Operating Systems Security: User Authentication

Transcription

1 Operating Systems Security: User Authentication Ozalp Babaoglu ALMA MATER STUDIORUM UNIVERSITA DI BOLOGNA

2 The Internet Dog Babaoglu Sicurezza 2

3 Introduction When you first make contact with a computer service (login, , web access, etc.) you need to identify yourself and then authenticate this identity to prove who you claim to be Authentication is the basis for performing Authorization Authentication of human principles rather different from authentication of messages or machines Humans are not good at remembering or at computing Babaoglu Sicurezza 3

4 User Authentication Authenticating humans can be based on 1. Something you know (password, PIN) 2. Something you have (token) 3. Something you do 4. Something you are (biometrics) 5. Where you are Options 2, 3 and 4 usually require special hardware support Option 1 is by far the most common Babaoglu Sicurezza 4

5 Password-based authentication Leaves no trace of security breaches Impossible to prove your innocence if someone misuses your account Possibilità che la password venga indovinata Scarsa cultura della sicurezza Password banali Post-it con la password attaccata allo schermo Possibilità che la password venga carpita un intruso può sbirciare chi sta digitando la password login spoofing sniffing di rete Possibility of on-line or off-line attacks Babaoglu Sicurezza 5

6 Password-based authentication An attacker can always try to guess a password Let P be the probability of successfully guessing a password during T units of time Let G be the guess rate (guesses per unit of time) and N be the password space P ( G T ) / N General strategies for reducing P: ReduceT limit validity of passwords Increase N enforce long, complex passwords Reduce G Babaoglu Sicurezza 6

7 Password-based authentication On-line attack: the system itself is used to verify the correctness of guesses Unavoidable Defenses: Slow down rate of guesses (decreases G) Limit number of incorrect attempts (3 wrong PINs, the phone blocks, Bancomat eats your card) Report date/time/location of last successful login at the next login Babaoglu Sicurezza 7

8 Password-based authentication Off-line attacks: verify the correctness of password guesses on a system different from the one being targeted Based on pre-constructed lists of potential passwords Need access to passwords in some stored form Babaoglu Sicurezza 8

9 Password-based authentication How to save passwords as clear text in a file protected by the operating system s access control mechanisms subject to abuse by privileged users, administrators Password encryption based on a one-way hash function f() the password file contains fingerprints of the passwords and not the clear text at login, compute the fingerprint of the password supplied by the user and compare it to the value stored in the file Password file in Unix/Linux: /etc/passwd Babaoglu Sicurezza 9

10 Dictionary Attack Obtain a copy of the file containing encrypted passwords Obtain file containing lists of common words (dictionary) For each word w in the dictionary, compute its hash value using f(w) and compare it to the encrypted passwords in the password file All matching entries correspond to users who have set their password to w Can be much more sophisticated by transforming w in common ways (backwards, 2-letter permutations, etc.) Can be mechanized through easily-available programs such as crack Babaoglu Sicurezza 10

11 Dictionary Attack List of common words Achille Adriano Africa Afrodite Agnese Agrigento Alberto Aldo Alessandro Alessio Ambrogio America Amilcare Anastasia Ancona Andrea Anna Annibale Anselmo Antonino Antonio Aosta... Password file root:ikgjioe9043jb:0:0:... rossi:wsfl4i4gjio:500:500:... bianchi:sdiweo38d:501:501:... franchi:bwjk2lks4df:502:502:... neri:osdtrkl9dfb:503:503:... orsi:gi5ikwsdvo:504:504:... tamburini:lkqweoibve4s:505:505:... gallo:osdtrkl9dfb:506:506:... f(anna) = osdtrkl9dfb Babaoglu Sicurezza 11

12 Dictionary Attack Defenses: Artificially slow down the performance of the one-way hash function (Unix applies DES 25 times to a all-zero block with the password as the key) Limit access to the password file through OS Shadow passwords: separate encrypted passwords from all the other information contained in the password file (real name of user, office location, telephone number, etc.) Salting of passwords to prevent global attacks Babaoglu Sicurezza 12

13 Salting Before encrypting (hashing) a password, some random data are added to the string being encrypted The same password has different encrypted forms Salting of passwords prevents global attacks exploiting the fact that many users use the same password on multiple sites (systems) In Unix, the salt (12 bits long) is used to slightly change the DES internal function (E-Box) and stored as 2- characters string in the password file Babaoglu Sicurezza 13

14 (Lack of) Salting (June 2012) LinkedIn and eharmony don't take the security of their members seriously: both companies' disastrous password breaches of the past two days, which exposed an estimated 8 million passwords. LinkedIn and eharmony encrypted, or "hashed," the passwords of registered users, but neither salted the hashes with extra data that would have made them much more difficult to decrypt. Without salting, it's very easy to crack password hashes by running through lists of common passwords and using dictionary words Babaoglu Sicurezza 14

15 (Lack of) Salting Why you should always salt your password hashes? It's very difficult to reverse a hash, such as by running "5baa61e4c9b93f3f b6cf8331b7ee68fd8" through some sort of formula to produce "password." But no one needs to. If you know that "password" will always result in the SHA-1 hash "5baa61e4c9b93f3f b6cf8331b7ee68fd8," all you have to do is look for the latter in a list of password hashes to know that "password" is there. Babaoglu Sicurezza 15

16 Shadow Passwords Shadow password file Il file /etc/passwd è leggibile a tutti perché contiene informazioni che vanno al di là della password Ma questo rende(va) la vita facile agli attaccanti Il meccanismo delle shadow password memorizza le password in un file separato /etc/shadow, leggibile solo a root Esempio di /etc/passwd con shadow password mezzina:x:501:501:leonardo Mezzina:/home/mezzina:/bin/bash trotter:x:502:503:guido Trotter:/home/trotter:/bin/bash hughes:x:503:504:dino Hughes:/home/hughes:/bin/bash acerbett:x:504:505:stefano Acerbetti:/home/acerbett:/bin/bash Babaoglu Sicurezza 16

17 Password-based authentication Consigli per gli amministratori di sistemi Always set passwords explicitly and never leave default values Educare gli utenti sull'importanza di utilizzare password non deboli Eseguire periodicamente programmi di cracking per verificare la sicurezza delle password attuali Require remote users to use one-shot passwords or other secure techniques (disable telnet, ftp) Babaoglu Sicurezza 17

18 Password-based authentication Consigli per gli amministratori di sistemi Implementare meccanismi per evitare che password banali siano utilizzate Impose a minimum length (at least 8 characters) Require mixed format (at least some non-alpha characters) Reject passwords that can be obtained from simple transformations of common words (dictionary) Use password aging (must be used within reason) Babaoglu Sicurezza 18

19 Password-based authentication Consigli per gli amministratori di sistemi Babaoglu Sicurezza 19

20 Login spoofing L'attaccante scrive un programma (testuale o grafico) che presenta una finta schermata di login Attende che la vittima inserisca login/password Memorizza o spedisce la coppia login/password Visualizza un messaggio di Login incorrect Fa partire il vero programma di login per esempio terminando la shell attuale La vittima crede di aver digitato male la password, questa volta entrando senza problemi nel sistema Babaoglu Sicurezza 20

21 Login spoofing Windows Permette il login tramite la sequenza Ctrl-Alt-Del La schermata iniziale di Windows XP con la lista degli utenti non dovrebbe essere utilizzata Notion of trusted path from the keyboard to the operating system kernel The sequence Ctrl-Alt-Del establishes this path How can I be sure that indeed Windows running on my machine? Reboot How can I be sure that the image of the operating system on disk is indeed Windows? Reinstall from CD Babaoglu Sicurezza 21

22 Login spoofing General defenses against login spoofing based on mutual authentication: The user authenticates himself to the host The host authenticates itself to the user Based on cryptographic techniques such as digital signatures and certificates Babaoglu Sicurezza 22

23 Phishing Modern incarnation of login spoofing Phishers attempt to fraudulently acquire sensitive information such as passwords and credit card details by masquerading as a trustworthy person or business Typically carried out using or instant messaging, but phone contact has been used as well Social engineering Babaoglu Sicurezza 23

24 Phishing Babaoglu Sicurezza 24

25 Spear-Phishing Phishing attack targeted to specific individuals Babaoglu Sicurezza 25

26 Phishing Babaoglu Sicurezza 26

27 Keyloggers Keyloggers are usually designed as spyware and come in the form of a Trojan horse, can record your passwords, can detect when you type digits checking to see if it s a credit card, bank accounts or information you consider private and personal Spyware Keyloggers are also used to track your surfing habits Keyloggers are usually software but hardware versions also exist Babaoglu Sicurezza 27

28 Keyloggers Babaoglu Sicurezza 28

29 Keylogger Defenses Spyware detection/removal programs Firewall for blocking outgoing network traffic Virtual keyboards Babaoglu Sicurezza 29

30 Packet sniffing Packet sniffing un packet sniffer è un software che analizza il traffico di rete su cui il host è collegato cerca di individuare pacchetti contenenti coppie login/password spediti in chiaro da meccanismi di comunicazione come telnet, rlogin e ftp memorizza le coppie login/password per uso futuro Babaoglu Sicurezza 30

31 Packet sniffing General defenses are generally based on cryptographic techniques for obfuscating passwords: Require that the password is never sent in the clear over the network Challenge-response schemes based on symmetric/asymmetric cryptography Challenge can be implicit (such as real time) Require that a given password can be used only once One-time password schemes such as SKEY Babaoglu Sicurezza 31

32 User Authentication based on something you are Biometrics Finger print Voice print Retinal patterns Facial features (distance between eyes, shape of lips, nose, leftright symmetry, etc.) Typically require hardware support to acquire Chosen biometric should minimize both false negatives and false positives Babaoglu Sicurezza 32

33 Biometrics Desirable properties for a chosen biometric: Universality: Every person must posses them Uniqueness: Two different persons must not have the same characteristics Permanence: Characteristic should not be alterable or change over time Acquirability: Characteristic easy to acquire and quantify Babaoglu Sicurezza 33

34 Biometrics Touch ID Babaoglu Sicurezza 34

35 Biometrics RFID Tattoos Babaoglu Sicurezza 35

36 Biometrics RFID Tattoos Babaoglu Sicurezza 36

37 User Authentication based on something you do Certain human actions can serve to uniquely identify them Keystrokes authentication: keystroke intervals, pressure, duration, stroke position (where the key is struck) Velocity, acceleration, pressure of pen when writing Babaoglu Sicurezza 37

38 Picture Passwords (Windows 8) Graphical equivalents of passwords Babaoglu Sicurezza 38

39 Picture Passwords (Windows 8) Babaoglu Sicurezza 39

40 Picture Passwords (ios) Babaoglu Sicurezza 40