I have a private Docker registry running.

Any user should be able to push and pull any image. Therefore, right now I am not using any user identification at all.

However, a user should not be able to trick the registry to overwrite the Images of other users.

If user A uploads ourRegistry/myProgram:version_1, then user B should not be able to upload something tagged ourRegistry/myProgram:version_2.

Is there a way to add user authentification to a private registry to do this?

Additionally, the registry is part of a server that already has its own database of registered users. Is there a way to synchronize the users, so that the users don't have to remember two passwords?

The official documentation on docker registry authentication is located here: https://docs.docker.com/registry/deploying/#native-basic-auth. Since it uses htpasswd to handle its authentication I'm not sure if there's any way to use your user database dynamically (obviously you can write a script to import all your users using htpasswd mentioned in this documentation)