0
Kerberos + Android                  A Tale of OpportunitySlide 1 / 39        © Copyright 2012 yaSSL
Platform Decisions                  The StatisticsSlide 2 / 39        © Copyright 2012 yaSSL
Why Go Mobile?                               80%                                 of the worlds population now has a       ...
Why Go Mobile?               21.6%                                   Of those 80%,                                     1.0...
Why Go Mobile?                                      In the US:               60%   40%                the ratio is even hi...
OK, well why Android?Slide 6 / 39        © Copyright 2012 yaSSL
Android?    Reason 1: US Market Dominance                                                                iPhone           ...
Android?    Reason 2: Consumer Popularity               •  100 million activated Android devices (now 400,000 / day)      ...
Android?    Reason 3: Developer Popularity       •  450,000 developers               building for the platform!Slide 9 / 3...
Android.    Meaning?                •  Opportunity for increased Kerberos visibility                •  Useful for Android ...
Our Plan                What we wanted to do.Slide 11 / 39        © Copyright 2012 yaSSL
Goals    We wanted to fill a missing gap.                1.  Port Kerberos libraries to Android                2.  Port so...
Goals    We wanted to spark community involvement.                3.  Build a sample Android NDK App (with a simple GUI)  ...
Action!                What we did.Slide 14 / 39    © Copyright 2012 yaSSL
1. Crypto ImplementationSlide 15 / 39           © Copyright 2012 yaSSL
Crypto    Added new CyaSSL crypto implementation                •    Kerberos crypto options:                     CyaSSL, ...
Crypto    Added new CyaSSL crypto implementation                •  CyaSSL is very portableSlide 17 / 39                   ...
2. PortingSlide 18 / 39   © Copyright 2012 yaSSL
Android Port    Kerberos Libraries + CyaSSL         Android.                •  Cross-compiled libraries for Android       ...
3. Android ApplicationSlide 20 / 39          © Copyright 2012 yaSSL
Android App    Simple sample NDK project      Home Screen        •       Single screen        •       Uses JNI        •   ...
Android App    Simple sample NDK project      kinit         •      Gets a ticket using                specified principalS...
Android App    Simple sample NDK project      klist        •       Lists our ticketsSlide 23 / 39                       © ...
Android App    Simple sample NDK project      kvno        •       Gets a service ticket for                the entered pri...
Android App    Simple sample NDK project      klist after kvno        •       Verify that we got a                ticketSl...
Android App    Simple sample NDK project      kdestroy        •       Clear our ticket cacheSlide 26 / 39                 ...
Android App      Notes         •  Uses a keytab instead of passwords         •  Storage locations have been chosen for con...
Android App      License Type         •  Application code will remain under the MIT licenseSlide 28 / 39                  ...
4. GSS-API WrapperSlide 29 / 39        © Copyright 2012 yaSSL
GSS-API    Java Wrapper        •       Provide Java bindings for developers to use        •       Uses                    ...
GSS-API    Java Wrapper      2 example clients:         •  Android client functionality         •  Stand-alone Java app fo...
GSS-API    Integrated into sample app.      Example Client         •      Est. context with example server         •      ...
GSS-API    Integrated into sample app.      Example Server         •      Est. context with client         •      Receive ...
The Future                Whats happening next?Slide 34 / 39         © Copyright 2012 yaSSL
The Future    Look to the Community.      Availability        •       Code will be linked from both MIT and yaSSL websites...
The Future    Look to the Community.      PR Activity / Visibility        •       Blog posts        •       Forum posts   ...
The Future                Other ideas or thoughts?Slide 37 / 39         © Copyright 2012 yaSSL
References      Statistics         •      http://ansonalex.com/infographics/smartphone-usage-statistics-2012-infographic/ ...
Thanks!                 www.yassl.comSlide 39 / 39   © Copyright 2012 yaSSL
Upcoming SlideShare
Loading in...5
×

Kerberos + Android: A Tale of Opportunity

2,010

Published on

Slides from Chris Conlon's presentation about yaSSL's work porting the CyaSSL embedded SSL library, the MIT Kerberos library, and the Kerberos GSS-API to the Android platform.

To learn more, visit www.yassl.com.

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,010
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Kerberos + Android: A Tale of Opportunity"

  1. 1. Kerberos + Android A Tale of OpportunitySlide 1 / 39 © Copyright 2012 yaSSL
  2. 2. Platform Decisions The StatisticsSlide 2 / 39 © Copyright 2012 yaSSL
  3. 3. Why Go Mobile? 80% of the worlds population now has a mobile phone. ( 5 Billion Phones )Slide 3 / 39 © Copyright 2012 yaSSL
  4. 4. Why Go Mobile? 21.6% Of those 80%, 1.08 Billion are smartphones.Slide 4 / 39 © Copyright 2012 yaSSL
  5. 5. Why Go Mobile? In the US: 60% 40% the ratio is even higher, with smartphones making up 40% of all mobile phones.Slide 5 / 39 © Copyright 2012 yaSSL
  6. 6. OK, well why Android?Slide 6 / 39 © Copyright 2012 yaSSL
  7. 7. Android? Reason 1: US Market Dominance iPhone 28% U.S. Android Smartphones == 40% (40%) Blackberry 19% Windows Mobile, 7% Windows Phone 7, 1% Other, 5%Slide 7 / 39 © Copyright 2012 yaSSL
  8. 8. Android? Reason 2: Consumer Popularity •  100 million activated Android devices (now 400,000 / day) •  200,000 apps in Android Market (4.5 billion activations to date) •  310 devices available to consumers (112 countries)Slide 8 / 39 © Copyright 2012 yaSSL
  9. 9. Android? Reason 3: Developer Popularity •  450,000 developers building for the platform!Slide 9 / 39 © Copyright 2012 yaSSL
  10. 10. Android. Meaning? •  Opportunity for increased Kerberos visibility •  Useful for Android and Kerberos developers •  Fun to see where the community takes itSlide 10 / 39 © Copyright 2012 yaSSL
  11. 11. Our Plan What we wanted to do.Slide 11 / 39 © Copyright 2012 yaSSL
  12. 12. Goals We wanted to fill a missing gap. 1.  Port Kerberos libraries to Android 2.  Port some C-based Kerberos client apps to Android kinit klist kvno kdestroySlide 12 / 39 © Copyright 2012 yaSSL
  13. 13. Goals We wanted to spark community involvement. 3.  Build a sample Android NDK App (with a simple GUI) 4.  Give changes back to communitySlide 13 / 39 © Copyright 2012 yaSSL
  14. 14. Action! What we did.Slide 14 / 39 © Copyright 2012 yaSSL
  15. 15. 1. Crypto ImplementationSlide 15 / 39 © Copyright 2012 yaSSL
  16. 16. Crypto Added new CyaSSL crypto implementation •  Kerberos crypto options: CyaSSL, OpenSSL, NSS, built-inSlide 16 / 39 © Copyright 2012 yaSSL
  17. 17. Crypto Added new CyaSSL crypto implementation •  CyaSSL is very portableSlide 17 / 39 © Copyright 2012 yaSSL
  18. 18. 2. PortingSlide 18 / 39 © Copyright 2012 yaSSL
  19. 19. Android Port Kerberos Libraries + CyaSSL Android. •  Cross-compiled libraries for Android •  Created shell script for easy reproduction by developersSlide 19 / 39 © Copyright 2012 yaSSL
  20. 20. 3. Android ApplicationSlide 20 / 39 © Copyright 2012 yaSSL
  21. 21. Android App Simple sample NDK project Home Screen •  Single screen •  Uses JNI •  Wrapper around native client appsSlide 21 / 39 © Copyright 2012 yaSSL
  22. 22. Android App Simple sample NDK project kinit •  Gets a ticket using specified principalSlide 22 / 39 © Copyright 2012 yaSSL
  23. 23. Android App Simple sample NDK project klist •  Lists our ticketsSlide 23 / 39 © Copyright 2012 yaSSL
  24. 24. Android App Simple sample NDK project kvno •  Gets a service ticket for the entered principalSlide 24 / 39 © Copyright 2012 yaSSL
  25. 25. Android App Simple sample NDK project klist after kvno •  Verify that we got a ticketSlide 25 / 39 © Copyright 2012 yaSSL
  26. 26. Android App Simple sample NDK project kdestroy •  Clear our ticket cacheSlide 26 / 39 © Copyright 2012 yaSSL
  27. 27. Android App Notes •  Uses a keytab instead of passwords •  Storage locations have been chosen for convenience Can be easily modified to what the developer needs Currently at /data/local/kerberosSlide 27 / 39 © Copyright 2012 yaSSL
  28. 28. Android App License Type •  Application code will remain under the MIT licenseSlide 28 / 39 © Copyright 2012 yaSSL
  29. 29. 4. GSS-API WrapperSlide 29 / 39 © Copyright 2012 yaSSL
  30. 30. GSS-API Java Wrapper •  Provide Java bindings for developers to use •  Uses framework •  Wrapper around native Kerberos GSS-API library (Contains functionality found in gssapi.h)Slide 30 / 39 © Copyright 2012 yaSSL
  31. 31. GSS-API Java Wrapper 2 example clients: •  Android client functionality •  Stand-alone Java app for desktop useSlide 31 / 39 © Copyright 2012 yaSSL
  32. 32. GSS-API Integrated into sample app. Example Client •  Est. context with example server •  Send wrapped message, verify returned sig. block (gss_wrap, gss_verify_mic) •  Repeat #2, but with gss_seal, gss_verify •  Misc. API tests and exit.Slide 32 / 39 © Copyright 2012 yaSSL
  33. 33. GSS-API Integrated into sample app. Example Server •  Est. context with client •  Receive and unwrap a message from the client •  Generate & send signature block for received messageSlide 33 / 39 © Copyright 2012 yaSSL
  34. 34. The Future Whats happening next?Slide 34 / 39 © Copyright 2012 yaSSL
  35. 35. The Future Look to the Community. Availability •  Code will be linked from both MIT and yaSSL websitesSlide 35 / 39 © Copyright 2012 yaSSL
  36. 36. The Future Look to the Community. PR Activity / Visibility •  Blog posts •  Forum posts •  Press releases •  GitHub •  Mailing lists •  etc...Slide 36 / 39 © Copyright 2012 yaSSL
  37. 37. The Future Other ideas or thoughts?Slide 37 / 39 © Copyright 2012 yaSSL
  38. 38. References Statistics •  http://ansonalex.com/infographics/smartphone-usage-statistics-2012-infographic/ •  http://www.go-gulf.com/blog/smartphone •  http://blog.nielsen.com/nielsenwire/online_mobile/40-percent-of-u-s-mobile-users-own-smartphones-40- percent-are-android/ •  Google I/O 2011: http://www.google.com/events/io/2011 Project Locations Kerberos: http://web.mit.edu/kerberos/ CyaSSL: http://www.yassl.com/ •  Android NDK App: https://github.com/cconlon/kerberos-android-ndk •  GSS-API Java Wrapper: https://github.com/cconlon/kerberos-java-gssapiSlide 38 / 39 © Copyright 2012 yaSSL
  39. 39. Thanks! www.yassl.comSlide 39 / 39 © Copyright 2012 yaSSL
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×