Secure communications and tokens Tonimir Ki šasondi, dipl.inf , EUCIP DORS/CLUC 2010
$ finger tkisason <ul><li>Junior researcher/ teaching assistant @ Fakultet organizacije i informatike in Varaždinu </li></...
Summary <ul><li>Authentication as a basis for good communications security </li></ul><ul><li>Tokens and other methods for ...
Authentication goals : <ul><li>We authenticate ourselves every day … </li></ul><ul><li>We want to determine validity of an...
Authentication goals : <ul><li>We authenticate ourselves with the help of some factors: </li></ul><ul><ul><li>Something yo...
Authentication problem : <ul><li>Not all, but some methods are static… </li></ul><ul><li>Passwords </li></ul><ul><ul><li>T...
Pyrit (http://code.google.com/p/pyrit/)
Authentication problem : <ul><li>Regarding the security of passwords : </li></ul><ul><ul><li>Size matters: Use long passph...
Passwords : <ul><li>If passwords are bad, why are we using them?! </li></ul><ul><ul><li>Simplicity? </li></ul></ul><ul><ul...
Passwords : <ul><li>And why should I dislike passwords? </li></ul><ul><ul><li>Remember Aurora? </li></ul></ul><ul><ul><li>...
Passwords : <ul><li>The main vulnerability of each of those systems is that they repeatedly use the same credential </li><...
Biometrics : <ul><li>Excellent method for authentication and identification </li></ul><ul><li>Unfortunately it can only be...
Machete: Biometric password sniffer
Biometrics: <ul><li>Biometrics would be used far more if we could send the characteristic over long ranges and authenticat...
Smart Cards: <ul><li>Memory card only </li></ul><ul><li>Secure (encrypted) memory with PIN access </li></ul><ul><ul><li>Re...
Smart Cards: <ul><li>Linux framework /stack   for  smart  cards </li></ul><ul><ul><li>Libccid /   OpenCS / pcscd </li></ul...
Smart Cards: <ul><li>OpenSSH, OpenVPN, GnuPG support </li></ul><ul><ul><li>OpenSSH 5.4p1  has  support  for  PKCS#11 </li>...
Smart Cards: <ul><li>GnuPG support? </li></ul><ul><ul><li>Gnupg-pkcs11 patches. </li></ul></ul><ul><ul><li>GnuPG is compat...
Tokens : <ul><li>Time based, Hash based </li></ul><ul><li>Two main viable approaches in Linux (Old and tested) </li></ul><...
OPIE <ul><li>One time passwords give a good security mostly because of their flexibility. </li></ul><ul><li>You cannot reu...
OPIE <ul><li>OPIE (One time passwords in everything) </li></ul><ul><li>Opie-server and client </li></ul><ul><ul><li>libpam...
OPIE <ul><li>You need to seed the OPIE for each user with opiepasswd </li></ul><ul><ul><li>You can create a random seed wh...
OPIE
OPIE <ul><li>Challenge can be pre-set </li></ul><ul><li>Don’t tempt yourself to install multiple hosts with the same chall...
OPIE OTP’s can be generated with opiekey or another token generator (java,android,iphone app) tony@enigma:~$ opiekey 498 e...
OPIE You can precompute OTP’s and carry them with you or hand them out (single use method?) tony@enigma:~$ opiekey -n  5  ...
OPIE <ul><li>Android: OpieKey </li></ul><ul><li>Java: J2Me-otp, jfreesafe </li></ul><ul><li>Iphone: 1key </li></ul><ul><li...
Configuring PAM to work with OTP-s <ul><li>tony@enigma:~$ ls /etc/pam.d/ </li></ul><ul><li>atd  chpasswd  common-account  ...
PAM configuration <ul><li>Sufficient and required statements in PAM </li></ul><ul><li>Depends if you want single or multip...
OATH – Initiative for open authentication <ul><li>Relatively new standard </li></ul><ul><li>www.openauthentication.org   <...
OATH-HOTP <ul><li>Currently no support for TOTP under linux </li></ul><ul><ul><li>Wrong: RCDevs-OpenOTP </li></ul></ul><ul...
OATH-HOTP <ul><li>My experience was buggy with hotp-toolkit, </li></ul><ul><li>Go with barada, it’s packages are available...
Yubikey <ul><li>Yubikey usb token </li></ul><ul><ul><li>Yubi OTP, HOTP, Static password mode </li></ul></ul><ul><ul><li>OS...
Conclusion <ul><li>Passwords scale, you can’t beat that. </li></ul><ul><ul><li>Implement a strong password policy! </li></...
Conclusion <ul><li>The easiest way to ensure OTP is with OATH-HOTP or with yubikey </li></ul><ul><li>Use multifactor authe...
E nd rant… <ul><li>Questions, comments, ideas, criticisms   </li></ul><ul><li>[email_address] </li></ul>
E nd rant … <ul><li>Thank you! </li></ul>
Upcoming SlideShare
Loading in …5
×

Security Tokens

4,123 views

Published on

1 Comment
1 Like
Statistics
Notes
  • Sincerely Hope we can cooperate:
    Our company''s products are OTP Tokens, Seamoon is a Chinese company.
    Contact me: alice@seamoon.com.cn
    or +86-135 1099 9024
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
4,123
On SlideShare
0
From Embeds
0
Number of Embeds
14
Actions
Shares
0
Downloads
67
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide

Security Tokens

  1. 1. Secure communications and tokens Tonimir Ki šasondi, dipl.inf , EUCIP DORS/CLUC 2010
  2. 2. $ finger tkisason <ul><li>Junior researcher/ teaching assistant @ Fakultet organizacije i informatike in Varaždinu </li></ul><ul><ul><li>www.foi.hr </li></ul></ul><ul><li>Security, Crypto, Linux… </li></ul><ul><li>Mail: [email_address] </li></ul><ul><li>GPG: 0x00C68442 </li></ul>
  3. 3. Summary <ul><li>Authentication as a basis for good communications security </li></ul><ul><li>Tokens and other methods for secure communications </li></ul>
  4. 4. Authentication goals : <ul><li>We authenticate ourselves every day … </li></ul><ul><li>We want to determine validity of an entity to whom we offer a service </li></ul><ul><ul><li>1:n </li></ul></ul><ul><li>Identification goes a step further </li></ul><ul><ul><li>1:1 </li></ul></ul><ul><li>Relationship with secure communications ? </li></ul>
  5. 5. Authentication goals : <ul><li>We authenticate ourselves with the help of some factors: </li></ul><ul><ul><li>Something you know: </li></ul></ul><ul><ul><ul><li>Password , Passphrase </li></ul></ul></ul><ul><ul><li>Something you have: </li></ul></ul><ul><ul><ul><li>KeyFob, SmartCard, USB Token </li></ul></ul></ul><ul><ul><li>Something you are: </li></ul></ul><ul><ul><ul><li>Biometrics (behaviour or physiological) </li></ul></ul></ul>
  6. 6. Authentication problem : <ul><li>Not all, but some methods are static… </li></ul><ul><li>Passwords </li></ul><ul><ul><li>They stay the same for a long time… </li></ul></ul><ul><ul><ul><li>Longer attack window </li></ul></ul></ul><ul><ul><li>Password reuse </li></ul></ul><ul><ul><li>New analysis methods (GPGPU, Cuda, FPGA) </li></ul></ul><ul><ul><li>Disk space is getting cheaper </li></ul></ul><ul><ul><li>We can replay a known password </li></ul></ul><ul><ul><li>Passwords don’t really identify no one. </li></ul></ul>
  7. 7. Pyrit (http://code.google.com/p/pyrit/)
  8. 8. Authentication problem : <ul><li>Regarding the security of passwords : </li></ul><ul><ul><li>Size matters: Use long passphrases </li></ul></ul><ul><ul><ul><ul><ul><li>- Unknown author </li></ul></ul></ul></ul></ul>
  9. 9. Passwords : <ul><li>If passwords are bad, why are we using them?! </li></ul><ul><ul><li>Simplicity? </li></ul></ul><ul><ul><ul><li>How many passwords do you need to remember? </li></ul></ul></ul><ul><ul><li>Reliability </li></ul></ul><ul><ul><li>Provisioning in big organizations </li></ul></ul><ul><ul><li>Scaling </li></ul></ul><ul><ul><li>They are cheap compared to any other method! </li></ul></ul>
  10. 10. Passwords : <ul><li>And why should I dislike passwords? </li></ul><ul><ul><li>Remember Aurora? </li></ul></ul><ul><ul><li>Password sniffing? </li></ul></ul><ul><ul><li>Read Apache teams post mortem… </li></ul></ul><ul><ul><li>Backdoored sshd? </li></ul></ul>
  11. 11. Passwords : <ul><li>The main vulnerability of each of those systems is that they repeatedly use the same credential </li></ul><ul><li>The other main vulnerability is that the implementation mostly gets bypassed… </li></ul><ul><ul><li>Same story as with crypto.. </li></ul></ul><ul><li>Lets see some other methods: </li></ul>
  12. 12. Biometrics : <ul><li>Excellent method for authentication and identification </li></ul><ul><li>Unfortunately it can only be done with specialized hardware </li></ul><ul><ul><li>Portability and commonness of such HW? </li></ul></ul><ul><li>Most popular: fingerprint, handprint, keystroke dynamics </li></ul><ul><li>Biometrics cannot be revoked. You can revoke a password! </li></ul><ul><li>For a motivational example: </li></ul>
  13. 13. Machete: Biometric password sniffer
  14. 14. Biometrics: <ul><li>Biometrics would be used far more if we could send the characteristic over long ranges and authenticate ourselves remotely! </li></ul><ul><li>Example: radius-fingerprint </li></ul><ul><ul><li>Radius auth that unlocked passwords based on fingerprints: #fail </li></ul></ul><ul><li>Academic works: Reconstructing an characteristic based on a template </li></ul>
  15. 15. Smart Cards: <ul><li>Memory card only </li></ul><ul><li>Secure (encrypted) memory with PIN access </li></ul><ul><ul><li>Remember MIFARE crypto-1? </li></ul></ul><ul><ul><li>Remember FedEx Kinko’s smartcard? </li></ul></ul><ul><ul><li>PIN-s are really a deterrent if you have the right equipment </li></ul></ul><ul><li>Cryptographic smart cards </li></ul>
  16. 16. Smart Cards: <ul><li>Linux framework /stack for smart cards </li></ul><ul><ul><li>Libccid / OpenCS / pcscd </li></ul></ul><ul><ul><li>OpenSC </li></ul></ul><ul><ul><li>e sc (Centos/RedHat) </li></ul></ul><ul><ul><li>Reader driver </li></ul></ul><ul><ul><li>Card driver </li></ul></ul><ul><ul><li>Application PKCS#11 / PKCS#15 support </li></ul></ul>
  17. 17. Smart Cards: <ul><li>OpenSSH, OpenVPN, GnuPG support </li></ul><ul><ul><li>OpenSSH 5.4p1 has support for PKCS#11 </li></ul></ul><ul><ul><li>Prior versions need OpenSSH-pkcs11 patches </li></ul></ul><ul><ul><ul><li>Not in mainline! </li></ul></ul></ul><ul><li>A PAM module is available (pam_p11) </li></ul><ul><ul><li>Authentication with autorized ssh key </li></ul></ul><ul><ul><li>Authentication with authorized x509 </li></ul></ul><ul><li>Why do we really have 3 representations for keys? (Openssh, gnupg, x509) </li></ul>
  18. 18. Smart Cards: <ul><li>GnuPG support? </li></ul><ul><ul><li>Gnupg-pkcs11 patches. </li></ul></ul><ul><ul><li>GnuPG is compatible OpenPGP cards </li></ul></ul><ul><li>OpenVPN </li></ul><ul><ul><li>Good support </li></ul></ul><ul><li>strongSWAN </li></ul><ul><ul><li>Some limitations </li></ul></ul><ul><li>openSWAN - ??? </li></ul>
  19. 19. Tokens : <ul><li>Time based, Hash based </li></ul><ul><li>Two main viable approaches in Linux (Old and tested) </li></ul><ul><ul><li>S/key (deprecated) </li></ul></ul><ul><ul><li>OPIE </li></ul></ul><ul><ul><ul><li>Packaged and simple! </li></ul></ul></ul><ul><ul><li>OTPW (prefix-suffix scheme) </li></ul></ul><ul><ul><ul><li>Like TAN lists </li></ul></ul></ul><ul><ul><ul><li>I don’t want to carry a list with my suffixes! </li></ul></ul></ul>
  20. 20. OPIE <ul><li>One time passwords give a good security mostly because of their flexibility. </li></ul><ul><li>You cannot reuse a onetime password </li></ul><ul><li>Here i will concentrate on OPIE and OATH-HOTP, making them work with PAM/SSH </li></ul><ul><li>Why are they better? </li></ul><ul><ul><li>Soft tokens as apps on your cellphone </li></ul></ul>
  21. 21. OPIE <ul><li>OPIE (One time passwords in everything) </li></ul><ul><li>Opie-server and client </li></ul><ul><ul><li>libpam_opie </li></ul></ul><ul><li>Useful for local su when you have multiple admins </li></ul><ul><ul><li>Apache team requires them on some hosts (read their post mortem!) </li></ul></ul><ul><li>How does it work? Create a password seed </li></ul><ul><li>Make a hash-chain </li></ul><ul><li>h499(h498(h497(…h2(h1(S))…))) </li></ul><ul><li>Represent output as 6 words… </li></ul><ul><li>Start asking for otps from 499 to 0 </li></ul>
  22. 22. OPIE <ul><li>You need to seed the OPIE for each user with opiepasswd </li></ul><ul><ul><li>You can create a random seed which can be secret from the end user. </li></ul></ul><ul><li>If you want to use OpenSSH with opie, you need to enable ChallengeResponseAuthentication in your sshd config </li></ul><ul><li>You need to add it to PAM.d (more on that later…) </li></ul>
  23. 23. OPIE
  24. 24. OPIE <ul><li>Challenge can be pre-set </li></ul><ul><li>Don’t tempt yourself to install multiple hosts with the same challenge, you don’t have OTP then </li></ul><ul><li>Before you reach seq 0, you will need to rekey the otp. </li></ul>
  25. 25. OPIE OTP’s can be generated with opiekey or another token generator (java,android,iphone app) tony@enigma:~$ opiekey 498 en1234 Using the MD5 algorithm to compute response. Reminder: Don't use opiekey from telnet or dial-in sessions. Enter secret pass phrase: NUDE JAN ATE BOGY FIEF NAP tony@enigma:~$
  26. 26. OPIE You can precompute OTP’s and carry them with you or hand them out (single use method?) tony@enigma:~$ opiekey -n 5 498 en1234 … Enter secret pass phrase: 494: MOD SOIL DUMB OLDY ROOF RISE 495: LIMA HIT BUSS DIVE OUR SPY 496: CORK CORK MAN HOLM TURF MET 497: MUSH SAGE SO WEIR EVEN AMRA 498: NUDE JAN ATE BOGY FIEF NAP
  27. 27. OPIE <ul><li>Android: OpieKey </li></ul><ul><li>Java: J2Me-otp, jfreesafe </li></ul><ul><li>Iphone: 1key </li></ul><ul><li>Linux - opiekey </li></ul><ul><li>Paper... </li></ul><ul><li>Google : Search for OPIE, OTP-MD5, S/Key MD5… </li></ul><ul><li>If you need strong security – generate the OTP-s on a SEPARATE device than the one that you use for comms and use twofactor auth. </li></ul>
  28. 28. Configuring PAM to work with OTP-s <ul><li>tony@enigma:~$ ls /etc/pam.d/ </li></ul><ul><li>atd chpasswd common-account common-password common-session-noninteractive cups gdm-autologin login other polkit-1 samba su chfn chsh common-auth common-session cron gdm gnome-screensaver newusers passwd ppp sshd sudo </li></ul><ul><li>Su, sshd, sudo are safe to use with OPIE </li></ul><ul><li>Test any service which you want to OTP first in a VM. </li></ul><ul><li>Try not to lock yourself out of your box  </li></ul>
  29. 29. PAM configuration <ul><li>Sufficient and required statements in PAM </li></ul><ul><li>Depends if you want single or multiple mode auth. </li></ul><ul><li>Debug your OTP’s with the debug statement </li></ul><ul><li>Use sufficient at first until you know it’s working </li></ul><ul><li>Most of the time you can never be to careful and add: auth required pam_deny.so at the end… </li></ul>
  30. 30. OATH – Initiative for open authentication <ul><li>Relatively new standard </li></ul><ul><li>www.openauthentication.org </li></ul><ul><li>Two methods: HOTP, TOTP </li></ul>
  31. 31. OATH-HOTP <ul><li>Currently no support for TOTP under linux </li></ul><ul><ul><li>Wrong: RCDevs-OpenOTP </li></ul></ul><ul><ul><li>RSA-SecurID is the proprietary exception </li></ul></ul><ul><li>HOTP support is provided in: </li></ul><ul><ul><li>HOTP toolkit (libpam_hotp) (http://freshmeat.net/projects/hotp-toolkit) </li></ul></ul><ul><ul><li>Barada (libpam_barada) ( http://barada.sourceforge.net/ ) </li></ul></ul><ul><li>Apache module mod-auth-otp </li></ul><ul><li>RADIUS rlm_otp support. </li></ul>
  32. 32. OATH-HOTP <ul><li>My experience was buggy with hotp-toolkit, </li></ul><ul><li>Go with barada, it’s packages are available for Debian Squeeze (not in lenny yet.) </li></ul><ul><li>As always: YMMW  </li></ul><ul><li>mod_authn_otp </li></ul>
  33. 33. Yubikey <ul><li>Yubikey usb token </li></ul><ul><ul><li>Yubi OTP, HOTP, Static password mode </li></ul></ul><ul><ul><li>OSS </li></ul></ul><ul><li>Pam modules, apache, radius </li></ul><ul><li>Great community, bindings for everything. </li></ul><ul><li>As far as I am concerned, the most promising token </li></ul><ul><li>Now would be the good time to show some demos  </li></ul>
  34. 34. Conclusion <ul><li>Passwords scale, you can’t beat that. </li></ul><ul><ul><li>Implement a strong password policy! </li></ul></ul><ul><li>Biometrics are great for local authentication </li></ul><ul><ul><li>Use them on fixed workstations </li></ul></ul><ul><ul><li>Fingerprint scanners are relatively cheap </li></ul></ul><ul><ul><ul><li>Check our fprint lib. </li></ul></ul></ul><ul><li>SmartCards are good </li></ul><ul><ul><li>Watch out for reader/card/app compatability! </li></ul></ul><ul><li>HOTP-s are really great, but the support is terrible </li></ul><ul><li>Yubikey – bright future (i hope…) </li></ul>
  35. 35. Conclusion <ul><li>The easiest way to ensure OTP is with OATH-HOTP or with yubikey </li></ul><ul><li>Use multifactor authentication (OTP+Password) </li></ul><ul><li>Watch out for implementation errors </li></ul><ul><li>OTPs won’t protect you against security bugs </li></ul><ul><ul><li>Did i mention? Patch your code! </li></ul></ul><ul><li>Principle of least privilege, service separation </li></ul><ul><li>Yes, you probably should implement ISMS! </li></ul>
  36. 36. E nd rant… <ul><li>Questions, comments, ideas, criticisms  </li></ul><ul><li>[email_address] </li></ul>
  37. 37. E nd rant … <ul><li>Thank you! </li></ul>

×