Materials

Use the raw slides (pdf) before lecture to take notes and refer to the annotated slides after lecture.

Distributed Passwords

• How does U2F work? How does it stop phishing?
• Building auth systems, details of PAM
• Authenticating to a system with many client and many verifiers
• Toy examples and how they can fail
• Reducing number of shared keys required by using a KDC
• Needham-Schroeder 1978, and its fix
• Other examples: Kerberos, single-signon, oauth2