Coding & Information Theory Lab.

Transcription

1 통합인증시스템설계및구현 연세대학교전기 전자공학과정연식, 송홍엽 Coding & Information Theory Lab.

2 Introduction Previous Works Contents Design and Implementation of Public-Key Infrastructure Design and Implementation of Single Sign-On Conclusion Coding & Information Theory Lab. 2/28

3 Multi- Environment Introduction Problems of multiple passwords Problems of implementation of challenge-response protocol Single Sign-On Single Sign-On Integration of authentication schemes inside domain of service A user logs in once using a single password, gets authenticated access to all servers in the Intranet Without sending any passwords over the network and Coding & Information Theory Lab. 3/28

4 Kerberos System Previous Works: Kerberos Based on secret-key cryptosystem Based on Needham-Schroeder s third-party protocol Kerberos Database Once per user log-in User Request TGT TGT + Session-key Request SGT SGT + Session-key Authentication Ticket-granting Client Request service Once per type of service Once per service session Application Coding & Information Theory Lab. 4/28

5 Previous Works: Netscape s s SSO Netscape s SuiteSpot Based on digital signature Based on Secure Socket Layer(SSL) Step 1. User enters private-key password. Directory Client Step 2. Client retrieves private-key and generates the digital signature. Step 3. Client sends the certificate and the digital signature over the SSL connection. SSL Connection SuiteSpot Step 4. authenticates user' s identity. Step 5. checks whether certificate is in LDAP entry for user. Step 6. authorizes access for user. Coding & Information Theory Lab. 5/28

6 The Proposed Single Sign-On The Proposed Single Sign-On Based on Public-Key Infrastructure Use of challenge-response protocol User Application 1 Client Challenge-response protocol Authentication LDAP CA Application 2 Coding & Information Theory Lab. 6/28

7 Introduction Previous Works Contents Design and Implementation of Public-Key Infrastructure Design and Implementation of Single Sign-On Conclusion Coding & Information Theory Lab. 7/28

8 Public-Key Infrastructure Concept Enables the use of public-key encryption and digital signature in a consistent manner Certificate management infrastructure Issues and provides access to public-key certificates Network of certificate authorities Components Certificate Authority(CA) server Directory server Client modules Coding & Information Theory Lab. 8/28

9 Generation of Certificate User Sign and Verify data using PKCS #7. Application Request certificates and CRLs. Process PKCS #10 to send certification request. Publish certificates and CRLs. Client Generate a public/ private-key pair and use PKCS #5 to encrypt the private-key Another Intranet CA Crosscertification LDAP CA Coding & Information Theory Lab. 9/28

10 CA Functions Generates certificates Registers the certificates into the directory server Issues certificates Using PIN Revokes certificates Simply deletes a user entry and its attribute from the directory Does not need the use of certificate revocation list(crl) Implementation Apache web server CGI programming Coding & Information Theory Lab. 10/28

11 Certificate X.509 Certificate Format Version ver.1 Signature algorihtm identifier MD5 with RSA encryption Issuer name Root CA(Yonsei CA) Period of validity: Not before Present date Period of validity: Not after Present date + 1 year Subject s public-key info RSA algorithm Signature algorithm identifier Period of validity Subject's public-key info Signature Version Certificate serial number Algorithm Parameters Issuer name Not before Not after Subject name Algorithms Parameters Key Issuer unique identifier Subject unique identifier Extensions Algorithms Parameters Encrypted Version 1 Version 2 All versions Version 3 Coding & Information Theory Lab. 11/28

12 Directory Functions Stores the certificates and CRLs Makes all stored certificates available on request Lightweight Directory Access Protocol (LDAP) Simplified DAP(X.500) Runs directly over TCP or other reliable transport layer Implementation OpenLDAP release distribution Stand-alone LDAP daemon: SLAPD server Binary to ASCII conversion Base-64 encoding/decoding algorithm Coding & Information Theory Lab. 12/28

13 Client Module Functions Generates public/private-key pairs RSA key pair Size of modulus: 1024bit Encrypts the private-key and saves into the local machine Password-based encryption Generates certification requests PKCS #10 Communicates with the CA server to send certification request Implementation Visual Basic Script language Microsoft ActiveX control programming Socket programming Coding & Information Theory Lab. 13/28

14 CA Coding & Information Theory Lab. 14/28

15 Introduction Previous Works Contents Design and Implementation of Public-Key Infrastructure Design and Implementation of Single Sign-On Conclusion Coding & Information Theory Lab. 15/28

16 The Proposed Single Sign-On Components Authentication server Application servers Client modules User Client Application Step. 1 Step. 6 Step. 2 Step. 5 LDAP Step. 4 Step. 3 Challenge-response protocol Authentication Application Coding & Information Theory Lab. 16/28

17 Requirements Capture Message Sequence Chart Guide for designing the system Visualization of the system runs Messages service_req req service_resp resp auth_req auth_resp password_req req password_resp resp cert_req req cert_resp resp signature_req req signature_resp resp Subjects Client (User) Application Application Authentication Authentication Client (User) Authentication LDAP Authentication Client (User) URI, user flag servername, user , randstr user ,, ticket - flag - certificate randnum signeddata Parameters Coding & Information Theory Lab. 17/28

18 Scenario 1 Client (User) Application Authentication LDAP service_req URI, user auth_req servername, user , randstr password_req password_resp (S) cert_req signature_req randnum cert_resp certificate signature_resp signeddata auth_resp service_resp (S) user , ticket First login: General case Coding & Information Theory Lab. 18/28

19 Scenario 2 Client (User) Application Authentication LDAP service_req auth_req password_req password_resp (F) password_req In case a user enters invalid password Coding & Information Theory Lab. 19/28

20 Scenario 3 Client (User) Application Authentication LDAP service_req cert_resp service_resp (S) auth_resp T Auth service_req auth_req service_resp (S) auth_resp In case a user accesses the same application server from the same client within timer expiration Coding & Information Theory Lab. 20/28

21 Scenario 4 Client (User) Application Authentication 1 Application 2 LDAP service_req cert_resp service_resp (S) auth_resp T Auth service_req service_resp (S) auth_req auth_resp In case a user accesses another application server from the same client within timer expiration Coding & Information Theory Lab. 21/28

22 Scenario 5 Client 1 (User) Application Authentication LDAP service_req Client 2 (User) service_resp (S) auth_resp cert_resp T Auth service_req auth_req password_req password_resp (F) password_req In case an opponent accesses the application server from the another client within timer expiration Coding & Information Theory Lab. 22/28

23 randstr & ticket Scenario 6 Application server can be accessed through two URIs To prevent an opponent from directly accessing an application server without authentication protocol Can prevent server-spoofing attack ticket: randstr encrypted by authentication server Client (User) Application Authentication LDAP service_req service_resp (F) In case an opponent directly accesses an application server without authentication process Coding & Information Theory Lab. 23/28

24 Scenario 7 Client (User) Application Authentication LDAP service_req auth_req T App service_req service_req auth_req password_req password_resp (S) cert_req cert_resp signature_req service_resp (S) signature_resp auth_resp In case a user sends multiple service_req req messages Coding & Information Theory Lab. 24/28

25 Authentication Functions Challenge-response protocol Generates the ticket DES-CBC with all 0 s IV To transmit as CGI parameter Base-64 encoding algorithm Additional encoding: + -, = : Control of the timer(t Auth ) Implemented by checking the log-in time in the database 1 hour Implementation Apache web server CGI programming Database management system MySQL database Coding & Information Theory Lab. 25/28

26 Application Functions Verifies the ticket DES-CBC with all 0 s IV Base-64 decoding algorithm Control of the timer(t App ) Maximum Segment Lifetime(MSL) 30 seconds Implementation Apache web server CGI programming Redirection Location header of HTTP Coding & Information Theory Lab. 26/28

27 Client Module Functions Decrypts the private-key Password-based decryption Challenge-response protocol RSA signature algorithm with MD5 hash function Size of modulus: 1024bit Implementation Visual Basic Script language Microsoft ActiveX control programming Socket programming Coding & Information Theory Lab. 27/28

28 Conclusion Advantages Has the mechanism that a user directly connects the application server he wants to access Independent of lower layer protocol implementations Easy to implement and use in the Intranet Future Research Development of SSO for other application protocols Current: HTTP Future: Telnet, customized application protocols Extension to multiple-ca environment Use of smart card Coding & Information Theory Lab. 28/28