Authentication June 24/2003

Overview Terminology Local Passwords Early Password Services Kerberos Basics Tickets Ticket Acquisition Kerberos Authentication LDAP

Overview Active Directory (AD) Apache Cookies Pubcookie PAM U of A Activities

Terminology Authentication –The identification of a user to a service or resource. Authorization –The determination of what a user is entitled to do. –Access privileges. Single Signon –Use of a single user ID and password to authenticate a user to all services. –Minimization of need to repeatedly re-enter password.

Local Passwords One-way hash function converts password to key. –Password can not be determined from key. –Hash functions can differ between OS types. Keys stored in local password file. –Key computed from password compared to stored key. Problems: –Early password (key) files publicly readable. –Password files need to be replicated between systems for common passwords across systems.

Early Password Services YP/NIS/NIS+ –Replaces local password database with remote database. –Local machine obtains password entry from server on remote machine. Compares key obtained in same way as locally-stored key. –Allows for both locally and remotely stored keys. –Password entries visible over network. –Primarily Unix-only.

Early Password Services Window NT primary domain controller (PDC). –Password sent to PDC for validation. –Uses SMB protocol. –Passwords were initially sent clear-text. –Newer version sends hash value (key). Hash value visible over network. Can be re-used to authenticate. –Primarily Windows-only. Also implemented in SAMBA freeware product.

Kerberos Basics Designed to allow users to authenticate over an open network. –Network is assumed to be hostile. User and service keys stored on trusted server. –Key Distribution Center (KDC). –Each key known only to KDC and owning user/service. –User keys derived from password using non-reversible hash function. All encryption performed using DES.

Kerberos Basics Realm: –Autonomous administration unit. –Establishes unique KDC. –Name usually mirrors Internet domain name. Principal: –Unique name assigned to each user or service. –General form: Form for user Identity proven using ticket.

Tickets Ticket identifies a user to a service. Ticket consists of identifier and authenticator. –Identifier establishes user’s identity. Encrypted with key of desired service. –Authenticator verifies that principal and sender match. Contains time stamp. –Both parts contain user’s principal. –Both parts contain (the same) random session key. Used for DES-encrypted communication between client/server. Ticket valid only for a specified time period.

Ticket Acquisition Client requests ticket from KDC. –User and service are identified in request. KDC sends ticket to client. –KDC generates random session key. –KDC generates identifier. KDC encrypts identifier with service’s key. –KDC generates authenticator. KDC encrypts authenticator with user’s key. –KDC sends encrypted identifier and authenticator.

Ticket Acquisition Client generates user’s key from password. Client decrypts authenticator. –Successful decryption indicates valid password. Time stamp in authenticator must match current time on client machine (within a small tolerance level). Principal in authenticator must match desired user principal. –Client now has user identifier. Client machine can not ( necessarily) decode the identifier. –Client has random session key from authenticator. Client erases user key and password.

Kerberos Authentication Password Validation. –System uses Kerberos to validate a user password. –Client obtains ticket for user. Service immaterial, usually ticket granting service (TGS). If authenticator successfully decrypted, password valid. System erases ticket and session key. –Client verifies KDC (optional). Client obtains initial ticket for service with secret key. –Principal: If authenticator successfully decrypted, KDC is proper one.

Kerberos Authentication Ticket Passing. –Client obtains service ticket for user. –Client decrypts authenticator. Gets random session key. –Client constructs new authenticator. Encrypts authenticator with random session key. –Client sends new ticket to desired server. –Server decrypts identifier with its own service key. Gets random session key. –Server decrypts authenticator with random key.

Kerberos Authentication System Requirements: –Time synchronized on client, server and KDC. –Kerberos software (libraries and utilities). MIT: Heimdal: –Kerberos-aware applications. Observation: –KDC unaware of authentication result. KDC can not track authentication statistics.

Kerberos Authentication Benefits: –Password or user key never leave client machine! Single exception when changing password. –Password encrypted with random key in this case. –Software available for virtually all OS types. Many systems now come with built-in Kerberos 5. –Solaris, Linux, OpenBSD, MacOS X, Windows Disadvantages: –Applications must often be modified to use Kerberos.

Kerberos Authentication Perl Interface: Authen::Krb5::Simple –Provides Kerberos authentication to Perl script. –Easy to use. –Requires Kerberos 5 C library and headers. Works with MIT or Heimdal. –ftp://ftp.cpan.org/pub/CPAN/modules/by- module/Authen/Authen-Krb5-Simple-0.31.tar.gz –Sample script:

Kerberos Authentication Introductory Reading: –B. Tung. A Moron’s Guide To Kerberos, Version –B. Bryant. Designing An Authentication System: A Dialogue In Four Scenes ftp://athena-dist.mit.edu/pub/kerberos/doc/dialogue.PS

LDAP Directory lookup protocol. Directory data stored in database on server. –Generally holds data about people or resources. Data structured as tree. –Each node has label and value. Distinguished name (DN): –Full path of entry in directory. –Consists of labels and values of all nodes to entry. –DN: uid=,ou=people,dc=ualberta,dc=ca

LDAP Data can be public or private. Authentication: –Password can be associated with node. –Client opens connection to LDAP server. Connection unencrypted or encrypted using SSL. –Client binds as anonymous or as specified DN. Password not needed for anonymous bind. Password passed as part of bind request. Password sent compared to local copy on server. Successful bind indicates correct password. Bind-based authentication.

LDAP OpenLDAP server allows use of Kerberos KDC. –Server password entry replaced with calls to KDC. Operates in Kerberos password validation mode.

LDAP Perl Interface: Net::LDAPS –Provides LDAP functionality to Perl script. Includes LDAP authentication. –Requires other Perl modules. See README file. – tar.gz –Sample script: Does NOT verify SSL certificate. –SSL certificate must be verified in production use.

Active Directory (AD) Combination of DNS, LDAP, and Kerberos. –Authentication performed using Kerberos 5. Inter-operates with MIT Kerberos. –MIT clients can authenticate seamlessly to AD server. –AD clients can authenticate to MIT server. Requires some configuration. Windows client machines require special host key. –Principal: –User authenticates to MIT realm. Client machine uses MIT ticket for resource access.

Active Directory (AD) AD forest can inter-operate with MIT KDC. –AD domain controllers require trust relationship with MIT KDC. AD must trust MIT KDC. MIT KDC need not trust AD.. –Requires special key. Principal: –Requires patch to MIT Kerberos server. –User authenticates to MIT realm. AD uses resulting MIT ticket to provide access to resources.

Apache Web pages can be public or private. Client opens connection to web server. –Connection unencrypted or encrypted using SSL. Basic authentication: –Web server queries client for user ID and password. –Checks password against local password database. htpasswd

Apache Mod_auth_kerb. –Replaces local password check with calls to Kerberos. –Operates in password validation mode. –

Cookies Used to retain state in web environment –HTTP protocol is stateless. –Cookie keeps user-specific information between calls to web server. Identifies user to web server. –Web server sends cookie to client browser. Transfer is transparent to user. –Web server retrieves cookie on subsequent calls. May update contents on each call.

Cookies Many security/privacy issues associated with use. –Severity dependent on each specific web server.

Pubcookie Standalone logon server. –Interface between web server and authentication methods. Interfaces with Kerberos, LDAP, NIS. –Returns cookie containing identity of user. Component modules for Apache and IIS servers. –Replaces other authentication modules. Client browsers require no change.

Pubcookie Operation: –Client browser contacts web server. –Server checks for authentication cookie. If found, web server passes back requested data. Request complete. –Server redirects browser to logon server. Redirect requests contains original URL in cookie. –Login server prompts for user ID/password. –Logon server validates ID and password. –Logon server generates authentication cookie.

Pubcookie –Logon server redirects browser back to original URL. Redirect includes authentication cookie. Also includes cookie for future use by logon server. –Eliminates need to re-enter user ID/password repeatedly. –Web server will now send requested data. Authentication cookies have fixed lifetime. Single signon implementation for web services. –Same authentication cookie works for all web servers using pubcookie.

PAM Pluggable authentication module. Designed by SUN. –Supported by SUN, Linux, HP. Generic API between application and authentication method. –Client performs authentication by calling API routines. –Authentication methods implemented as dynamically loadable modules. –Configuration file determines modules to be used for given application.

PAM Benefits: –Application need only support generic API. –New authentication methods added as modules. Configuration file change implements new method for application. Minimizes support requirements. –More than one method can be used by application. Configuration file determines order attempted.

PAM Disadvantages: –No support for AIX, BSD. –Unix-only. –SUN and Linux APIs differ slightly. Web sites: –SUN: –Linux:

U of A Activities Objectives: –Minimize number of IDs/passwords for any user. –Cover all services/platforms. –Secure Authentication. No clear-text. Kerberos 5 primary authentication method. –60,000+ users. –2 servers: krb5-1.srv.ualberta.ca and krb5-2.srv.ualberta.ca –Preferred protocol for client authentication.

U of A Activities SAMBA provides Windows NT authentication. –samba.srv.ualberta.ca –SAMBA password database synchronized real-time with Kerberos. OpenLDAP provides LDAP authentication. –ldapauth.srv.ualberta.ca –LDAP authentication translated to Kerberos calls. No passwords or keys on LDAP server. –Only LDAPS protocol supported.

U of A Activities Active Directory. –Windows 2000/XP standalone clients can authenticate using MIT KDC servers. Web-based configuration instructions in final stages. Web-based tool for obtaining required host key near completion. –Initial attempt at root AD server begun. Some success at using MIT KDC servers in AD forest. Needs more work. Web-based tool for obtaining required trust key near completion.

U of A Activities Pubcookie. –Logon server being tested. Password changes only permitted via web page. –HTTPS access, only. –Forces use of good passwords. –Keeps Kerberos and Samba servers synchronized.