Authentication

Terms and concepts you should know

Paul Krzyzanowski

March 27, 2022

Key exchange and authentication

  • Identification
  • Authentication
  • Authorization
  • Pre-shared key
  • Mutual authentication
  • Trusted third party
  • Session key
  • Security protocol notation
  • Nonce
  • Replay attack
  • Needham-Schroeder protocol
  • Denning-Sacco modification
  • Otway-Rees Protocol
  • Kerberos
    • Authentication Service
    • Ticket Granting Service
    • Ticket
  • Public key authentication

User authentication

  • Factors of authentication
  • Multi-factor authentication
  • Password Authentication Protocol (PAP)
  • Password hashes
  • Dictionary attack
  • Precomputed hashes
  • Salt
  • Password manager
  • Reusable vs. one-time passwords
  • One-time passwords
    • Forms of one-time passwords
    • Sequence-based passwords: S/Key
    • Challenge-based passwords: CHAP
    • Time-based passwords: TOTP
    • Hash-based passwords: HOTP
    • You don’t need to know RSA SecurID, SASL
    • Push notification, MFA fatigue
    • Number matching authentication
    • Main-in-the-middle (MitM) attacks
Last modified October 6, 2024.

© Paul Krzyzanowski. All rights reserved.

For questions or comments about this site, contact Paul Krzyzanowski, gro.kp@ofnibew

recycled pixels

The entire contents of this site are protected by copyright under national and international law. No part of this site may be copied, reproduced, stored in a retrieval system, or transmitted, in any form, or by any means whether electronic, mechanical or otherwise without the prior written consent of the copyright holder. If there is something on this page that you want to use, please let me know. Any opinions expressed on this page do not necessarily reflect the opinions of my employers and may not even reflect my own.

Page design derived from: HTML5 UP.