Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 12:16 pm

All times are UTC + 1 hour




Post new topic Reply to topic  [ 1 post ] 
Author Message
PostPosted: Wed Dec 04, 2013 5:59 pm 
Offline

Joined: Thu Apr 18, 2013 8:24 pm
Posts: 8
Project name: Challenge-Response PAM module using PC/SC
License: BSD two-clause (I guess...)
Description: PAM authentication module for Linux(/UNIX?) using HMAC-SHA1 challenge-response over PC/SC (including NFC)
Platforms: UNIX (only tested on Linux at the moment)
Webpage: http://www.average.org/chal-resp-auth/
Tutorial: Not really, but if you know how to set up PAM in general, this one is straightforward.

It is stable for me, but I had no chance to try it on any system but Linux.

I wanted a PAM module to login to my desktop/notebook machines that works without Internet connectivity, is more secure than a static password, and works over NFC. Yubico published an open source PAM module that has challenge-response mode of operation. I am not satisfied with it for two reasons: (1) it only works over USB, and (2) it uses stored expected response, pre-fetched from the token on previous interaction.

One can argue that the second reason is an advantage, because you do not need to keep the shared secret on the host. But on the other hand, if we want to use NFC, expected response for the next login session has to be transferred over the air in cleartext on the previous interaction. Adversary can eavesdrop and use it for replay attack.

My initial plan regarding NFC was to modify libykcore such that it could talk to the token over pcsclite API in addition to directly via USB HID. But it turned out that the library API is too tightly coupled with the underlying HID protocol, and substituting PC/SC protocol without changing the API would be too clumsy, if at all possible. On the other hand, if you have pcsclite up and running, you can communicate with the Neo over USB or over NFC without noticing any difference (well, almost). So I decided that my PAM module will talk directly to pcsclite, and not rely on any Yubico's libraries.

Shared secret needs to be loaded into the key with ykpersonalize, and into the file on the host with 'pam_cr_setup' command which is the part of this project. This secret is kept encrypted by the key which is the HMAC response, and is only present in the RAM in cleartext for a short time during authentication. Right now the protocol and crytpgraphic parts are faily complete (it can use either of openssl, gnutls or tomcrypto libraies for the crypto work). The PAM module itself "barely works" and needs more love.

My short-term plan is to bring the code to "production quality" and try to give it some exposure.
Tentative long-term plan, or, rather, personal wishlist is to (1) make lightdm login automatically when the token is placed on the NFC reader or plugged into a USB slot, and (2) support neard as an alternative to pcsclite.

I would appreciate suggestions and criticisms, especially about the crypto-engineering part of the project. I am not a crypto expert, and know that stance "don't do it", but I just had to for the reasons explained above.

Eugene Crosser <crosser@average.org>


Top
 Profile  
Reply with quote  

Share On:

Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 1 post ] 

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group