Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 3:58 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 31 posts ]  Go to page 1, 2, 3, 4  Next
Author Message
PostPosted: Tue Aug 05, 2008 4:15 am 
Offline
User avatar

Joined: Mon Jun 23, 2008 1:19 am
Posts: 12
Just letting you guys know that I've finally pushed out my first release of a PAM module that supports offline authentication of the Yubikey.

A summary of the current features are:
    1. Multi-user authentication - database backend stores, obfuscated, yubikey information per user
    2. Simple heuristic checking - detects likely replays of OTPs
    3. Simple database management add/delete Yubikey entries.
    4. It's Open Source

Head on over to http://www.securixlive.com for more information (well given a first release there isn't exactly a great deal of it).

We're always open to ideas, improvements, support and more.

_________________
http://www.securixlive.com/yubipam


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

PostPosted: Wed Aug 13, 2008 1:51 pm 
Offline

Joined: Fri Aug 01, 2008 12:17 pm
Posts: 1
Took a quick browse through the source code today.

Any reason you don't use the OpenSSL AES implementation but roll your own? And how do you store the AES keys of the Yubikeys on disk? Are they encrypted or masked in any way?

Asgeir


Top
 Profile  
Reply with quote  
PostPosted: Fri Aug 15, 2008 12:33 am 
Offline
User avatar

Joined: Mon Jun 23, 2008 1:19 am
Posts: 12
The reason for rolling our own is simply because we could, it also keeps the coding skills fresh. Once side potentially beneficial side effect is that it does remove the dependency for OpenSSL. However that being said as the code base increases, it will most likely be the first to go :)

The AES keys are obfuscated through additional encryption. The database entry structure has two components
    1. a hash for the username, a hash for the Public UID (ie. fixed) portion of the Yubikey, a hash for second factor password (not yet implemented but still catered for)
    2. an encrypted substructure including
      a.the AES key
      b. a hash of the Private UID
      c variables to store the last seen counters and timestamps

The key is formed from a SHA256 hash from concatenation of the public UID, second factor password and the username, which is used to AES CBC encrypt the structure. Obviously we didn't want to be storing the Yubikey AES keys in the clear and this was the strongest and simplest method we came up with. It is not unbreakable but is highly improbably given that you will have to reverse all the lookup hashes in order to decrypt the substructure containing the AES key.

Hopefully that makes sense. Let me know if you need more information. Later releases will include some more detailed documentation on the database structure.

Alternatively if you see any glaring holes in this method I am very keen to know and fix ;)

_________________
http://www.securixlive.com/yubipam


Top
 Profile  
Reply with quote  
PostPosted: Sat Aug 16, 2008 11:02 pm 
Offline

Joined: Fri Jun 20, 2008 2:59 am
Posts: 84
I can't think of any (reasonable) better way to secure the secrets than what you have done, given the restriction that you must have the authenticator on the same box.

I like the use of a hash for lookups, leaving the clear text public ID as part of the key used to decrypt the AES secret. Strictly speaking it's not any better than requiring a strong "pin" (aka a manually entered second factor password) that is used to protect the secret. But it's an elegant way to retain most of that security without requiring a super-long pin.

I think the only way to do better given the constraints of this hardware scheme, would be to move authentication back "online" to some machine on the LAN that's more trusted than the workstation requesting the logon.

I thought it would be spiffy to protect a yubikey database by using the onboard TPM. But *gak*, the amount of effort needed to ensure the system boots all the way through in a trusted state makes that a show stopper. I'm on the windows side of the fence, and I may eventually do that on Vista, but it's not worth it at the moment, since most users would demand XP support too.


Top
 Profile  
Reply with quote  
PostPosted: Tue Aug 19, 2008 3:07 pm 
Offline
Site Admin
Site Admin

Joined: Tue May 06, 2008 7:22 pm
Posts: 151
firnsy wrote:
Just letting you guys know that I've finally pushed out my first release of a PAM module that supports offline authentication of the Yubikey.

A summary of the current features are:
    1. Multi-user authentication - database backend stores, obfuscated, yubikey information per user
    2. Simple heuristic checking - detects likely replays of OTPs
    3. Simple database management add/delete Yubikey entries.
    4. It's Open Source

Head on over to http://www.securixlive.com for more information (well given a first release there isn't exactly a great deal of it).

We're always open to ideas, improvements, support and more.


Really cool!

What do you think about merging your work into my pam_yubico? I'd like to see a group of people work on improving it, and I think there could a pam_yubico module that supports both online and offline validation.

Thanks,
/Simon


Top
 Profile  
Reply with quote  
PostPosted: Tue Aug 19, 2008 3:10 pm 
Offline
Site Admin
Site Admin

Joined: Tue May 06, 2008 7:22 pm
Posts: 151
asgeirn wrote:
Any reason you don't use the OpenSSL AES implementation but roll your own? And how do you store the AES keys of the Yubikeys on disk? Are they encrypted or masked in any way?


Let me strongly recommend that you don't use OpenSSL: its license is incompatible with the GPL. Thus, the pam_yubico module licensed under the GPL (like this pam module appears to be) couldn't be distributed by Debian for example. There is libgcrypt which is a LGPL library for crypto.

Also consider using the Yubico C library that also contains AES decryption and OTP parsing: http://code.google.com/p/yubico-c-client/

/Simon


Top
 Profile  
Reply with quote  
PostPosted: Mon Aug 25, 2008 12:51 pm 
Offline

Joined: Mon Aug 25, 2008 9:46 am
Posts: 9
I received my AES key details from Yubico support as 3 tokens: tokenId_modhex, tokenId_b64, secret. Could you please tell me how to invoke ykpasswd using those parameters?

Cheers,
Klaus

--
Unselfish actions pay back better


Top
 Profile  
Reply with quote  
PostPosted: Fri Aug 29, 2008 7:44 am 
Offline
User avatar

Joined: Mon Jun 23, 2008 1:19 am
Posts: 12
Klaus,

Sorry for the tardy reply but you can input either hex or modhex when it prompts for hex. This saves you having to decode the tokenId_modhex for yourself :)

Alternatively you can pass it straight through on the command line using:

Code:
# ykpasswd -k secret


Feel free to PM or email me if you have any further questions.

_________________
http://www.securixlive.com/yubipam


Last edited by firnsy on Mon Sep 08, 2008 4:32 am, edited 1 time in total.

Top
 Profile  
Reply with quote  
PostPosted: Sun Aug 31, 2008 11:52 am 
Offline

Joined: Mon Aug 25, 2008 9:46 am
Posts: 9
firnsy wrote:
Alternatively you can pass it straight through on the command line using:

Code:
# ykpasswd -k tokenId_modhex


Feel free to PM or email me if you have any further questions.

What I really can't fathom is what parameters to pass as public uid and private uid. In the example you gave me you pass what I see as the public id as the AES key, whereas I would ring in the secret as the AES key.

Again: I was given 3 parameters from Yubico: tokenId_modhex (which is my 12 char public id in modhex), tokenId_b64 (which is my public id in base64), and secret (which I guess is the AES key).

Now, how do I invoke ykpasswd in order to add my yubikey to /etc/yubikey, please?

Cheers,
Klaus


Top
 Profile  
Reply with quote  
PostPosted: Tue Sep 02, 2008 10:07 am 
Offline
Site Admin
Site Admin

Joined: Tue May 06, 2008 7:22 pm
Posts: 151
I have added a link to your project on our main web, see:

http://yubico.com/developers/library/

Note sure why it took me so long to add this, sorry for the delay!

I still look forward to merging our two PAM modules though: I think one PAM module should be able to feature both disconnected and online capabilities.

Thanks,
Simon


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 31 posts ]  Go to page 1, 2, 3, 4  Next

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group