E gov security_tut_session_3


Published on

Published in: Education, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

E gov security_tut_session_3

  1. 1. ‫أكاديمية الحكومة اإللكترونية الفلسطينية‬The Palestinian eGovernment Academy www.egovacademy.psSecurity Tutorial Session 3 PalGov © 2011 1
  2. 2. AboutThis tutorial is part of the PalGov project, funded by the TEMPUS IV program of theCommission of the European Communities, grant agreement 511159-TEMPUS-1-2010-1-PS-TEMPUS-JPHES. The project website: www.egovacademy.psProject Consortium: Birzeit University, Palestine University of Trento, Italy (Coordinator ) Palestine Polytechnic University, Palestine Vrije Universiteit Brussel, Belgium Palestine Technical University, Palestine Université de Savoie, France Ministry of Telecom and IT, Palestine University of Namur, Belgium Ministry of Interior, Palestine TrueTrust, UK Ministry of Local Government, PalestineCoordinator:Dr. Mustafa JarrarBirzeit University, P.O.Box 14- Birzeit, PalestineTelfax:+972 2 2982935 mjarrar@birzeit.eduPalGov © 2011 2
  3. 3. © Copyright NotesEveryone is encouraged to use this material, or part of it, but should properlycite the project (logo and website), and the author of that part.No part of this tutorial may be reproduced or modified in any form or by anymeans, without prior written permission from the project, who have the fullcopyrights on the material. Attribution-NonCommercial-ShareAlike CC-BY-NC-SAThis license lets others remix, tweak, and build upon your work non-commercially, as long as they credit you and license their new creationsunder the identical terms. PalGov © 2011 3
  4. 4. Tutorial 5: Information SecuritySession 3: AuthenticationSession 3 Outline: • Session 3 ILO’s. • Authentication (symmetric and asymmetric) • One time password) • Introduction to LDAP PalGov © 2011 4
  5. 5. Tutorial 5: Session 3: AuthenticationThis session will contribute to the followingTutorial 5 ILOs:• A: Knowledge and Understanding • a2: Define security standards and policies.• B: Intellectual Skills • b3: Design end-to-end secure and available systems. • b5: Design user authentication and authorization services.• C: General and Transferable Skills • d2: Systems configurations. • d3: Analysis and identification skills. PalGov © 2011 5
  6. 6. Tutorial 5: Information SecuritySession 3: AuthenticationSession 3 Outline: • Session 3 ILO’s. • Authentication (Symmetric and Asymmetric and 1 Time Password) • Introduction to LDAP PalGov © 2011 6
  7. 7. Authentication (Symmetric, Asymmetric and OTP)• Fundamental security block – Forms basis of access control & user accountability• Is the process of verifying an identity.• Has two steps: – Identification – Verification PalGov © 2011 7
  8. 8. Means of User Authentication• Four means of authenticating users identity – Based on something the individual • knows • possesses • is (static biometrics) • does (dynamic biometrics) – All can provide user authentication (one or multifactor) PalGov © 2011 8
  9. 9. Password Authentication• Widely used user authentication method – User provides name/login and password – System compares password with that saved for specified login• Authenticates ID of user logging and – that the user is authorized to access system – Determines the user’s privileges – Is used in discretionary access control• The password file is a hashed file. PalGov © 2011 9
  10. 10. Password Vulnerabilities• Password Attacks and Guessing – Exploiting user mistakes – Specific account attack – Offline dictionary attack – Workstation hijacking – Multiple password use – Password guessing against single user – Monitoring – Other attacks… PalGov © 2011 10
  11. 11. Countermeasures / Policies and Training• Password policies – Length, Character set, Period of use, Frequency of re-use• Login policies – Timeout period, Session period, Lockout policy (attempts, period, re-instatement)• Countermeasures against different vulnerabilities: • Prevent unauthorized access to the password file, • Intrusion detection measures to identify a compromise, • Rapid re-issuance of passwords should the password file be compromised; • Account lockout mechanism. PalGov © 2011 11
  12. 12. Use of Hashed Passwords PalGov © 2011 12
  13. 13. UNIX Implementation• Original scheme – 8 character password form 56-bit key – 12-bit salt used to modify DES encryption into a one-way hash function – 0 value repeatedly encrypted 25 times – output translated to 11 character sequence – The file is called the shadow file. PalGov © 2011 13
  14. 14. Improved Implementations• Have other, stronger, hash/salt variants• Many systems now use MD5 – with 48-bit salt – password length is unlimited – is hashed with 1000 times inner loop – produces 128-bit hash PalGov © 2011 14
  15. 15. Password Cracking• Dictionary attacks – try each word then obvious variants in large dictionary against hash in password file• Rainbow table attacks – precompute tables of hash values for all salts – a mammoth table of hash values – e.g. 1.4GB table cracks 99.9% of alphanumeric Windows passwords in 13.8 secs – not feasible if larger salt values used• The “salt” is useful for remote attackers, but useless if the attacker can get the shadow file. This is because the salt is not encrypted. PalGov © 2011 15
  16. 16. Password Choices Policies• users may pick short passwords – e.g. 3% were 3 chars or less, easily guessed – system can reject choices that are too short• users may pick guessable passwords – so crackers use lists of likely passwords – e.g. one study of 14000 encrypted passwords guessed nearly 1/4 of them – would take about 1 hour on fastest systems to compute all variants, and only need 1 break! – Recent review by SplashData in 2011 showed two most common passwords on the Internet are: • password • 123456 PalGov © 2011 16
  17. 17. Token Authentication• Object user possesses to authenticate,. – Embossed card (with engraved characters) – Magnetic stripe card ( like ATM cards) – Memory card (like phone cards) – Smartcard (advanced cards) PalGov © 2011 17
  18. 18. Memory Card• Store but do not process data• Magnetic stripe card, e.g. bank card• Electronic memory card• Used alone for physical access• Drawbacks of memory cards include: – user dissatisfaction – need special reader – loss of token issues PalGov © 2011 18
  19. 19. Smartcard• like Credit-card issued by Banks• Has own processor, memory, I/O ports – wired or wireless access by reader – may have crypto co-processor – ROM, EEPROM, RAM memory• Executes protocol to authenticate with reader/computer• Also may have USB dongles PalGov © 2011 19
  20. 20. Remote User Authentication• Very Important for e- gov applications: – Protects against a number of attacks – Authentication over network more complex • problems of eavesdropping, replay – Better to use challenge-response • user sends identity • host responds with random number • user computes f(r,h(P)) and sends the result back • host compares value from user with own computed value, if match user authenticated PalGov © 2011 20
  21. 21. Security Issues with Authentication• Problems with Client attacks• Host/Server attacks• Eavesdropping while communicating• Replay attacks• Denial-of-service attacks PalGov © 2011 21
  22. 22. Practical Application (ATM Machines)• An ATM Machine are programmed with a Terminal Identification Number (aka "TID").• The ATM connects to the ATM networks.• After the bank or processing network approves the transaction the ATM receives the authorization and dispenses the cash requested. PalGov © 2011 22
  23. 23. Distributed Systems and Password Authentication• How can I gain access to multiple computer systems if password based authentication is used?  Multiple passwords, one for each system  Use same password in each system  Single sign-on application that stores the passwords for each system and has one for itself  Single sign-on where password is stored in just one system and other systems trust this one to perform the authentication properly (e.g. Microsoft Passport, Shibboleth) PalGov © 2011 23
  24. 24. The Multiple Passwords Problem• I have over 50 passwords to remember, for my Internet accounts such as: google, gmail, birzeit, amazon, PPU, yahoo, palgov, arab bank etc.• We are working towards Single Sign On (SSO) schemes for the e-gov applications PalGov © 2011 24
  25. 25. The Mutual Authentication Problem• How can two people authenticate each other using passwords?• Its OK if talking to the correct person, since he already knows my password and I know his, but what if it is not the correct person? – Then give the impersonator my password, – too late to take any action.• You need “zero knowledge password proof” – One can compare secrets without giving them away. – Needham-Schroeder and Kerberos are examples of such a scheme. PalGov © 2011 25
  26. 26. Kerberosticket = (Username+validity+KeyAS)Enc TG Server PalGov © 2011 26
  27. 27. User-AS-TGS Processing• User sends a request to the Kerberos authentication server (enclosing its name and a random number).• AS returns to the user the random number plus a one-off session key to be used for encrypting subsequent messages with the TG server. PalGov © 2011 27
  28. 28. User-AS-TGS Processing• The random number and session key are symmetrically encrypted by the Authentication Server using the users hashed password as the secret key.• The user decrypt this message in order to obtain the session key, and the user can only do this if he/she knows their own password. PalGov © 2011 28
  29. 29. Kerberos Key Server (TGS) KeyApp Bticket2 = (Username+validity+KeyAB)Enc PalGov © 2011 29
  30. 30. User-TGS processing•The AS encrypts the session key into a ticketusing the symmetric key of the TG server, •The ticket is sent to the user (contains the name of the user, the validity time of the ticket and the session key). •The user passes the ticket to the TG server. •The TG server can decrypt the ticket, to get the session key and the user’s name, and with this can decrypt the user’s message. PalGov © 2011 30
  31. 31. User-TGS processing•The TG server then generates a new sessionkey to be used by the user and the application.• It returns this new session key to the user,encrypted using the old session key.•It also give the user a ticket for grantingaccess to the chosen application, this ticketcontaining the name of the user and the newsession key for talking to the application,encrypted with the secret key of theapplication. PalGov © 2011 31
  32. 32. TGS-User-Application processing• A sends "Key for Application B" to TGS, enciphered using Key AS plus ticket from authentication server containing key AS• TGS generates Key AB (session key for user and application B)• TGS sends "Key AB " to A, enciphered using Key AS and a ticket2 for B• A sends message to B, enciphered using Key AB, plus ticket2 PalGov © 2011 32
  33. 33. Kerberos Disadvantages• Authentication server and TGS are single points of failure.• Servers and application hosts must be time synchronised• Not originally scalable. – Users could only login to their own realms• Kerberos only provides authentication but not authorizations• Does not prevent attacks – dictionary PalGov © 2011 33
  34. 34. One-time passwords-Hardware•An increasinglycommonauthentication methodis the use of one-timepassword cards.These contain a chipcapable of makingcryptographiccalculations. •challenge response mechanism •synchronised clocks. PalGov © 2011 34
  35. 35. Challenge Response OTP•The user logs into the remote server across the internet (usuallyvia a firewall), and the server passes the user a challenge, usuallyin the form of a numeric string.•The user responds to the challenge with a one-time passwordthat is computed from the string by his card (hardware/software)according to a pre-defined encryption algorithm that is also knownto the remote server.• One such system (Securenet from digital pathways) relies on theuser having a one-time password card the size of a credit cardthat is capable of computing the passwords.•The card has a digital display, and requires a pin number/password to be entered before it can be used. Thus it is twofactor authentication, since the user must know the PIN andpossess the card. PalGov © 2011 35
  36. 36. Clock Synchronised OTPBoth the card and the server compute a new passwordevery 60 seconds, according to a pre-defined encryptionalgorithm which uses the date and time, and a sharedsecret. (e.g. SecureID from RSA Security),This eliminates the need for a challenge string.With the secureid system, the user must transfer a PINnumber plus the computed password, so that if the cardis stolen it cannot be used by anyone else. Thismechanism is two factor authentication, as it is based onsomething I possess (the card) and something I know(the PIN). Early versions of secureid used to fail as the clocks inthe card and server became out of sync. PalGov © 2011 36
  37. 37. Example: Grid Cards• A unique OTP card containing a grid of characters• Select specific characters from card for authentication• Site can return different characters from user’s card for mutual authentication• Provides two factor authentication: – something you know (PW) – something you posses (grid card) PalGov © 2011 37
  38. 38. Mobile Phone Authentication PalGov © 2011 38
  39. 39. Private Key Storage Techniques• In an encrypted file, protected by a password• In a smart card, protected by a password or PIN• What About Mobile Phones (Discussion!!) PalGov © 2011 39
  40. 40. Tutorial 5: Information SecuritySession 3: AuthenticationSession 3 Outline: • Session 3 ILO’s. • Authentication (Symmetric and Asymmetric and 1 Time Password) • Introduction to LDAP PalGov © 2011 40
  41. 41. Introduction to LDAP• Directory Model• X.500 Information Model• LDAP Protocol• Use of LDAP for Security PalGov © 2011 41
  42. 42. The X.500 Model of the Directory PalGov © 2011 42
  43. 43. Server to Client Referrals PalGov © 2011 43
  44. 44. X.500/LDAP Naming• Entry has a Distinguished Name comprised of• SEQUENCE of Relative Distinguished Name comprised of• SET of {Attribute Type, Attribute Value} PalGov © 2011 44
  45. 45. X.500/LDAP Naming LDAP RDN of Entry X.500 Distinguished DistinguishedExample DirectoryInformation Tree Name of Entry Name of Entry (DIT) {null} {null) {null) {C=GB} {C=GB} {C=GB} {C=GB, {O=Big PLC, {O=Big PLC} O=Big PLC} C=GB} {O=Sales+ {C=GB, {OU=Sales+ O=Big PLC, L=Swindon, L=Swindon} OU=Sales+ O=Big PLC, L=Swindon} C=GB} PalGov © 2011 45
  46. 46. Relative Distinguished Name (RDN)• Each LDAP entry is assigned an RDN when created.• All children of an entry must have unique RDNs• Attribute value(s) forming the RDN are called the distinguished attribute values• Entries in different parts of the DIT can have the same RDNs PalGov © 2011 46
  47. 47. LDAP Protocol• Connection oriented protocol on top of TCP/IP• Subset of X.500 Directory Access Protocol• Two versions - LDAPv2, LDAPv3 – LDAPv2 published first – RFC 1777 – LDAPv3 has added referrals and other extensions to LDAPv2 – RFC 2251 – LDAPv2 has ceased to be standardized, but still is used prevalently• Client issues a request, Server usually gives a response• Each request elicits one response except Abandon (none), Unbind (none) and Search (multiple)• Requests can be asynchronous or synchronous PalGov © 2011 47
  48. 48. Basic LDAP Protocol Operations• Most protocol messages are sent as ASCII strings – ModifyDN Request, ModifyDN Response – Bind Request, Bind Response – Unbind Request, Abandon Request – Search Request, Search Response – Compare Request, Compare Response – Modify Request, Modify Response – Add Request, Add Response – Delete Request, Delete Response PalGov © 2011 48
  49. 49. LDAPv3 Return Result• Every response contains a Result component• Result comprises 4 elements • Result Code - an integer signifying success or an error code • Matched DN - name of lowest DN matching a request that has a naming error; or null • Error Message - human readable error diagnostic • Referral (optional) PalGov © 2011 49
  50. 50. Using LDAP for Security• Three main uses: – To store user’s passwords in their entries for authentication. The login server contacts LDAP with a Compare operation asking if this entry contains this password. If true it lets the user login – To store user’s attributes that can be used for authorisation – To store Public Key Certificates and Attribute Certificates for strong security PalGov © 2011 50
  51. 51. Public key certificates and CRLs• Certificates can be held within X.500/LDAP directory entries as attributes of type – userCertificate - holds a user’s certificates – cACertificate - holds a CA’s self issued certificates – crossCertificatePair - holds CA cross certificates• CRLs can be held within X.500/LDAP directory entries as attributes of type – certificateRevocationList - for user certificates – authorityRevocationList - for CA certificates – deltaRevocationList - for delta CRLs PalGov © 2011 51
  52. 52. Bibliography• Computer Security: Principles and Practice, by William Stallings and Lawrie Brown. Published by Pearson/Prentice Hall, © 2008. ISBN: 0-13- 600424-5.• Cryptography and Network Security, by Behrouz A. Forouzan. Mcgraw-Hill, ©2008. ISBN: 978-007-126361-0.• Lecture Notes by David Chadwick 2011, True- Trust Ltd.• (ebook) Wiley - Internet Security-Cryptographic Principles, Algorithms and Protocols, 2003 (Man Young Rhee) PalGov © 2011 52
  53. 53. Summary• In this session we discussed the following: – introduced user authentication • using passwords • using tokens • using biometrics – remote user authentication issues• LDAP protocols and standards PalGov © 2011 53
  54. 54. Thanks Radwan Tahboub PalGov © 2011 54