Implementing an effective authentication method
Now that we understand the importance of authentication, let’s discuss how to implement it. The most trivial way to authenticate is to use a password. In our smart meter example, the device could send a password to the grid control system. The server would verify the password and then authorize further transactions. While this method is easy to understand, it is by far not the best one. An attacker could quite easily spy on the communication, record the password, and re-use it to authenticate a non-genuine piece of equipment. For this reason, we consider password-based authentication as weak.
A much better way to perform authentication in the digital world is the challenge-response method. Let’s take a look at two flavors of the challenge-response method: one based on symmetric cryptography and another one based on asymmetric cryptography.
Symmetric cryptography-based authentication relies on a shared secret. The host and the device to be authenticated hold the same secret number. The host sends a random number, the challenge, to the device. The device computes a digital signature as a function of the secret and the challenge and sends it back to the device. The host then runs the same computation and compares the result. If both computations match, then the device is authenticated – see figure 1.
In order to make sure that the result cannot be mimicked, it’s essential to use a function that has adequate mathematical properties; for example, making sure that it is impossible to retrieve the secret with the computation result is mandatory. Secure hash functions, such as SHA-256, support these requirements. For the challenge-response method, the device proves it knows a secret without disclosing it. Even if an attacker were to intercept the communication, the attacker still wouldn't access the shared secret.
Authentication based on asymmetric cryptography relies on two keys: a private and a public key. The private key is known only by the device to be authenticated, while the public key can be disclosed to any entity willing to authenticate the device. As in the previously discussed method, the host sends a challenge to the device. The device computes a signature based on the challenge and the private key and sends it back to the host – see figure 2.
But here, the host will use the public key to verify the signature. It’s also critical for the function used to compute the signature to have certain mathematic properties. The most commonly used functions for the asymmetric schemes are RSA and ECDSA. Here also, the device proves it has knowledge of a secret, the private key, without disclosing it.