Your SlideShare is downloading. ×
0
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Kerberos + Android: A Tale of Opportunity
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Kerberos + Android: A Tale of Opportunity

1,976

Published on

Slides from Chris Conlon's presentation about yaSSL's work porting the CyaSSL embedded SSL library, the MIT Kerberos library, and the Kerberos GSS-API to the Android platform. …

Slides from Chris Conlon's presentation about yaSSL's work porting the CyaSSL embedded SSL library, the MIT Kerberos library, and the Kerberos GSS-API to the Android platform.

To learn more, visit www.yassl.com.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,976
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Kerberos + Android A Tale of OpportunitySlide 1 / 39 © Copyright 2012 yaSSL
  • 2. Platform Decisions The StatisticsSlide 2 / 39 © Copyright 2012 yaSSL
  • 3. Why Go Mobile? 80% of the worlds population now has a mobile phone. ( 5 Billion Phones )Slide 3 / 39 © Copyright 2012 yaSSL
  • 4. Why Go Mobile? 21.6% Of those 80%, 1.08 Billion are smartphones.Slide 4 / 39 © Copyright 2012 yaSSL
  • 5. Why Go Mobile? In the US: 60% 40% the ratio is even higher, with smartphones making up 40% of all mobile phones.Slide 5 / 39 © Copyright 2012 yaSSL
  • 6. OK, well why Android?Slide 6 / 39 © Copyright 2012 yaSSL
  • 7. Android? Reason 1: US Market Dominance iPhone 28% U.S. Android Smartphones == 40% (40%) Blackberry 19% Windows Mobile, 7% Windows Phone 7, 1% Other, 5%Slide 7 / 39 © Copyright 2012 yaSSL
  • 8. Android? Reason 2: Consumer Popularity •  100 million activated Android devices (now 400,000 / day) •  200,000 apps in Android Market (4.5 billion activations to date) •  310 devices available to consumers (112 countries)Slide 8 / 39 © Copyright 2012 yaSSL
  • 9. Android? Reason 3: Developer Popularity •  450,000 developers building for the platform!Slide 9 / 39 © Copyright 2012 yaSSL
  • 10. Android. Meaning? •  Opportunity for increased Kerberos visibility •  Useful for Android and Kerberos developers •  Fun to see where the community takes itSlide 10 / 39 © Copyright 2012 yaSSL
  • 11. Our Plan What we wanted to do.Slide 11 / 39 © Copyright 2012 yaSSL
  • 12. Goals We wanted to fill a missing gap. 1.  Port Kerberos libraries to Android 2.  Port some C-based Kerberos client apps to Android kinit klist kvno kdestroySlide 12 / 39 © Copyright 2012 yaSSL
  • 13. Goals We wanted to spark community involvement. 3.  Build a sample Android NDK App (with a simple GUI) 4.  Give changes back to communitySlide 13 / 39 © Copyright 2012 yaSSL
  • 14. Action! What we did.Slide 14 / 39 © Copyright 2012 yaSSL
  • 15. 1. Crypto ImplementationSlide 15 / 39 © Copyright 2012 yaSSL
  • 16. Crypto Added new CyaSSL crypto implementation •  Kerberos crypto options: CyaSSL, OpenSSL, NSS, built-inSlide 16 / 39 © Copyright 2012 yaSSL
  • 17. Crypto Added new CyaSSL crypto implementation •  CyaSSL is very portableSlide 17 / 39 © Copyright 2012 yaSSL
  • 18. 2. PortingSlide 18 / 39 © Copyright 2012 yaSSL
  • 19. Android Port Kerberos Libraries + CyaSSL Android. •  Cross-compiled libraries for Android •  Created shell script for easy reproduction by developersSlide 19 / 39 © Copyright 2012 yaSSL
  • 20. 3. Android ApplicationSlide 20 / 39 © Copyright 2012 yaSSL
  • 21. Android App Simple sample NDK project Home Screen •  Single screen •  Uses JNI •  Wrapper around native client appsSlide 21 / 39 © Copyright 2012 yaSSL
  • 22. Android App Simple sample NDK project kinit •  Gets a ticket using specified principalSlide 22 / 39 © Copyright 2012 yaSSL
  • 23. Android App Simple sample NDK project klist •  Lists our ticketsSlide 23 / 39 © Copyright 2012 yaSSL
  • 24. Android App Simple sample NDK project kvno •  Gets a service ticket for the entered principalSlide 24 / 39 © Copyright 2012 yaSSL
  • 25. Android App Simple sample NDK project klist after kvno •  Verify that we got a ticketSlide 25 / 39 © Copyright 2012 yaSSL
  • 26. Android App Simple sample NDK project kdestroy •  Clear our ticket cacheSlide 26 / 39 © Copyright 2012 yaSSL
  • 27. Android App Notes •  Uses a keytab instead of passwords •  Storage locations have been chosen for convenience Can be easily modified to what the developer needs Currently at /data/local/kerberosSlide 27 / 39 © Copyright 2012 yaSSL
  • 28. Android App License Type •  Application code will remain under the MIT licenseSlide 28 / 39 © Copyright 2012 yaSSL
  • 29. 4. GSS-API WrapperSlide 29 / 39 © Copyright 2012 yaSSL
  • 30. GSS-API Java Wrapper •  Provide Java bindings for developers to use •  Uses framework •  Wrapper around native Kerberos GSS-API library (Contains functionality found in gssapi.h)Slide 30 / 39 © Copyright 2012 yaSSL
  • 31. GSS-API Java Wrapper 2 example clients: •  Android client functionality •  Stand-alone Java app for desktop useSlide 31 / 39 © Copyright 2012 yaSSL
  • 32. GSS-API Integrated into sample app. Example Client •  Est. context with example server •  Send wrapped message, verify returned sig. block (gss_wrap, gss_verify_mic) •  Repeat #2, but with gss_seal, gss_verify •  Misc. API tests and exit.Slide 32 / 39 © Copyright 2012 yaSSL
  • 33. GSS-API Integrated into sample app. Example Server •  Est. context with client •  Receive and unwrap a message from the client •  Generate & send signature block for received messageSlide 33 / 39 © Copyright 2012 yaSSL
  • 34. The Future Whats happening next?Slide 34 / 39 © Copyright 2012 yaSSL
  • 35. The Future Look to the Community. Availability •  Code will be linked from both MIT and yaSSL websitesSlide 35 / 39 © Copyright 2012 yaSSL
  • 36. The Future Look to the Community. PR Activity / Visibility •  Blog posts •  Forum posts •  Press releases •  GitHub •  Mailing lists •  etc...Slide 36 / 39 © Copyright 2012 yaSSL
  • 37. The Future Other ideas or thoughts?Slide 37 / 39 © Copyright 2012 yaSSL
  • 38. References Statistics •  http://ansonalex.com/infographics/smartphone-usage-statistics-2012-infographic/ •  http://www.go-gulf.com/blog/smartphone •  http://blog.nielsen.com/nielsenwire/online_mobile/40-percent-of-u-s-mobile-users-own-smartphones-40- percent-are-android/ •  Google I/O 2011: http://www.google.com/events/io/2011 Project Locations Kerberos: http://web.mit.edu/kerberos/ CyaSSL: http://www.yassl.com/ •  Android NDK App: https://github.com/cconlon/kerberos-android-ndk •  GSS-API Java Wrapper: https://github.com/cconlon/kerberos-java-gssapiSlide 38 / 39 © Copyright 2012 yaSSL
  • 39. Thanks! www.yassl.comSlide 39 / 39 © Copyright 2012 yaSSL

×