Re: MUSCLE Linux Login with RSA SmartCards
On Thu, 7 Jun 2001, Carlos Prados wrote: Hi, --- David Corcoran [EMAIL PROTECTED] wrote: Definitely. The interface exported must be a subset of the available functionality or else someone could write a worm which does a Verify Key function incorrectly and blocks cards where services are available. Even worst. If you leave your card with your private PGP key in the reader and the smartcard is accesible to anybody over the net, somebody could connect to it, and write signed messages with your private key, read your private e-mail... You can design your application so that whenever a signature (or decryption) operation is to be performed, a PIN code should be presented, the operation performed, and the authentication state reset. That's how it's done with the French banking applications. The card in itself doesn't reset the authentication state after the operation, but the payment terminals must do it. He only needs your PIN, that he can get by snooping the network, or donig trial and error. Trial and error is not a valid attack, as the card usually disables the code as soon as 3 bad code guesses have been presented. Since you can enhance the PIN length, guessing the PIN in 3 tries is difficult. -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - ``There are basically two types of people. People who accomplish things, and people who claim to have accomplished things. The first group is less crowded.'' Mark Twain *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
On Fri, 8 Jun 2001, Dr S N Henson wrote: Carlos Prados wrote: Again, I would pay more athention to local security. Why is the file /tmp/.pcscrx world writtable? isn't this a security hole? On the subject of security... As may be apparent I've only just got my setup working and I've not examined things in any detail. I did notice a few things which might be cause for concern. Consider a Netscape PKCS#11 module. In this application the connection to the reader may need to be kept open for an extended period of time (typically the whole browser session) and may not be closed cleanly. As we are all painfully aware its not entirely unknown for a browser to crash. For the PKCS#11 part, there's a solution: just use random session numbers, and close all the sessions if you detect at least 3 invalid session numbers... That way, the application can crash, but trying to attach to this previous session and keep the authenticated state would be difficult. -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - A computer is a state machine. Threads are for people who can't program state machines. Alan Cox in a discussion about the threads and the Linux scheduler *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hi Guido, Does Siemens have JavaCards?? If so, could you give-me infos about they?? Thanks a lot. [ ]´s Luciano da Silva Coelho [EMAIL PROTECTED] Sun Certified Programmer for JAVA2 Sun Certified Instructor for JAVA2 Diretor de Tecnologia e-Sec Tecnologia em Segurança de Dados www.esec.com.br - Original Message - From: Treutwein Guido [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, June 08, 2001 8:36 AM Subject: AW: MUSCLE Linux Login with RSA SmartCards -Ursprüngliche Nachricht- Von: Erwann ABALEA [mailto:[EMAIL PROTECTED]] Gesendet am: Freitag, 8. Juni 2001 12:07 An: [EMAIL PROTECTED] Betreff: Re: MUSCLE Linux Login with RSA SmartCards You can design your application so that whenever a signature (or decryption) operation is to be performed, a PIN code should be presented, the operation performed, and the authentication state reset. That's how it's done with the French banking applications. The card in itself doesn't reset the authentication state after the operation, but the payment terminals must do it. Hi, it's possibly interesting, that cards exist, where the access condition expires automatically after the operation is completed. This is how our German Digital Signature Law compliant card works. (No, it isn't a JavaCard.) The advantage is, that you don't have to rely on a good-natured terminal. http://crypto.mchh.siemens.de/produkte/smartcards.asp?lang=eng Guido Treutwein Siemens ICN ISA TNA 21 [EMAIL PROTECTED] *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hi, --- David Corcoran [EMAIL PROTECTED] wrote: Definitely. The interface exported must be a subset of the available functionality or else someone could write a worm which does a Verify Key function incorrectly and blocks cards where services are available. Even worst. If you leave your card with your private PGP key in the reader and the smartcard is accesible to anybody over the net, somebody could connect to it, and write signed messages with your private key, read your private e-mail... He only needs your PIN, that he can get by snooping the network, or donig trial and error. A signature function must be carefully exported and authenticated to so it does not perform signature operations for undesired applications. Currently this is protected by a PIN number so secure PIN transfer is a must. Also, blocking the PIN is a concern IMO the smartcard, like your private key or your login password must be kept private, and only accessible to the local authenticated user. We are supposed to be enthusiasts of smartcards as the best security token to provide security services such as authentication and privacy. So if we are designing a system to authenticate and earn secure access to a remote smartcard, we would en up getting to the paradox that we would need another local smartcard to athenticate to the remote smartcard, Of course this is a madness and doesn't make any sense, as it leads to an infinite loop ;-) Again, I would pay more athention to local security. Why is the file /tmp/.pcscrx world writtable? isn't this a security hole? Dave *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Carlos Prados wrote: Again, I would pay more athention to local security. Why is the file /tmp/.pcscrx world writtable? isn't this a security hole? On the subject of security... As may be apparent I've only just got my setup working and I've not examined things in any detail. I did notice a few things which might be cause for concern. Consider a Netscape PKCS#11 module. In this application the connection to the reader may need to be kept open for an extended period of time (typically the whole browser session) and may not be closed cleanly. As we are all painfully aware its not entirely unknown for a browser to crash. This situation needs to be handled, i.e. a connection can be kept open for a long time with no security issues and if the application using it crashes then the session is cleaned up appopriately. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
On Mon, Jun 04, 2001 at 12:57:20PM -0700, David Corcoran wrote: Hello, You can't use pcsc-lite-0.9.1 for remote use of the resource manager. I wanted to create the core package as local only. I'm working on an RPC like service that sits atop the local service which will export the PC/SC interface . To the apps it will be identical to the older versions that used RPC. I don't think using RPC is a good idea. You use a smartcard to provide security in a unsecure environment. I don't want to send my PIN code in clear over RPC. You need to have authentication, integrity and confidentiality of your networks communications. You could use 'secure RPC' but it will be hard to find implementations of it outside SUN. If you send your PIN code in clear over the network why not just use telnet ? :-( I want a secure channel between my smartcard and the program sending commands to it. -- Ludovic Rousseau [EMAIL PROTECTED] - Gemplus/Information Security Team O ascii ribbon campaign against html |\email and Microsoft attachments. *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
On Wed, 6 Jun 2001, Ludovic Rousseau wrote: On Mon, Jun 04, 2001 at 12:57:20PM -0700, David Corcoran wrote: Hello, You can't use pcsc-lite-0.9.1 for remote use of the resource manager. I wanted to create the core package as local only. I'm working on an RPC like service that sits atop the local service which will export the PC/SC interface . To the apps it will be identical to the older versions that used RPC. I don't think using RPC is a good idea. You use a smartcard to provide security in a unsecure environment. I don't want to send my PIN code in clear over RPC. You need to have authentication, integrity and confidentiality of your networks communications. You could use 'secure RPC' but it will be hard to find implementations of it outside SUN. Or maybe provide some kind of key exchange, and send the PIN code (and all the card commands) hidden in an opaque data blob, simply encrypted. That's surely difficult to design and implement correctly, but I agree with Ludovic, it's not a good idea to transmit everything in clear. If you send your PIN code in clear over the network why not just use telnet ? :-( I want a secure channel between my smartcard and the program sending commands to it. -- Erwann ABALEA [EMAIL PROTECTED] RSA PGP Key ID: 0x2D0EABD5 - Two most common elements in the universe: Hydrogen and Stupidity. *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
For accessing remote computers (which the original query was about) something like ssh or secure telnet using smart card based keys for authentication would be more appropriate. Of course what you really want is for the session to be secure all the way to the card, not just to the terminal. And since you can't use the PIN as an encryption key, you need something like a diffie-hellman exchange. And since the terminal makes a perfect man-in-the-middle, you need to add some more protocol and use something like EKE, SPEKE, or OKE. We did all this and wrote a paper: N. Itoi, T. Fukuzawa, and P. Honeyman, Secure Internet Smartcards, August 2000. Java Card Workshop, Cannes (September 2000). http://www.citi.umich.edu/projects/smartcard/scpapers.html *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hi, I think the PCSC is good enough if it enables access to the local smartcard to local proceses, and verifies that the user has UNIX permission to use the smartcard reader (for instance if /tmp/.pcsctx anc /tmp/.pcscrx are accessibe to the user). For remote authentication, a client/server application would need to implement the client/server dialog for authentication. For instance if a user in Computer A needs to connect via ssh to Computer B, the user is authenticated to Computer A OS and has UNIX priviledges to access to the smartcard reader on Computer A: 1) When the ssh client connects to the ssh server, the ssh server sends some random challenge to the ssh client 2) The ssh client encrypts the challenge with the private key stored in the smartcard and sends the result back to the server. 3) The ssh server that has the public key of the user on his local filesystem, decrypts the data and checks that is the same challenge that was sent to the client. 4) If the verification is OK, then the server has the security that the client is the owner of the smartcard which conveys the private key, and so it has access to the server host. The ssh client and server source code would neeed to be modified, but I guess there is more chance if you want to use improved security. Said this, the Secure Internet Smartcards model looks fine to me, and could be implemented to help client/server applications to use smartcards for authentication. --- Jim Rees [EMAIL PROTECTED] wrote: For accessing remote computers (which the original query was about) something like ssh or secure telnet using smart card based keys for authentication would be more appropriate. Of course what you really want is for the session to be secure all the way to the card, not just to the terminal. And since you can't use the PIN as an encryption key, you need something like a diffie-hellman exchange. And since the terminal makes a perfect man-in-the-middle, you need to add some more protocol and use something like EKE, SPEKE, or OKE. We did all this and wrote a paper: N. Itoi, T. Fukuzawa, and P. Honeyman, Secure Internet Smartcards, August 2000. Java Card Workshop, Cannes (September 2000). http://www.citi.umich.edu/projects/smartcard/scpapers.html *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Definitely. The interface exported must be a subset of the available functionality or else someone could write a worm which does a Verify Key function incorrectly and blocks cards where services are available. A signature function must be carefully exported and authenticated to so it does not perform signature operations for undesired applications. Currently this is protected by a PIN number so secure PIN transfer is a must. Also, blocking the PIN is a concern Dave *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hello, You can't use pcsc-lite-0.9.1 for remote use of the resource manager. I wanted to create the core package as local only. I'm working on an RPC like service that sits atop the local service which will export the PC/SC interface . To the apps it will be identical to the older versions that used RPC. Dave *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hi, You're right, you have to change these two lines that it works properly. The standard file size for the 0x file (CHV) is 39 (0x27). We forgot to add the header while creating the file, so it is 16 bytes too short. It is strange that it worked for our cards. Thanks for your hint! Martin Sägesser Hi, I got 67 00 (wrong length) while running `makecard', when the program tried to do an Update Binary of the EF 0x (CHV1). The message returned by the program was error writing PIN I edited the file cat/makecard.c, line 250, activated the line: check = createFile(0x, 0x0027, BINARYFILE, acl); and deactivated the line: check = createFile(0x, 0x0017, BINARYFILE, acl); to create a larger PIN file, and the program run successfully. I'm ussing Cyberflex Access (ATR: 3B169481100601812F). Is this a problem of my card? Thanks, Carlos. --- Mario Strasser [EMAIL PROTECTED] wrote: Hi, in the context of a project work at the University of Applied Sciences Winterthur in Switzerland we built a package, which alows you to use a RSA smartcard for login. The package contains a pam-modul, the necessary tools to administrate the smartcards and a installation HOWTO. You can download it from http://www.strongsec.com/smartcards/ . The package was built for the Schlumberger Cyberflex and Cryptoflex cards and tested under SuSE Linux 7.1 with a Schlumberger Reflex 62 and a Towitoko Carddrive reader. But it may work with other ISO-7816 compatible smartcards, too. Let us know what you think about, because we intend to upgrade it as part of our diploma work. (Make it usable in a network environment, for example by storing the public keys on a LDAP-Server.) We look forward to hearing from you soon. Best regards. Mario Strasser [EMAIL PROTECTED] Martin Saegesser [EMAIL PROTECTED] *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** E-Mail for everyone! http://www.bluemail.ch/ powered by Bluewin! *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hi, The package looks fine for me. It fails for me with Cyberflex, but it's due to the timeout issue I have asked in the other thread in this mailing list. Just one question: do you intend to hanlde the case where the user logs in from a remote computer via, let's say `telnet` ? Because pam_smartcard will use reader directly connected to the telnet server machine where 'login' is running, and not the telnet client machine. AFAIK, since pcsc-lite 0.9.1 uses local filesystem for inter process comunication, it's no longer possible to use a remote reader, isn't it, David? Thanks. Carlos. --- [EMAIL PROTECTED] wrote: Hi, You're right, you have to change these two lines that it works properly. __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hi, I got 67 00 (wrong length) while running `makecard', when the program tried to do an Update Binary of the EF 0x (CHV1). The message returned by the program was error writing PIN I edited the file cat/makecard.c, line 250, activated the line: check = createFile(0x, 0x0027, BINARYFILE, acl); and deactivated the line: check = createFile(0x, 0x0017, BINARYFILE, acl); to create a larger PIN file, and the program run successfully. I'm ussing Cyberflex Access (ATR: 3B169481100601812F). Is this a problem of my card? Thanks, Carlos. --- Mario Strasser [EMAIL PROTECTED] wrote: Hi, in the context of a project work at the University of Applied Sciences Winterthur in Switzerland we built a package, which alows you to use a RSA smartcard for login. The package contains a pam-modul, the necessary tools to administrate the smartcards and a installation HOWTO. You can download it from http://www.strongsec.com/smartcards/ . The package was built for the Schlumberger Cyberflex and Cryptoflex cards and tested under SuSE Linux 7.1 with a Schlumberger Reflex 62 and a Towitoko Carddrive reader. But it may work with other ISO-7816 compatible smartcards, too. Let us know what you think about, because we intend to upgrade it as part of our diploma work. (Make it usable in a network environment, for example by storing the public keys on a LDAP-Server.) We look forward to hearing from you soon. Best regards. Mario Strasser [EMAIL PROTECTED] Martin Saegesser [EMAIL PROTECTED] *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** __ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail - only $35 a year! http://personal.mail.yahoo.com/ *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hi, You're right, sorry! We did it because - deficiency in documentation - we were not able to change the auth0 of the cryptoflex card. If anyone knows how to do it, please let us know. However, we will change the behaviour of the cleancard and makecard programs. Regards Mario - Original Message - From: David Corcoran [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, June 02, 2001 4:57 AM Subject: Re: MUSCLE Linux Login with RSA SmartCards Hi, This looks great. A couple of notes: the --aut0=aut0 XXX does not seem to work - it still uses the default keys. I checked the code and if cryptoflex is found then it overwrites the command line with the cryptoflex default aut0. This looks really good though - now I just need to find a blank card .. Dave *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html *** *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***
Re: MUSCLE Linux Login with RSA SmartCards
Hi, This looks great. A couple of notes: the --aut0=aut0 XXX does not seem to work - it still uses the default keys. I checked the code and if cryptoflex is found then it overwrites the command line with the cryptoflex default aut0. This looks really good though - now I just need to find a blank card .. Dave *** Linux Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/smartcard/index.html ***