Lecture
The main disadvantage of the above authentication methods is that they do not authenticate a specific subject, but fix the fact that the authenticator of the subject corresponds to its identifier. That is, all the listed methods are not protected from compromise of the authenticator, when in some way (by guessing, iterating, stealing) the password or authenticating device becomes accessible to the attacker. Biometric identification or authentication methods are free from this drawback, since they are based on an analysis of the unique characteristics of the person himself. In this case, the original and inherent characteristics of a person are taken into account as authentication information. The most frequently used are the following:
1. Fingerprints.
2. Drawing the iris.
As an example of the latter, one may call “keyboard style”. The way to work with a computer keyboard for different users has individual characteristics (set rate, temporal characteristics between pressing certain keys, etc.). These characteristics are measured during user authentication and compared with a previously saved reference for this user. The reliability of biometric authentication methods can be assessed according to the data in Table 3.1 [11].
Table 3.1
Reliability of biometric authentication methods
Biometric method | Error rate |
Voice recognition | 3% |
Facsimile signature dynamics | 2% |
Retinal scan | 2% |
Hand geometry | 0.1% |
Fingerprints | 0% |
The main disadvantage of such authentication methods is their high cost; for some of them, sufficient accuracy has not yet been achieved.
3.5. Conclusion
User authentication is an important element of security. The most popular authentication method is password authentication, based on the user's knowledge of a certain phrase. It uses cryptographic methods (hashing) to protect against password interception. Certificate-based authentication uses asymmetric client-server interaction schemes. The use of authenticating devices and biometric parameters is more expensive and therefore less popular authentication methods.
Comments
To leave a comment
Information security, Cryptography and cryptanalysis, Steganography and Stegoanalysis
Terms: Information security, Cryptography and cryptanalysis, Steganography and Stegoanalysis