Security Tokens
description
Transcript of Security Tokens
![Page 1: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/1.jpg)
Secure communications and tokens
Tonimir Kišasondi, dipl.inf, EUCIP
DORS/CLUC 2010
![Page 2: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/2.jpg)
$ finger tkisason
• Junior researcher/ teaching assistant @ Fakultet organizacije i informatike in Varaždinu www.foi.hr
• Security, Crypto, Linux…
• Mail: [email protected]• GPG: 0x00C68442
![Page 3: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/3.jpg)
Summary
• Authentication as a basis for good communications security
• Tokens and other methods for secure communications
![Page 4: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/4.jpg)
Authentication goals:
• We authenticate ourselves every day…
• We want to determine validity of an entity to whom we offer a service 1:n
• Identification goes a step further 1:1
• Relationship with secure communications?
![Page 5: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/5.jpg)
Authentication goals:
• We authenticate ourselves with the help of some factors:
Something you know: Password, Passphrase
Something you have: KeyFob, SmartCard, USB Token
Something you are: Biometrics (behaviour or physiological)
![Page 6: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/6.jpg)
Authentication problem:
• Not all, but some methods are static…• Passwords
They stay the same for a long time… Longer attack window
Password reuse New analysis methods (GPGPU, Cuda, FPGA) Disk space is getting cheaper We can replay a known password Passwords don’t really identify no one.
![Page 7: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/7.jpg)
Pyrit (http://code.google.com/p/pyrit/)
![Page 8: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/8.jpg)
Authentication problem:
Regarding the security of passwords:
Size matters: Use long passphrases- Unknown author
![Page 9: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/9.jpg)
Passwords:
• If passwords are bad, why are we using them?! Simplicity?
How many passwords do you need to remember?
Reliability
Provisioning in big organizations
Scaling
They are cheap compared to any other method!
![Page 10: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/10.jpg)
Passwords:
And why should I dislike passwords?Remember Aurora?
Password sniffing?
Read Apache teams post mortem…
Backdoored sshd?
![Page 11: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/11.jpg)
Passwords:
The main vulnerability of each of those systems is that they repeatedly use the same credential
The other main vulnerability is that the implementation mostly gets bypassed… Same story as with crypto..
Lets see some other methods:
![Page 12: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/12.jpg)
Biometrics:
• Excellent method for authentication and identification
• Unfortunately it can only be done with specialized hardware Portability and commonness of such HW?
• Most popular: fingerprint, handprint, keystroke dynamics
• Biometrics cannot be revoked. You can revoke a password!
• For a motivational example:
![Page 13: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/13.jpg)
Machete: Biometric password sniffer
![Page 14: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/14.jpg)
Biometrics:
• Biometrics would be used far more if we could send the characteristic over long ranges and authenticate ourselves remotely!
• Example: radius-fingerprint Radius auth that unlocked passwords based
on fingerprints: #fail
• Academic works: Reconstructing an characteristic based on a template
![Page 15: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/15.jpg)
Smart Cards:
• Memory card only
• Secure (encrypted) memory with PIN access Remember MIFARE crypto-1? Remember FedEx Kinko’s smartcard? PIN-s are really a deterrent if you have the right
equipment
• Cryptographic smart cards
![Page 16: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/16.jpg)
Smart Cards:
• Linux framework/stack for smart cards Libccid / OpenCS / pcscd OpenSC esc (Centos/RedHat)
Reader driver Card driver Application PKCS#11 / PKCS#15 support
![Page 17: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/17.jpg)
Smart Cards:
• OpenSSH, OpenVPN, GnuPG support OpenSSH 5.4p1 has support for PKCS#11 Prior versions need OpenSSH-pkcs11 patches
Not in mainline!• A PAM module is available (pam_p11)
Authentication with autorized ssh key Authentication with authorized x509
• Why do we really have 3 representations for keys? (Openssh, gnupg, x509)
![Page 18: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/18.jpg)
Smart Cards:
• GnuPG support? Gnupg-pkcs11 patches. GnuPG is compatible OpenPGP cards
• OpenVPN Good support
• strongSWAN Some limitations
• openSWAN - ???
![Page 19: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/19.jpg)
Tokens:
• Time based, Hash based
• Two main viable approaches in Linux (Old and tested) S/key (deprecated) OPIE
Packaged and simple! OTPW (prefix-suffix scheme)
Like TAN lists I don’t want to carry a list with
my suffixes!
![Page 20: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/20.jpg)
OPIE
• One time passwords give a good security mostly because of their flexibility.
• You cannot reuse a onetime password
• Here i will concentrate on OPIE and OATH-HOTP, making them work with PAM/SSH
• Why are they better? Soft tokens as apps on your cellphone
![Page 21: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/21.jpg)
OPIE
• OPIE (One time passwords in everything)• Opie-server and client
libpam_opie
• Useful for local su when you have multiple admins Apache team requires them on some hosts (read their
post mortem!)
• How does it work? Create a password seed• Make a hash-chain• h499(h498(h497(…h2(h1(S))…)))• Represent output as 6 words…• Start asking for otps from 499 to 0
![Page 22: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/22.jpg)
OPIE
• You need to seed the OPIE for each user with opiepasswd You can create a random seed which can be secret
from the end user.
• If you want to use OpenSSH with opie, you need to enable ChallengeResponseAuthentication in your sshd config
• You need to add it to PAM.d (more on that later…)
![Page 23: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/23.jpg)
OPIE
![Page 24: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/24.jpg)
OPIE
• Challenge can be pre-set
• Don’t tempt yourself to install multiple hosts with the same challenge, you don’t have OTP then
• Before you reach seq 0, you will need to rekey the otp.
![Page 25: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/25.jpg)
OPIE
OTP’s can be generated with opiekey or another token generator (java,android,iphone app)
tony@enigma:~$ opiekey 498 en1234Using the MD5 algorithm to compute response.Reminder: Don't use opiekey from telnet or
dial-in sessions.Enter secret pass phrase: NUDE JAN ATE BOGY FIEF NAPtony@enigma:~$
![Page 26: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/26.jpg)
OPIE
You can precompute OTP’s and carry them with you or hand them out (single use method?)
tony@enigma:~$ opiekey -n 5 498 en1234…Enter secret pass phrase: 494: MOD SOIL DUMB OLDY ROOF RISE495: LIMA HIT BUSS DIVE OUR SPY496: CORK CORK MAN HOLM TURF MET497: MUSH SAGE SO WEIR EVEN AMRA498: NUDE JAN ATE BOGY FIEF NAP
![Page 27: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/27.jpg)
OPIE
• Android: OpieKey• Java: J2Me-otp, jfreesafe• Iphone: 1key• Linux - opiekey• Paper...
• Google : Search for OPIE, OTP-MD5, S/Key MD5…
• If you need strong security – generate the OTP-s on a SEPARATE device than the one that you use for comms and use twofactor auth.
![Page 28: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/28.jpg)
Configuring PAM to work with OTP-s
• tony@enigma:~$ ls /etc/pam.d/ atd chpasswd common-account common-
password common-session-noninteractive cups gdm-autologin login other polkit-1 samba su chfn chsh common-auth common-session cron gdm gnome-screensaver newusers passwd ppp sshd sudo
Su, sshd, sudo are safe to use with OPIE
Test any service which you want to OTP first in a VM.Try not to lock yourself out of your box
![Page 29: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/29.jpg)
PAM configuration
• Sufficient and required statements in PAM• Depends if you want single or multiple mode
auth.
• Debug your OTP’s with the debug statement• Use sufficient at first until you know it’s working
• Most of the time you can never be to careful and add: auth required pam_deny.so at the end…
![Page 30: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/30.jpg)
OATH – Initiative for open authentication
• Relatively new standard• www.openauthentication.org • Two methods: HOTP, TOTP
![Page 31: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/31.jpg)
OATH-HOTP
• Currently no support for TOTP under linux Wrong: RCDevs-OpenOTP
RSA-SecurID is the proprietary exception
• HOTP support is provided in: HOTP toolkit (libpam_hotp)
(http://freshmeat.net/projects/hotp-toolkit) Barada (libpam_barada) (http://barada.sourceforge.net/
)
• Apache module mod-auth-otp
• RADIUS rlm_otp support.
![Page 32: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/32.jpg)
OATH-HOTP
• My experience was buggy with hotp-toolkit,
• Go with barada, it’s packages are available for Debian Squeeze (not in lenny yet.)
• As always: YMMW
• mod_authn_otp
![Page 33: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/33.jpg)
Yubikey
• Yubikey usb token Yubi OTP, HOTP, Static password mode OSS
• Pam modules, apache, radius
• Great community, bindings for everything.
• As far as I am concerned, the most promising token
• Now would be the good time to show some demos
![Page 34: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/34.jpg)
Conclusion
• Passwords scale, you can’t beat that. Implement a strong password policy!
• Biometrics are great for local authentication Use them on fixed workstations Fingerprint scanners are relatively cheap
Check our fprint lib.
• SmartCards are good Watch out for reader/card/app compatability!
• HOTP-s are really great, but the support is terrible
• Yubikey – bright future (i hope…)
![Page 35: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/35.jpg)
Conclusion
• The easiest way to ensure OTP is with OATH-HOTP or with yubikey
• Use multifactor authentication (OTP+Password)• Watch out for implementation errors
• OTPs won’t protect you against security bugs Did i mention? Patch your code!
• Principle of least privilege, service separation• Yes, you probably should implement ISMS!
![Page 37: Security Tokens](https://reader033.fdocuments.net/reader033/viewer/2022061207/5484ae3eb4af9f924c8b4800/html5/thumbnails/37.jpg)
End rant…
• Thank you!