Successfully reported this slideshow.

Electronic credentials

2,835 views

Published on

Published in: Technology
  • Be the first to comment

Electronic credentials

  1. 1. Electronic Credentials Advisor: Dr. Alex Wiesmaier
  2. 2. Introduction <ul><li>Security is important for privacy protection </li></ul><ul><li>Electronic credentials are needed for authentication and secure identification (e.g. ID Cards, passports…) </li></ul><ul><li>Two main types of electronic credentials </li></ul><ul><ul><li>Software based electronic credentials and </li></ul></ul><ul><ul><li>Hardware based electronic credentials </li></ul></ul><ul><li>Software based credentials: Certificates, Assertions </li></ul><ul><li>Hardware based credentials: HSMs, Smart Cards </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  3. 3. Content <ul><li>Software based credentials </li></ul><ul><ul><li>Passwords, X.509, CVCs, SAML, OpenID </li></ul></ul><ul><li>Hardware based credentials </li></ul><ul><ul><li>HSMs, Smart Cards, Smart Tokens </li></ul></ul><ul><li>Comparison </li></ul><ul><ul><li>Software credentials (OpenID vs. SAML) </li></ul></ul><ul><ul><li>Hardware credentials (Magnetic Stripe Cards vs. Chip Cards) </li></ul></ul><ul><ul><li>SW vs. HW </li></ul></ul><ul><li>Conclusion and future work </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  4. 4. Passwords <ul><li>username and password </li></ul><ul><li>increase security </li></ul><ul><ul><li>length, case sensitivity, characters  brute-force attacks </li></ul></ul><ul><ul><li>no dictionary words  dictionary attacks </li></ul></ul><ul><ul><li>use salt  brute-force attacks, avoiding comparison </li></ul></ul><ul><li>Salt : value appended to a password before hashing </li></ul><ul><ul><li>saved as plain text </li></ul></ul><ul><li>One Time Password (OTP) </li></ul><ul><ul><li>password generator/list </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  5. 5. X.509 certificates <ul><li>hierarchical Public Key Infrastructure (PKI) </li></ul><ul><ul><li>Certification Authority (CA) : issues certificates </li></ul></ul><ul><ul><li>Root CA : CA, which is trusted in the first place </li></ul></ul><ul><li>verification: iterate over certification path </li></ul><ul><ul><li>certificate valid = signature verified & issuing CA‘s certificate valid </li></ul></ul><ul><li>Certificate Revocation List (CRL) </li></ul><ul><ul><li>checked while verification </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  6. 6. X.509 certificates - Fields <ul><li>further fields </li></ul><ul><ul><li>version (most current: 3) </li></ul></ul><ul><ul><li>subject‘s public key </li></ul></ul><ul><ul><li>signature </li></ul></ul><ul><ul><li>extensions (since v3) </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  7. 7. X.509 certificates - Extensions <ul><li>value represented as string </li></ul><ul><li>criticality flag – what if extension is not supported? </li></ul><ul><ul><li>critical  abort verification </li></ul></ul><ul><ul><li>non-critical  ignore </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  8. 8. ISO/IEC 7816-8 certificates / Card verifiable certificates (CVC) <ul><li>command set for security applications on Smart Cards </li></ul><ul><ul><li>computation/verification of checksums/signatures, hashing, encryption/decryption, verification of CVCs </li></ul></ul><ul><li>verification completely done by Smart Card itself </li></ul><ul><li>consume less space than X.509 certificates </li></ul><ul><ul><li>even less space: non-self-descriptive CVCs </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  9. 9. Single-sign-on (SSO) <ul><li>more details  later by other seminar group </li></ul><ul><li>one login instead of many </li></ul><ul><ul><li>only one password to remember </li></ul></ul><ul><li>exchange of authentication information </li></ul><ul><ul><li>cookies? </li></ul></ul><ul><ul><li>a proprietary solution? </li></ul></ul><ul><ul><li>solution: vendor-independent standards </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  10. 10. Security Assertion Markup Language (SAML) <ul><li>more general assertion exchange </li></ul><ul><li>typical use case </li></ul><ul><ul><li>service of Identity Provider (IdP) is used </li></ul></ul><ul><ul><li>IdP communicates authentication data to Reliying Party (RP) </li></ul></ul><ul><li>Basic components </li></ul><ul><ul><li>Assertions (next slide) </li></ul></ul><ul><ul><li>Protocols </li></ul></ul><ul><ul><ul><li>for requests/answers </li></ul></ul></ul><ul><ul><li>Bindings </li></ul></ul><ul><ul><ul><li>embed SAML messages </li></ul></ul></ul><ul><ul><li>Profiles </li></ul></ul><ul><ul><ul><li>perform specific tasks with SAML </li></ul></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  11. 11. Security Assertion Markup Language (SAML) - Assertions <ul><li>predefined statement types </li></ul><ul><ul><li>Authentication </li></ul></ul><ul><ul><li>Attribute </li></ul></ul><ul><ul><li>Authorization decision </li></ul></ul><ul><li>signatures & encryption possible </li></ul><ul><li>extensions </li></ul><ul><ul><li>possible at many points </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  12. 12. OpenID <ul><li>especially for SSO applications in web browsers </li></ul><ul><li>at RP: User enters OpenID identifier (URL) </li></ul><ul><li>redirection  OpenID provider (= IdP) </li></ul><ul><li>authentication (if necessary) </li></ul><ul><li>confirmation of RP‘s request </li></ul><ul><li>redirection  back to RP (with authentication info) </li></ul>http://bob_smith.myopenid.com 16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  13. 13. OpenID <ul><li>signatures & encryption possible </li></ul><ul><li>extensions </li></ul><ul><ul><li>key-value pairs </li></ul></ul><ul><li>predefined extensions by OpenID </li></ul><ul><ul><li>Attribute Exchange </li></ul></ul><ul><ul><li>Provider Authentication Policy Extension </li></ul></ul><ul><ul><li>Simple Registration Extension </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  14. 14. Hardware based credentials <ul><li>Cryptography can also be implemented in Hardware (HW) </li></ul><ul><li>HW Modules are exclusively developed for execution of cryptographic procedures or... </li></ul><ul><li>In some cases for secure data storage, which are needed for authentication </li></ul><ul><li>Types </li></ul><ul><ul><li>Hardware Secure Modules, Smart Cards, Smart Tokens and SecureID Card </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  15. 15. Hardware based credentials - HSM <ul><li>Hardware Security Module (HSM) </li></ul><ul><ul><li>defined as a piece of hardware and associated software/firmware that usually attaches to the inside of a PC or server and provides at least the minimum of cryptographic functions (encyption, decryption, key generation, hash…) </li></ul></ul><ul><li>Other name for HSM </li></ul><ul><ul><li>Personal Computer Security Module (PCSM) </li></ul></ul><ul><ul><li>Secure Application Module (SAM) </li></ul></ul><ul><ul><li>Hardware Cryptographic Device or Cryptographic Module </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  16. 16. Hardware based credentials - HSM 16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi <ul><li>Requirements </li></ul><ul><ul><li>Random Key Generator </li></ul></ul><ul><ul><li>Cryptographic functions: encryption, decryption and hash algorithms </li></ul></ul><ul><ul><li>Protection against side channel attacks </li></ul></ul><ul><ul><li>Tamper-resistant </li></ul></ul><ul><ul><li>Possibility for “cloning” </li></ul></ul>
  17. 17. Hardware based credentials – Smart Cards <ul><li>People almost certainly carry a Plastic Card around in their wallet </li></ul><ul><li>For traveling with a Railway Card, make calls with Telephone Card or pay with Credit Card </li></ul><ul><li>Smart Cards may have the same size, but sometimes have completely different functions </li></ul><ul><ul><li>ePerso </li></ul></ul><ul><ul><li>TUD Card /Athene Card </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  18. 18. Hardware based credentials – Smart Cards <ul><li>Magnetic Stripe Cards </li></ul><ul><ul><li>Dark Stripe (approx. 1 cm) </li></ul></ul><ul><ul><li>Based on ISO 7811 standard </li></ul></ul><ul><ul><li>226 bytes fit on a stripe </li></ul></ul><ul><ul><li>Not secure but cheap </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  19. 19. Hardware based credentials – Smart Cards <ul><li>Chip Cards </li></ul><ul><ul><li>More powerful than </li></ul></ul><ul><ul><li>Magnetic Stripe Card </li></ul></ul><ul><ul><li>There are also non-Contact Chip Cards </li></ul></ul><ul><ul><li>Telphone Cards, Bank Cards… </li></ul></ul><ul><ul><li>Two kinds of Chip Card: Memory and Smart Card </li></ul></ul><ul><ul><ul><li>Memory Card: used only for data storage </li></ul></ul></ul><ul><ul><ul><li>Smart Card: is a miniature computer (ROM, RAM and EEPROM) </li></ul></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  20. 20. Hardware based credentials – Authentication with Smart Cards <ul><li>Authentication based on challenge-response protocol </li></ul><ul><li>Requirements: Smart Card reader, dedicated accessing SW, PC and Smart Card share the secret PIN </li></ul><ul><li>After inserting the Smart Card into the reader, PC ask for PIN and sends a random number RND (challenge) </li></ul><ul><li>Smart Card applies a key depended hash function to the RND and send it to the PC (response) </li></ul><ul><li>PC verifies the response, if it is OK => the user is logged in </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  21. 21. Hardware based credentials – Smart Tokens <ul><li>Problem: Smart Cards have the darwback that they are useless without a reading device </li></ul><ul><li>Smart Token is a possible solution </li></ul><ul><ul><li>A small object with an inbuilt computer chip and display </li></ul></ul><ul><ul><li>Some of them look like a small pocket calculator </li></ul></ul><ul><ul><li>Many of smart tokens have a keyboard </li></ul></ul><ul><ul><li>Authentication through a challenge-response protocol </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  22. 22. Hardware based credentials SecureID Card <ul><li>Produced by RSA Security </li></ul><ul><li>Most important feature using the current time as the challange </li></ul><ul><li>The Chip contains a pseudo-generator, which changes every minute starting from the initial settings </li></ul><ul><li>Initial settings are obviously different for every SecurID Card </li></ul><ul><li>How the Chip works internaly it is a RSA Security secret </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  23. 23. Hardware based credentials - News 16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  24. 24. Comparison Software based credentials <ul><li>OpenID vs. SAML </li></ul><ul><li>Focus on: </li></ul><ul><ul><li>Security point of view on the authentication protocol </li></ul></ul><ul><li>Vulnerabilities and different attacks </li></ul><ul><li>Range of applications </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  25. 25. Comparison Vulnerabilities of OpenID <ul><li>The assertion response message is the only message that is integrity protected </li></ul><ul><li>Other OpenID messages are by default not protected by any encryption </li></ul><ul><li>The authentication method is not specified in the OpenID specification </li></ul><ul><li>Different attacks are possible... </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  26. 26. Comparison Attacks against OpenID <ul><li>Eavesdropping attack </li></ul><ul><ul><li>OpenID default protocol does not use any encryption </li></ul></ul><ul><ul><li>Tracking user’s authentication </li></ul></ul><ul><ul><li>Every message that is not integrity protected can be manipulated </li></ul></ul><ul><li>Domain Name System (DNS) attack </li></ul><ul><li>Phishing attack </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  27. 27. Comparison Attacks against OpenID <ul><li>Domain Name System (DNS) attack </li></ul><ul><ul><li>OpenID uses DNS protocol for discovery and user redirection [8] </li></ul></ul><ul><ul><li>By manipulating the information in the DNS the OpenID provider could be impersonated </li></ul></ul><ul><li>Phishing attack </li></ul><ul><ul><li>The Relying Party (RP) can be exploited </li></ul></ul><ul><ul><li>RP can redirect the user to a false OpenID provider </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  28. 28. Comparison Vulnerabilities of SAML <ul><li>SAML does not include a general security analysis </li></ul><ul><li>SAML provides an attack-by-attack list of countermeasures </li></ul><ul><li>Different attacks are possible... </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  29. 29. Comparison Attacks against SAML <ul><li>Man-In-The-Middle attack </li></ul><ul><ul><li>Exploit the weakness that who controls the DNS can impersonate one party to another </li></ul></ul><ul><ul><li>There is no unilateral authentication </li></ul></ul><ul><ul><li>The Browser therefore cannot distinguish between<ISTURL> Attacker and <ISTURL> Source </li></ul></ul><ul><li>Replay attack </li></ul><ul><li>HTTP Referrer attack </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  30. 30. Comparison Attacks against SAML <ul><li>Man-In-The-Middle attack </li></ul><ul><li>1. Rewrite the HTTP response </li></ul><ul><li>that initiates the redirect and </li></ul><ul><li>change the target URL </li></ul><ul><li>2. As there is no unilateral </li></ul><ul><li>authentication in step 3 and 6 </li></ul><ul><li>a browser cannot distinguish </li></ul><ul><li>between an attacker A D and </li></ul><ul><li>destination site D </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  31. 31. Comparison Attacks against SAML <ul><li>Replay attack </li></ul><ul><li>HTTP Referrer attack </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  32. 32. Comparison Range of applications <ul><li>OpenID is especially designed for SSO </li></ul><ul><li>SAML in contrast is a more general solution for exchanging assertions including SSO </li></ul><ul><li>If a simple SSO solution is desiered, OpenID is a good suggestion, if flexibitlity is an important requirement, SAML should be chosen </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  33. 33. Comparison Hardware based credentials <ul><li>Magnetic Stripe Cards vs. Chip Cards </li></ul><ul><li>Focus: </li></ul><ul><ul><li>Security point of view </li></ul></ul><ul><li>Vulnerabilities </li></ul><ul><li>Range of applications </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  34. 34. Comparison Magnetic card‘s vulnerabilities <ul><li>Skimming </li></ul><ul><ul><li>Information of a valid card is copied to another card </li></ul></ul><ul><li>Counterfeiting </li></ul><ul><ul><li>The magnetic stripe is invalid but the plastic card/carrier is copied very carefully </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  35. 35. Comparison Chip card‘s vulnerabilities <ul><li>Reverse Engineering of the chip </li></ul><ul><ul><li>Take the chip appart and find out how it was put together and how it functions </li></ul></ul><ul><ul><li>Requieres special equipment and knowledge </li></ul></ul><ul><li>Diffrential Power Analysis </li></ul><ul><li>Flaws in Design </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  36. 36. Comparison Range of applications <ul><li>Magnetic cards: </li></ul><ul><ul><li>Entitlement cards </li></ul></ul><ul><ul><li>Tickets and access control systems </li></ul></ul><ul><li>Chip Cards: </li></ul><ul><ul><li>Financial transactions </li></ul></ul><ul><ul><li>Security system access </li></ul></ul><ul><ul><li>Sotrage of records, e.g medical records </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  37. 37. Comparison HW vs. SW <ul><li>HW: </li></ul><ul><ul><li>Pros: Faster, Portability, Secure Storage, more Security </li></ul></ul><ul><ul><li>Cons: Expensive, usually used for a single pourpose </li></ul></ul><ul><li>SW: </li></ul><ul><ul><li>Pros: Chiper, Reusability, special HW is not needed </li></ul></ul><ul><ul><li>Cons: Source code is known, easier to spot backdoors and unintentional flows, more vuernarable, no Secure Storage </li></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  38. 38. Conclusion and future work <ul><li>Two differen types of electronic credentials </li></ul><ul><ul><li>Software based credentials and </li></ul></ul><ul><ul><li>Hardware based credentials </li></ul></ul><ul><li>Comparison: Hardware vs. Software credentials </li></ul><ul><li>Future work: OpenID </li></ul><ul><ul><li>spreading will increase  security? </li></ul></ul><ul><ul><li>how can I log in, if my OpenID provider is under attack (SPOF)? </li></ul></ul><ul><ul><li>Solution: OpenID approach based on P2P </li></ul></ul><ul><ul><ul><li>data stored encrypted </li></ul></ul></ul><ul><ul><ul><li>authentication anonymously done by a random chosen node </li></ul></ul></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  39. 39. Questions??? 16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  40. 40. 16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi
  41. 41. References <ul><li>Trusted System lecture (WS10/11) </li></ul><ul><li>C. Eckert. IT-Sicherheit: Konzepte - Verfahren – Protokolle. Oldenbourg, 2009. </li></ul><ul><li>J. Buchmann. Einführung in die Kryptographie. Springer, 2010 </li></ul><ul><li>Public Key Infrastructures lecture (SS10) </li></ul>16/3/2011 | TUD | Department 20 | CDC | Electronic Credentials | S. Pöschel, A. Neziri & J. Budurushi

×