1 / 36

Internet Security 1 ( IntSi1 )

Internet Security 1 ( IntSi1 ). 10 Identity and Access Management (IAM). Prof. Dr. Peter Heinzmann Prof. Dr. Andreas Steffen Dr. Nathalie Weiler* Institute for Internet Technologies and Applications (ITA). * 2002-2004 Zürcher Hochschule Winterthur, currently with Credit Suisse.

cwen
Download Presentation

Internet Security 1 ( IntSi1 )

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Security 1 (IntSi1) 10 Identity and AccessManagement (IAM) Prof. Dr. Peter HeinzmannProf. Dr. Andreas SteffenDr. Nathalie Weiler*Institute for Internet Technologies and Applications (ITA) * 2002-2004 Zürcher Hochschule Winterthur, currently with Credit Suisse

  2. Controlled Access is needed to ... • One Computer (Sign-On, Logon) • Many Computers (Single Sign-On, SSO) • Applications (Telnet, Secure Shell, ftp, library catalog) • Mailbox (POP3, IMAP) • Web-Editing (FrontPage) • Web-Pages (.htaccess) • .... • Rooms, areas, ...

  3. 0. Identification I am: "Username" asteffen ******** 3. Accounting • Authentication Prove, that I am "Username" Authentication, Authorization, Accounting (AAA) Username: Password: User 2. Authorization (Access)

  4. Internet Security 1 (IntSi1) 10.1 Basic Authentication Schemes

  5. Username: asteffen Password: aznHu4Um Fingerprint Iris/Retina Scanning Voice Face Authentication is based on ... • What you know(password, PIN, shared secret) • ask for something only the authorized user knows • What you have (Certificate, Token, Scratch List) • test for the presence of something only the authorized user has 01 Z4GH 06 IKDX02 67TS 07 9PL703 UR2A 08 NFLB04 TIQV 09 K91D05 3Z5P 10 HA85 • What you are(biological pattern, e.g. fingerprint) • non-forgeable biological or behavioral characteristics of the user

  6. PW-Hash Username Password-File Local Windows/Unix Logon Process WinXP: \WINDOWS\system32\config\SAM SAM = Security Account Manager (permanent file lock) Unix: /etc/passwd (User IDs) /etc/shadow (Password Hashes) Username Password Username: asteffen Password: ******** Domain: local H(PW) One-Way Function PW-Hash

  7. NT and LANmanager Password Schemes

  8. Offline Attacks on LM & NTLM Hashes

  9. ID Password ID Password Salt Host User DES Hash Function andi:zM0qKKIURkwh.:12739:0:99999:7:0:: Hash /etc/shadowPassword File ID Password Hash Salt DES Hash Function Unix Password Schemes • Salt helpsagainstprecomputedtables.UNIX uses 12 bitsofsalt, resulting in 4096 hashedpasswordvariants. • Optional MD5 hashallowspasswordsandpassphrases > 8 characters.  Password Salt tpw:$1$Or6ur$eUbm5V2.meW3v7xkBtA77.:

  10. Typical Attacks on Passwords • Social engineering • Password guessing • Check for „well known“ passwords • Password cracking (systematic password trying) • Dictionary attack based on word lists (several languages, LOTR, etc.) • Words with permutations and some special characters (rules) • Exhaustive search (brute force) • Precomputed Tables (Rainbow) • Tools: Cain & Abel, John the Ripper • Password sniffing • Sniffing and setting triggers (e.g. on „login“ or „password“) • Keystroke monitoring • TTY watcher, keystroke recorder (HW/SW) • Trojan horse „faked login screen“ • Phishing (Redirection to malicious host)

  11. Internet Security 1 (IntSi1) 10.2 Challenge / ResponseProtocols

  12. User Insecure Channel Server random value(Nonce) IDU RU RS RS Challenge Keyed Hash Function Key IDU RU MAC IDU RU RS Response Keyed Hash Function Key MAC MAC Secure Authentication based onChallenge/Response Protocols • No secrets are openly transmitted • The random valuesRS and RU must notbe repeated ! 

  13. User Insecure Channel Server random value(Nonce) IDU RU RS RS Challenge Hash IDU RU RS Encryption withPrivate Key Hash Hash Response IDU RU Sig Decryption withPublic Key Sig Challenge/Response Protocol based onDigital Signatures 

  14. Internet Security 1 (IntSi1) 10.3 Windows NT LAN Manager NTLM

  15. User A Server 1 Printer User B Server 3 Server 2 Windows Domain Authentication • A Domain is a collection of Services (Email, File-Shares, Printers, ...) administered by a Domain Controller (DC). • Centralized Administration: • Each user has only one account per Domain managed by the Domain Controller. • Thus there is no need for individual Server accounts. • Flexibility: • Assignment of Users to Groups • Multiple Domains possible (Master-Domains, Trust Relationships) • All users and servers must trust the Domain Controller. Domain Domain Controller (DC)

  16. Domain: Wonderland Username: Alice Password: 2Uh7& Alice, f68ba0537, 51ff1d83 Alice OK f68ba0537 51ff1d83 NTLM – Protocol • Windows NTLAN Manager is a proprietary Microsoft scheme. • Typical example of a Challenge-Response protocol. User Alice: KeyA Server User Alice Domain Controller (DC) H(2Uh7&) = KeyAE(f68ba0537, KeyA) = 51ff1d83 Challenge: f68ba0537 E(f68ba0537, KeyA) = 51ff1d83Comparison with 51ff1d83 – ok? H: Hash functionE(x, k): Encryption of x with key k

  17. NTLM Security Analysis • User key is known to the user and DC only • The user key is derived from the user's login password. • Only the entitled user can correctly encrypt the challenge. • Non-recurring challenge values (nonces) prevent replay-attacks. • Pros: • Password is never transmitted in the clear. • Simple and secure protocol if strong user passwords are used. • Cons: • The authentication process must be repeated for every use ofa server  DC can become a bottleneck. • Weak or short NTLM passwords can be cracked offline with a dictionary or brute force attack.

  18. Internet Security 1 (IntSi1) 10.4 KerberosKey Distribution System

  19. Historical Background • Developed in 1983 as part of MIT's Athena project. • Motivation: • Many MIT students „sniffed“ the network and thus got hold ofroot passwords which they used to reboot the servers. • Requirements: • Authentication in UNIX-based TCP/IP networks • Use of symmetrical cryptography (DES) • Characteristics: • Relies on the mediation services of a trusted referee or notary. • Based on the work by Needham and Schroeder on trusted third-party protocols as well as Denning and Sacco's modifications of these. • Kerberos Releases • Current release is Kerberos v5 (RFC 1510, September 1993). • V5 supports additional encryption ciphers besides DES.

  20. Bob Jack Alice Mary Tom Paul Dick Jip Harry Peter Mediated Authentication by means of aKey Distribution Center (KDC) Kbob Kalice KDC

  21. Kerberos Tickets • Each Kerberos participant (Alice, Bob, etc.) – called a Principal– shares a common secret with the Key Distribution Center (KDC) – the Principal’sMaster Key. • Each secured communication or secured access is "mediated"by means of a Kerberos Ticket. How is Alice going to talk to Bob?

  22. Alice, Bob, a5F113de 9abc571a,Ticket 5cc10981,Ticket Simplified Kerberos Protocol Realm: WonderlandUsername: AlicePassword: 2Uh7& User Alice: MKeyAServer Bob: MKeyB KDC User Alice H(2Uh7&) = MKeyAE(time, MKeyA) = a5F113de D(a5F113de, MKeyA) = time, valid?Session key Alice-Bob: SABE(SAB, MKeyA) = 9abc571aE({ Alice, SAB}, MKeyB) = Ticket D(9abc571a, MKeyA) = SABE({ Alice, time }, SAB) = 5cc10981 MKeyB Server Bob H: Hash functionE(x, k): Encryption of x with key kD(x, k): Decryption of x with key k D(Ticket, MKeyB) = { Alice, SAB}D(5cc10981, SAB) = { Alice, time } correct?

  23. AS_REQ [Alice, a5F113de] AS_REP [27LnZ8vU] Kerberos Protocol – Authentication ServiceSession Key and Ticket-Granting Ticket (TGT) Realm: WonderlandUsername: AlicePassword: 2Uh7& User Alice: MKeyAServer Bob: MKeyB KDC User Alice H(2Uh7&) = MKeyAE(time, MKeyA) = a5F113de D(a5F113de, MKeyA) = time, valid?Session key for Alice: SAE({ Alice, SA }, MKeyKDC) = TGTAE({ SA, TGTA }, MKeyA) = 27LnZ8vU D(27LnZ8vU, MKeyA) = { SA, TGTA } H: Hash functionE(x, k): Encryption of x with key kD(x, k): Decryption of x with key k

  24. TGS_REQ [Bob, TGTA, qR71htp9] TGS_REP [b22sYG1k] Kerberos Protocol – Ticket Granting ServiceRequesting a ticket for accessing server Bob Session Key: SATicket: TGTA Server Bob: MKeyB KDC User Alice E({ Alice, time }, SA) = qR71htp9 D(TGTA,MKeyKDC) = { Alice, SA } D(qR71htp9, SA) = { Alice, time }, valid?Session key for Alice-Bob: SABE({ Alice, SAB}, MKeyB) = TABE({ SAB, TAB }, SA) = b22sYG1k D(b22sYG1k, SA) = { SAB, TAB } H: Hash functionE(x, k): Encryption of x with key kD(x, k): Decryption of x with key k

  25. AP_REQ [TAB, w86EQa55] AP_REP [4tMJs73c] Kerberos Protocol – Client/Server AuthenticationAccessing server Bob Session Key: SABTicket: TAB MKeyB Server Bob User Alice E({ Alice, timeA }, SAB) = w86EQa55 D(TAB,MKeyB) = { Alice, SAB } D(w86EQa55, SAB) = { Alice, time }, valid?E({ Bob, timeB }, SAB) = 4tMJx73c D(4tMJx73c, SAB) = { Bob, timeB }, valid? H: Hash functionE(x, k): Encryption of x with key kD(x, k): Decryption of x with key k

  26. {db; MKeyKDC} KDC Replication SlaveKDC Host Host Host Host SlaveKDC Host Host Host Host Host Host MasterKDC SlaveKDC Host Host Host Host Host Host Host Host Host Host SlaveKDC Host Host Host Host Host SlaveKDC Host Host Realm Host Host

  27. Wonderland KDC Lions KDC 3. TGS_REQ[Alice@Wonderland, Carol@Lions] 1. TGS_REQ[Alice@Wonderland, Carol@Lions] 2. TGS_REP[credentials for Lions KDC] 4. TGS_REP[credentials for Carol@Lions] Alice Carol 5. AP_REQ[Alice, KA{KBA, “Alice”,...}] Inter-Realm Authentication RealmLions RealmWonderland

  28. TicketGrantingService KerberosAuthentication 1. authenticate user 2. access control for server 3. communication Client Server Summary

  29. Internet Security 1 (IntSi1) 10.5 Single Sign-On

  30. Single Sign-On (SSO) • 80% of helpdesk calls are password-related. Single sign-on systems could enable a company to reduce its helpdesk by 40% savings of nearly $4.4 million for company with 20'000 users.Forrester Research

  31. Workflow-Based User Provisioning

  32. Example: Novell Identity Manager

  33. Synchronized Data View using a Meta-Directory

  34. Meta Directories Standardized, consistent view • Meta directories contain information replicated from varioussource directories. • Constant synchronization with the source directories guarantees the consistency between original and copy. Meta Directory Sync Sync Sync Customized Connectors LDAP DB Flat File

  35. Modified LDAP request LDAP request Modified LDAP response LDAP response Virtual Directories • Virtual directories provide access to the existing data sources without moving the data out of the original repository. • Virtual directories act as a proxy between an LDAP server and a client. Configurable modules allow data to be manipulated during the transfer. LDAP Broker Agent Client LDAP Server Virtual Directory

  36. Identity and Access Management (IAM) • Enterprise Information Architecture • Identify key business processes and determine the applications, information assets and transactions critical to meeting its business goals. • Define which users need what resources and at what level of security. • Permission and Policy Management • Establish and enforce policies governing the access control rights of users. Single sign-on (SSO) procedures facilitate the access to all applications a user is entitled to use. • Entreprise Directory Services • Use the Lightweight Directory Access Protocol (LDAP) to access an organization's central repository of user identies and access privileges,as well as applications, information, network resources and more. • User Authentication • The use of a Public key infrastructure (PKI) is the preferred mechanism. • Workflow-Based User Provisioning • Provisioning deploys access rights for employees, customers and business partners. Automated workflow systems reduce tedious manual tasks.

More Related