bit number. 2. Initialization of Hash Values SHA-256 initializes eight 32-bit hash values (A, B, C, D, E, F, G, H) using specific constants derived from prime numbers. 3. Processing in 512-bit Blocks: The padded message is divided into 512-bit blocks, which are processed one by one. 4. Message Schedule Creation : Each 512-bit block is divided into 16 32-bit words. Then, 48 additional words are generated using specific mathematical operations to form a total of 64 words. 5. Compression Function : For each block, a series of logical operations (AND, OR, XOR), modular additions, and shifts/rotations are applied to the data, using the message schedule, hash values, and constants (K). This step mixes the data and generates temporary values. 6. Final Hash Calculation : After processing all blocks, the hash values are updated, and the final 256-bit hash value is obtained by combining the results of all the blocks. SHA-256 Algorithm
Authentication Service An authentication service is a system or process that verifies the identity of a user, device, or system. It ensures that the entity trying to access a resource is who they claim to be. Authentication is a crucial step in the security process, ensuring that only authorized individuals or systems can access sensitive data or services.
Purpose of Authentication Services •Security: Protects systems and data from unauthorized access by verifying identity. •User Management: Ensures that the correct individuals or systems are accessing resources. •Compliance: Many regulations require proper authentication mechanisms to secure sensitive information.
Key Aspects of an Authentication Service Verification of Identity:  The primary role of an authentication service is to confirm the identity of the user or system. This is typically done through one or more of the following methods: o Something you know (e.g., a password or PIN) o Something you have (e.g., a smart card, security token, or phone) o Something you are (e.g., biometric data like fingerprints or facial recognition)
Key Aspects of an Authentication Service Authentication Methods: 1. Single-Factor Authentication (SFA): Uses one method, usually something the user knows (e.g., a password). 2. Two-Factor Authentication (2FA): Requires two separate forms of authentication, usually combining something the user knows (e.g., password) with something they have (e.g., a code sent via SMS or generated by an app). 3. Multi-Factor Authentication (MFA): Involves two or more forms of authentication, enhancing security.
Key Aspects of an Authentication Service Session Management:  After the authentication process, the system typically issues a session token or cookie to maintain the authenticated state of the user for the duration of their session, avoiding the need to re-authenticate repeatedly.
Key Aspects of an Authentication Service Examples of Authentication Services:  Username and Password Authentication: A common method where the system verifies the user's identity based on their credentials.  OAuth (Open Authorization): A protocol that allows users to grant third- party applications access to their data without sharing their credentials.  Single Sign-On (SSO): A service that allows users to authenticate once and gain access to multiple systems or services without needing to log in again.

More Related Content

PPTX
Blockchain Technology Explained: A Beginner's Guide to the Future of the Inte...
NAtional Institute of TEchnology Rourkela , Galgotias University
 
PPT
An Introduction to Hashing: A basic understanding
prabhatv1
 
PPTX
Message Digest message digest ppttsx.pptx
LaxmipujaBiradar
 
PPTX
Information and data security cryptographic hash functions
Mazin Alwaaly
 
PPT
Hash Function & Analysis
Pawandeep Kaur
 
PPTX
IS413 Topic 5.pptx
WarrenPhiri4
 
PPTX
Secure Hashing Techniques - Introduction
Udhayyagethan Mano
 
PPTX
Cryptography-Hash-Functions.pptx
AngeloChangcoco
 
Blockchain Technology Explained: A Beginner's Guide to the Future of the Inte...
NAtional Institute of TEchnology Rourkela , Galgotias University
 
An Introduction to Hashing: A basic understanding
prabhatv1
 
Message Digest message digest ppttsx.pptx
LaxmipujaBiradar
 
Information and data security cryptographic hash functions
Mazin Alwaaly
 
Hash Function & Analysis
Pawandeep Kaur
 
IS413 Topic 5.pptx
WarrenPhiri4
 
Secure Hashing Techniques - Introduction
Udhayyagethan Mano
 
Cryptography-Hash-Functions.pptx
AngeloChangcoco
 

Similar to Network Security Unit-2 topic Part-2.pptx (20)

ODP
CISSP Week 20
jemtallon
 
PPTX
cryptography and network security cns.pptx
gkumar610
 
PDF
The SHA Hashing Algorithm
Bob Landstrom
 
PDF
A Comparative Analysis between SHA and MD5 algorithms
Er Piyush Gupta IN ⊞⌘
 
PPT
Hash crypto
Harry Potter
 
PPT
Hash crypto
Luis Goldster
 
PPT
Hash crypto
David Hoen
 
PPT
Hash crypto
Tony Nguyen
 
PPT
Hash crypto
James Wong
 
PPT
Hash crypto
Young Alista
 
PPT
Hash crypto
Fraboni Ec
 
PDF
cryptography summary hash function slides
sarala9
 
PDF
CNIT 141: 6. Hash Functions
Sam Bowne
 
PPT
ENGG_CSE_III_YEAR_Message_Digest_MD_5.ppt
SakethBhargavaRallap
 
PDF
CNIT 141 6. Hash Functions
Sam Bowne
 
PDF
CNIT 141: 6. Hash Functions
Sam Bowne
 
PDF
Unit-3.pdf
HarishChaudhary21
 
PDF
Sha
ha123
 
PPTX
Secure Hash Authentication in Network Security.pptx
NithyasriA2
 
PPT
Hash_Crypto.ppt
ssuser5297f5
 
CISSP Week 20
jemtallon
 
cryptography and network security cns.pptx
gkumar610
 
The SHA Hashing Algorithm
Bob Landstrom
 
A Comparative Analysis between SHA and MD5 algorithms
Er Piyush Gupta IN ⊞⌘
 
Hash crypto
Harry Potter
 
Hash crypto
Luis Goldster
 
Hash crypto
David Hoen
 
Hash crypto
Tony Nguyen
 
Hash crypto
James Wong
 
Hash crypto
Young Alista
 
Hash crypto
Fraboni Ec
 
cryptography summary hash function slides
sarala9
 
CNIT 141: 6. Hash Functions
Sam Bowne
 
ENGG_CSE_III_YEAR_Message_Digest_MD_5.ppt
SakethBhargavaRallap
 
CNIT 141 6. Hash Functions
Sam Bowne
 
CNIT 141: 6. Hash Functions
Sam Bowne
 
Unit-3.pdf
HarishChaudhary21
 
Sha
ha123
 
Secure Hash Authentication in Network Security.pptx
NithyasriA2
 
Hash_Crypto.ppt
ssuser5297f5
 
Ad

Recently uploaded (20)

PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PDF
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
PDF
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
Brief History of Internet - Early Days of Internet
sutharharshit158
 
PDF
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
PDF
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
PDF
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
PDF
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
How-Cloud-Computing-Impacts-Businesses-in-2025-and-Beyond.pdf
Artjoker Software Development Company
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PDF
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
PPTX
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
PDF
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
PDF
BLW VOCATIONAL TRAINING SUMMER INTERNSHIP REPORT
codernjn73
 
PDF
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
PDF
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
PPTX
Applied-Statistics-Mastering-Data-Driven-Decisions.pptx
parmaryashparmaryash
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
Orbitly Pitch Deck|A Mission-Driven Platform for Side Project Collaboration (...
zz41354899
 
The Evolution of KM Roles (Presented at Knowledge Summit Dublin 2025)
Enterprise Knowledge
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
Brief History of Internet - Early Days of Internet
sutharharshit158
 
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
Presentation about Hardware and Software in Computer
snehamodhawadiya
 
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
Accelerating Oracle Database 23ai Troubleshooting with Oracle AHF Fleet Insig...
Sandesh Rao
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
How-Cloud-Computing-Impacts-Businesses-in-2025-and-Beyond.pdf
Artjoker Software Development Company
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
Oracle AI Vector Search- Getting Started and what's new in 2025- AIOUG Yatra ...
Sandesh Rao
 
The-Ethical-Hackers-Imperative-Safeguarding-the-Digital-Frontier.pptx
sujalchauhan1305
 
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
BLW VOCATIONAL TRAINING SUMMER INTERNSHIP REPORT
codernjn73
 
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
Applied-Statistics-Mastering-Data-Driven-Decisions.pptx
parmaryashparmaryash
 
Ad

Network Security Unit-2 topic Part-2.pptx

  • 2. Message Digest A message digest is a fixed-length numerical representation (hash) of a piece of data, typically created by applying a cryptographic hash function to the data. It serves as a unique digital fingerprint of the original data, ensuring its integrity. Even a small change in the input data produces a significantly different digest, which is useful for verifying data integrity and authentication.
  • 3. Characteristics of Good Message Digest Fixed Size: The output is always of a fixed size, irrespective of the size of the input data. Deterministic: The same input always generates the same output. Collision-Resistant: It is computationally infeasible for two different inputs to produce the same digest. Irreversibility: It is practically impossible to reconstruct the input data from the digest. Avalanche Effect: A small change in the input data causes a dramatic change in the output.
  • 4. How to create a Message Digest? 1. Choose a Hash Algorithm: Select an appropriate cryptographic hash function (e.g., MD5, SHA-256). 2. Prepare Input Data: Gather the data (message, file, etc.) you want to hash. 3. Apply the Algorithm: Use the selected hash algorithm to compute the digest. 4. Obtain the Digest: The output is the message digest, represented as a string of hexadecimal values.
  • 5. Popular Message Digest Algorithms MD5 (Message-Digest Algorithm 5): Produces a 128-bit hash value. Widely used in the past but is no longer considered secure due to vulnerabilities to collision attacks. SHA Family (Secure Hash Algorithm): SHA-1: Produces a 160-bit hash; deprecated due to vulnerabilities. SHA-2: Includes SHA-224, SHA-256, SHA-384, and SHA-512, offering increased security. SHA-3: A newer standard using a different construction (Keccak). BLAKE2: Faster than MD5, SHA-1, and SHA-2 while providing strong security. Supports BLAKE2b (for 64-bit platforms) and BLAKE2s (for 32-bit platforms). RIPEMD (RACE Integrity Primitives Evaluation Message Digest): Includes RIPEMD-160, which is more secure than MD5 but less commonly used than SHA-2.
  • 6. Uses of Message Digests 1.Data Integrity Verification: Ensures that data has not been tampered with during transmission or storage. 2.Digital Signatures: Hashes are used to sign messages, ensuring authenticity and integrity. 3.Password Storage: Securely store hashed versions of passwords rather than plaintext passwords. 4.File Verification: Compare the hash of a downloaded file with the published hash to ensure file integrity. 5.Blockchain: Hashes are fundamental in maintaining the integrity and immutability of blockchain transactions. 6.Tokenization and API Security: Message digests are used in creating secure tokens and API keys.
  • 7. Real life use case of Message Digest Checksum Generation: Verify file integrity after a download (e.g., using SHA-256 for Linux ISO files). Password Hashing: Protect user passwords in databases using bcrypt, PBKDF2, or Argon2 (not direct message digests like MD5 or SHA). Digital Certificates: Verify the authenticity of a certificate in SSL/TLS communication.
  • 8. MD5 MD5 is one of the most widely known cryptographic hash functions, designed by Ronald Rivest in 1991. It produces a 128-bit (16-byte) hash value, typically represented as a 32- character hexadecimal number. MD5 was commonly used for integrity checks, digital signatures, and password hashing, but it has since become insecure due to vulnerabilities that allow for collision attacks.
  • 9. MD5 Algorithm MD5 processes input data in blocks of 512 bits and produces a fixed-size 128-bit hash (16 bytes). The steps involved in creating an MD5 digest are: 1. Padding: The input message is padded so that its length is congruent to 448 modulo 512. Padding involves adding a 1 bit followed by a series of 0 bits, and then appending the length of the original message (in bits) as a 64-bit integer. 2. Initialize Variables: MD5 uses four 32-bit registers initialized to certain constants. 3. Processing in Blocks: The padded message is divided into blocks of 512 bits. Each block is processed iteratively, updating the state with each block. 4. Finalization: After all blocks are processed, the final output is a 128-bit digest, which is typically represented in hexadecimal format.
  • 11. Drawbacks of MD5 Collision Vulnerability: MD5 is susceptible to collision attacks, where two different inputs produce the same hash. This undermines the security of applications that rely on MD5 for integrity verification or digital signatures. Pre-image Attack: While not as prominent as collision attacks, MD5 also shows vulnerabilities to pre-image attacks (finding the original message from the hash). Speed: The speed of MD5, while initially considered a strength, is now seen as a liability in password hashing and other security applications. Attackers can compute vast numbers of hash values quickly, enabling brute-force attacks.
  • 12. SHA-256 SHA-256 (Secure Hash Algorithm 256-bit) is a cryptographic hash function that produces a fixed-size 256-bit (32-byte) hash value. It is part of the SHA-2 family, designed by the National Security Agency (NSA). SHA-256 is widely used in various security applications and protocols, including TLS and SSL, PGP, SSH, and Bitcoin blockchain, due to its strong resistance against hash collisions (where two different inputs produce the same hash). SHA-2 256
  • 16. Key features of SHA-256 Input size: Can process messages of arbitrary length. Output size: Always produces a 256-bit hash, regardless of input size. Deterministic: The same input always results in the same hash. Pre-image resistance: It's computationally infeasible to reverse the hash and obtain the original input. Collision resistance: It's extremely unlikely for two different inputs to produce the same hash value. Avalanche effect: A small change in the input will result in a completely different hash value.
  • 17. Applications of SHA-256 Digital Signatures: Ensures message authenticity by hashing the message and signing it. Blockchain Technology: Secures transactions and links blocks in cryptocurrency systems like Bitcoin. Password Hashing: Protects passwords by storing their hashed versions instead of plaintext. Data Integrity: Verifies that data has not been altered during transmission or storage. Cryptographic Applications: Used in protocols like TLS/SSL, PGP, and SSH to secure communications. Software Integrity: Verifies that software or firmware has not been tampered with. File Fingerprinting and Deduplication: Identifies unique files and avoids storing duplicates. Time-stamping: Provides verifiable proof of when data was created or modified. SSL/TLS Certificates: Ensures the authenticity of websites by generating digital certificates. Cloud Storage: Detects duplicate files and optimizes storage. Smart Contracts: Verifies the integrity of data in blockchain-based contracts. Secure Data Sharing: Confirms that shared data has not been altered.
  • 19. Step 2 Padding Length
  • 21. Step 4 Process each block
  • 22. Step 4 Process each block
  • 25. 1. Message Padding : The input message is padded to ensure its length is a multiple of 512 bits. Padding involves adding a 1 bit followed by enough 0 bits, and then appending the original message length as a 64-bit number. 2. Initialization of Hash Values SHA-256 initializes eight 32-bit hash values (A, B, C, D, E, F, G, H) using specific constants derived from prime numbers. 3. Processing in 512-bit Blocks: The padded message is divided into 512-bit blocks, which are processed one by one. 4. Message Schedule Creation : Each 512-bit block is divided into 16 32-bit words. Then, 48 additional words are generated using specific mathematical operations to form a total of 64 words. 5. Compression Function : For each block, a series of logical operations (AND, OR, XOR), modular additions, and shifts/rotations are applied to the data, using the message schedule, hash values, and constants (K). This step mixes the data and generates temporary values. 6. Final Hash Calculation : After processing all blocks, the hash values are updated, and the final 256-bit hash value is obtained by combining the results of all the blocks. SHA-256 Algorithm
  • 26. Authentication Service An authentication service is a system or process that verifies the identity of a user, device, or system. It ensures that the entity trying to access a resource is who they claim to be. Authentication is a crucial step in the security process, ensuring that only authorized individuals or systems can access sensitive data or services.
  • 27. Purpose of Authentication Services •Security: Protects systems and data from unauthorized access by verifying identity. •User Management: Ensures that the correct individuals or systems are accessing resources. •Compliance: Many regulations require proper authentication mechanisms to secure sensitive information.
  • 28. Key Aspects of an Authentication Service Verification of Identity:  The primary role of an authentication service is to confirm the identity of the user or system. This is typically done through one or more of the following methods: o Something you know (e.g., a password or PIN) o Something you have (e.g., a smart card, security token, or phone) o Something you are (e.g., biometric data like fingerprints or facial recognition)
  • 29. Key Aspects of an Authentication Service Authentication Methods: 1. Single-Factor Authentication (SFA): Uses one method, usually something the user knows (e.g., a password). 2. Two-Factor Authentication (2FA): Requires two separate forms of authentication, usually combining something the user knows (e.g., password) with something they have (e.g., a code sent via SMS or generated by an app). 3. Multi-Factor Authentication (MFA): Involves two or more forms of authentication, enhancing security.
  • 30. Key Aspects of an Authentication Service Session Management:  After the authentication process, the system typically issues a session token or cookie to maintain the authenticated state of the user for the duration of their session, avoiding the need to re-authenticate repeatedly.
  • 31. Key Aspects of an Authentication Service Examples of Authentication Services:  Username and Password Authentication: A common method where the system verifies the user's identity based on their credentials.  OAuth (Open Authorization): A protocol that allows users to grant third- party applications access to their data without sharing their credentials.  Single Sign-On (SSO): A service that allows users to authenticate once and gain access to multiple systems or services without needing to log in again.

Editor's Notes

  • #10: https://www.comparitech.com/blog/information-security/md5-algorithm-with-examples/