Introduction Operating Systems Security: User Authentication Ozalp Babaoglu! When you first make contact with a computer service (login, email, web access, etc.) you need to identify yourself and then authenticate this identity to prove who you claim to be! Authentication is the basis for performing Authorization! Authentication of human principles rather different from authentication of messages or machines! Humans are not good at remembering or at computing ALMA MATER STUDIORUM UNIVERSITA DI BOLOGNA! 2 User Authentication Password-based authentication! Authenticating humans can be based on 1. Something you know (password, PIN) 2. Something you have (token) 3. Something you do 4. Something you are (biometrics) 5. Where you are! Options 2, 3 and 4 usually require special hardware support! Option 1 is by far the most common 3! Leaves no trace of security breaches! Impossible to prove your innocence if someone misuses your account! Possibilità che la password venga indovinata " Scarsa cultura della sicurezza " Password banali " Post-it con la password attaccata allo schermo! Possibilità che la password venga carpita " un intruso può sbirciare chi sta digitando la password " login spoofing " sniffing di rete! Possibility of on-line or off-line attacks 4
Password-based authentication Password-based authentication! On-line attack: the system itself is used to verify the correctness of guesses! Defenses: " Slow down rate of guesses (insert delay) " Limit number of incorrect attempts (3 wrong PINs, the phone blocks, Bancomat eats your card) " Report date/time/location of last successful login at the next login! Off-line attacks: verify the correctness of password guesses on a system different from the one being targeted! Need access to passwords in some stored form! Based on pre-constructed lists of potential passwords 5 6 Password-based authentication Dictionary Attack! How to save passwords " as clear text in a file protected by the operating system s access control mechanisms " subject to abuse by privileged users, administrators! Password encryption " based on a one-way hash function f() " the password file contains fingerprints of the passwords and not the clear text " at login, compute the fingerprint of the password supplied by the user and compare it to the value stored in the file " Password file in Unix/Linux: /etc/passwd! Obtain a copy of the file containing encrypted passwords! Obtain file containing lists of common words (dictionary)! For each word w in the dictionary, compute its hash value using f(w) and compare it to the encrypted passwords in the password file! All matching entries correspond to users who have set their password to w! Can be much more sophisticated by transforming w in common ways (backwards, 2-letter permutations, etc.)! Can be mechanized through easily-available programs such as crack 7 8
Dictionary Attack Dictionary Attack List of common words Password file Achille Adriano Africa Afrodite Agnese Agrigento Alberto Aldo Alessandro Alessio Ambrogio America Amilcare Anastasia Ancona Andrea Anna Annibale Anselmo Antonino Antonio Aosta... root:ikgjioe9043jb:0:0:... rossi:wsfl4i4gjio:500:500:... bianchi:sdiweo38d:501:501:... franchi:bwjk2lks4df:502:502:... neri:osdtrkl9dfb:503:503:... orsi:gi5ikwsdvo:504:504:... tamburini:lkqweoibve4s:505:505:... gallo:osdtrkl9dfb:506:506:... f(anna) = osdtrkl9dfb Defenses:! Artificially slow down the performance of the one-way hash function (Unix applies DES 25 times to a all-zero block with the password as the key)! Salting of passwords to prevent global attacks! Limit access to the password file through OS! Shadow passwords: separate encrypted passwords from all the other information contained in the password file (real name of user, office location, telephone number, etc.) 9 10! Shadow password file Shadow Passwords " Il file /etc/passwd è leggilibile a tutti perchè contiene informazioni che vanno al di là della password " Ma questo rende(va) la vita facile agli attaccanti " Il meccanismo delle shadow password memorizza le password in un file separato /etc/shadow, leggibile solo a root! Esempio di /etc/passwd con shadow password mezzina:x:501:501:leonardo Mezzina:/home/mezzina:/bin/bash trotter:x:502:503:guido Trotter:/home/trotter:/bin/bash hughes:x:503:504:dino Hughes:/home/hughes:/bin/bash acerbett:x:504:505:stefano Acerbetti:/home/acerbett:/bin/bash Password-based authentication Consigli per gli amministratori di sistemi! Always set passwords explicitly and never leave default values! Educare gli utenti sull'importanza di utilizzare password non deboli! Eseguire periodicamente programmi di cracking per verificare la sicurezza delle password attuali! Require remote users to use one-shot passwords or other secure techniques (disable telnet, ftp) 11 12
Password-based authentication Consigli per gli amministratori di sistemi Login spoofing! Implementare meccanismi per evitare che password banali siano utilizzate " Impose a minimum length (at least 8 characters) " Require mixed format (at least some non-alpha characters) " Reject passwords that can be obtained from simple transformations of common words (dictionary)! Use password aging (must be used within reason)! L'attaccante scrive un programma (testuale o grafico) che presenta una finta schermata di login! Attende che la vittima inserisca login/password! Memorizza o spedisce la coppia login/password! Visualizza un messaggio di Login incorrect! Fa partire il vero programma di login per esempio terminando la shell attuale! La vittima crede di aver digitato male la password, questa volta entrando senza problemi nel sistema 13 14 Login spoofing Login spoofing! Example #!/bin/csh -f # Only for demonstration (C) Bob Toxen cat /etc/issue echo -n "hostname login: " set x="$<" stty -echo echo -n "Password: " set y="$<" echo $x "," $y >> captured.dat stty -echo echo "" echo Login incorrect echo "" exit Welcome to XYZ Linux K.L (i586) Kernel A.B.CD (tty1) hostname login: franchi Password: Login incorrect Welcome to XYZ Linux K.L (i586) Kernel A.B.CD (tty1) hostname login: 15 16
Login spoofing Login spoofing! /etc/issue " Deve essere più esplicito... " Non deve contenere informazioni sul sistema (tipo di s.o., versione, etc.)!! Esempio [ (C) Bob Toxen ] This is a private computer system. Unauthorized access is prohibited. Information here is proprietary and confidential. Your identifying information and actions are being logged. Violators will be prosecuted and defended against to the maximum extend of the law. This message is displayed only at the start of the login sequence. If you see this message after attempting to login and receiving "Login incorrect" you may have been the victim of a "login simulator" which has stolen your password. If this happens then notify your system administrator by the fastest possible means! Joe's pager number is 800-999-9999.! Windows " Permette il login tramite la sequenza Ctrl-Alt-Del " La schermata iniziale di Windows XP con la lista degli utenti non dovrebbe essere utilizzata " Notion of trusted path from the keyboard to the operating system kernel " The sequence Ctrl-Alt-Del establishes this path " How can I be sure that indeed Windows running on my macine? " Reboot " How can I be sure that the image of the operating system on disk is indeed Windows? " Reinstall from CD 17 18 Login spoofing Phishing General defenses against login spoofing based on mutual authentication:! The user authenticates himself to the host! The host authenticates itself to the user! Based on cryptographic techniques such as digital signatures and certificates! Modern incarnation of login spoofing! Phishers attempt to fraudulently acquire sensitive information such as passwords and credit card details by masquerading as a trustworthy person or business! Typically carried out using email or instant messaging, but phone contact has been used as well 19 20
Phishing Phishing 21 22 Keyloggers Keyloggers! Keyloggers are usually designed as spyware and come in the form of a Trojan horse, can record your passwords, can detect when you type digits checking to see if it s a credit card, bank accounts or information you consider private and personal. Spyware keyloggers are also used to track your surfing habits 23 24
Keylogger Defenses Packet sniffing! Spyware detection/removal programs! Firewall for blocking outgoing network traffic! Mobile virtual keyboards! Packet sniffing " un packet sniffer è un software che analizza il traffico di rete su cui il host è collegato " cerca di individuare pacchetti contenenti coppie login/password spediti in chiaro da meccanismi di comunicazione come telnet, rlogin e ftp " memorizza le coppie login/password per uso futuro 25 26 Packet sniffing Challenge-Response Identification! General defenses are generally based on cryptographic techniques for obfuscating passwords:! Require that the password is never sent in the clear over the network " Challenge-response schemes based on symmetric/asymmetric cryptography " Challenge can be implicit (such as real time)! Require that a given password can be used only once " One-time password schemes such as SKEY General scheme:! U declares his intention to access the host! Host selects a challenge and sends it to U! U computes a response to the challenge and sends it to the host! Host compares the response received from U with that corresponding to the challenge it sent! If they match, access granted, otherwise no 27 28
Challenge-Response using symmetric cryptography Challenge-Response using asymmetric cryptography! U and host share a secret key K (password)! U declares his intention to access the host! Host generates a random string chal and sends it to U! U computes resp=c K (chal) and sends it to the host! Host compares chal with D K (resp)! If they match, access granted, otherwise no! Since only U (and host) knows K, identification is assured! Host keeps file of every user s public key! U declares his intention to access the host! Host generates a random string chal and sends it to U! U signs the challenge and sends it to host: resp=s K (chal)! Host verifies the response: V K (resp)! If the result is chal, access granted, otherwise no! Property of digital signatures assures identification 29 30 Alcune osservazioni Password Usa-e-getta con one-way hash function (SKEY)! U selects a random number R! Il sistema non deve memorizzare le password ma deve solo memorizzare le chiavi pubbliche! E possibile invertire cifratura e decifratura perché RSA è commutativo! Ottiene identificazione dell utente verso host ma non vice versa (no mutual identification)! SSL è un meccanismo di identificazione più sofisticato! Host computes x 1 = f(r), x 2 = f(x 1 ), x 3 = f(x 2 ),...! U takes with him x 1,...,x 100 the host keeps (in the clear) x 101! To access host, U sends his name and x 100! Host computes f(x 100 ) and compares with value stored for that user (x 101 )! If they match, access granted, otherwise no! U crosses off x 100 from his list, host replaces x 101 with x 100 31 32
Password Usa-e-getta in pratica One-time password generators! Dal sito UniCredit Banca SpA Password Card.! Can be packaged as a security token that generate a new password every fixed time interval (minute)! Based on implicit challenge (real time) E' la tessera, delle dimensioni di una carta di credito, contenente 40 password (codici numerici) monouso necessarie per confermare le sue operazioni. Una volta immessa la password, l'operazione è autorizzata e la password in questione è automaticamente eliminata dal sistema (sono password "usa e getta"). La Password Card contiene 40 codici: prima che si esauriscano, sarà cura della Banca inviare una nuova Card, valida solo dopo l'esaurimento della precedente. UniCredit Pass. 33 34 User Authentication based on something you have! Physical object such as Bancomat, SIM or smart card! Usually augmented with a PIN (something you know) to guard against loss or theft! Typically require hardware support for use! Can be packaged as a cryptographic calculator User Authentication based on something you do! Certain human actions can serve to uniquely identify them " Inter key-stroke delays when typing on a keyboard " Velocity, acceleration, pressure of pen when writing 35 36
User Authentication based on something you are Biometrics! Biometrics " Finger print " Voice print " Retinal patterns " Facial features (distance between eyes, shape of lips, nose, leftright symmetry, etc.)! Typically require hardware support to acquire! Chosen biometric should minimize both false negatives and false positives Desirable properties for a chosen biometric:! Universality: Every person must posses them! Uniqueness: Two different persons must not have the same characteristics! Permanence: Characteristic should not be alterable or change over time! Acquirability: Characteristic easy to acquire and quantify 37 38 User Authentication based on where you are Non-textual Passwords! Limit root access to system console (no remote)! Your access to a certain trusted host or certain trusted network may be sufficient to grant access to another host without further evidence! Older versions of Unix implemented this idea through.rhosts and /etc/hosts.equiv files and the collection of r commands: rlogin, rsh, rcp, rwho! Today considered to be highly insecure due to attacks based on IP spoofing! Can use GPS or GSM cell data! Rather than a sequence of characters, a password can be sequence of coordinates in a cartesian plane (x 1,y 1 )(x 2,y 2 )...(x 10,y 10 )! Difficult to remember and enter in numerical format! Can benefit from graphical assistance 39 40
Non-textual Passwords 6 1 3 8 5 4 2 7 41