Thursday, December 23, 2010

Trusting Password: Network Authentication

Aspects of network security is closely related to the services provided: inbound or outbound. Security on outbound service can be best pursued with firewall configuration. Similarly, with anonymous access inbound servicing, such as anonymous FTP, HTTP, Gopher, etc.. In this case, intentionally provided information for everyone. Another case when we want to provide a non-anonymous access (or authenticated services), where other than through a firewall, someone who is requesting access must also get a 'permission' server after first proving his identity. This is the authentication. Furthermore, the authors use the term as a synonym for the word autentisasi.

Why should autentisasi ... ..? The Internet is a public network, and is open to everyone all over the world to join. Once the size of this network, have caused profits and losses. Often we hear and read about bobolnya bank financial computer systems, the Pentagon classified information or data bases students' academic transcripts. The sentence is adequate to represent the statement that we should be 'vigilant' against those 'evil' and always try to minimize the possibility for them to be able to perform his evil intentions. It's easy to exclude the possibility of infiltration (illegal access) from the outside by closing all inbound traffic channel service to the internal network. But this means has reduced the main advantages of the network: communication and the use of shared resources (sharing resources). Thus, a natural consequence with a large enough network, is to accept and try to minimize this risk, not destroy.

We will start from a network-administrator (NA), which has done a good job, in preparing the 'defense' for all services, inbound outbound and anonymous. Need some additional things that should be remembered again. Whether the defense is strong enough for the theft of the relationship (hijacking attack)? What is in it already considered the possibility of illegal monitoring of information packets are sent (packet sniffing - playback attack)? Or is it included readiness to actually illegal access within the system (false authentication)?

Hijacking usually occurs on computers that contact our network, although for some rare cases, can occur at any point in its path. So it is sensible to consider granting the trust a NA of access, only from computers that most do not have the same security system or perhaps more 'strong', compared with the network under its responsibilities. Business minimize the chances of this tragedy, can also be done by adjusting the packet-filter well or use a server modifications. For example, we can provide anonymous-FTP facility for any computer anywhere, but authenticated-FTP is only given to those hosts listed in the list of 'trust'. Hijacking the middle of the path can be avoided with the use of encryption between networks (end to end encryption).

Confidentiality of data and passwords is also the topic of security design. Programs that are dedicated to packet-sniffing can automatically display the contents of each packet of data between client and server. Password protection of such crimes can be done with the implementation of single-use passwords (non-reusable passwords), so that although they could be monitored by the sniffer, the password can not be used again.

The risk of hijacking and sniffing data (not the password) can not be avoided altogether. This means that NA should consider this possibility and perform optimization for the smaller its chance. Restricted number of accounts with full access and remote access time, is one form of optimization.

Subject autentisasi is proof. Evidenced includes three categories: something about us (something you are lignin), something we know (something you know SYK), and something that we have (something you have SYH). Lignin is closely related to the field of biometrics, such as examination-finger prints, retinal eye examination, voice analysis, etc.. SYK is identical with the password. As for SYH commonly used identity cards such as smartcard. \

Perhaps, that is still widely used is air-password system. To avoid password theft and illegal use of the system, it is sensible to our network system equipped with a disposable passwords. How can the application of this method?

First, using time-stamp system unencrypted. In this way, the new password is sent after the first modified based on the current time. Second, using a challenge-response system (CR), where the password that we give depends on the challenge from the server. Roughly we prepare a list of answers (response) is different for the 'questions' (challenge), which differ by the server. Because of course it was hard to memorize a few tens or hundreds of passwords, it would be easier if the memorized rule is to change the challenge provided a response (so not random). For example, our rule is: "kapitalkan fifth letter and delete the fourth letter", then the password that we provide is MxyPtlk1W2 to challenge Mxyzptlk1W2 system.

If the CR system, must be known 'aturan' it, then the time-stamp system, we must remember the password for the provision of these time-stamps. Does not make it this way? How lucky these mechanisms are generally handled by a device, either software or hardware. Kerberos, autentisasi software created at MIT and adopt a time-stamp system, require modifications to the client for time synchronization with the server as well as giving a stamp-time passwords. Modify the client program reminds us of the proxy and indeed, more or less like that. CR systems are usually applied at the same time with hardware support. Examples of operational CR system is a device SNK-004 card (Digital Pathways) that can be applied in conjunction with packet-FWTK TIS (Trusted Information Systems - Internet Firewall Toolkit).

TIS-FWTK offer a solution to single-use passwords (the CR) that 'fun': S / Key. S / Key hash algorithms iteratively apply the procedure to a seed, so the system can validate-client instant response but did not have the ability to predict response-next client. So if there is an intrusion on the system, there is no 'something' that can be stolen (usually a list of passwords). Hash algorithms have two main properties. First, the input can not be regenerated from the output (non-reversible). Second, there are two possible inputs for a same output.

Cryptography has evolved a long time, when people want information that he sent not to 'read' by parties not interested. Traditionally known as the two mechanisms cryptography, private key or public key. DES (data encryption standard) used by Kerberos to use private-key system. RSA (Rivest Shamir Addleman) implement public-key system. One of the contributors RSA, Ron Rivest and then make MD4 (message digest function # 4) which is used by S / Key his TIS-FWTK. Optimization and crossbreed between the two traditional methods are giving birth PGP (Pretty Good Privacy). Discussion of the DES, RSA, or PGP is a separate book and not in place is disclosed here. But clearly, the private-key system is characterized by the encrypt-decrypt the keys are identical, while the public-key systems, this process is done with two keys: public key to encrypt and decrypt secret key for this key which both generated and have relationships close through a mathematical algorithm. Because the mathematical processes required in advance, the speed of public-key systems can be thousands of times slower than equivalent private-key algorithm, although on the other hand offers better protection. The exploitation of the advantages and disadvantages of public and private key system is PGP, which is done for data transmission-private key system with the session-key so that it runs fast, while the transmission of session-key of his own using public-key.

With encryption, the information we send to a network through another network of safety doubts (the Internet), relatively more secure. Encryption between networks is causing a 'thief' must try a little harder to get illegal information he expected. There are several opportunities for the implementation of encryption, namely: at the application level, data-link level and network level.
Application-level encryption requires the use of client-server software special. In accordance with the OSI reference model, encryption of data-link is only valid for point to point connection, such as encryption system on a phone modem. While encryption network level (network layer) is applied on the router or other equipment adjacent to the tissue on both sides. Optimization of the interests and security policies carried out by adjusting the type / part of the IP packet to be encrypted, adjustments to the firewall architecture and, consequently, the effectiveness of key distribution, encryption, etc.. In the future, where technology VLAN (Virtual LAN) is estimated to be the primary choice for Intranet (enterprisewide), the use of network-level encryption has become so important. Perhaps equally important to state that while a company is 'forced' to use the internet as a route for transmission of sensitive information between the central office with other branches dibelahan earth.

TIS-FWTK Kerberos and Authentication Server
Kerberos is one of the works of Athena project, a collaboration between MIT, IBM and DEC. Kerberos was designed for supporting autentisasi and encryption of data in a distributed environment through modification of standards of client or server. Some operating system vendors have included Kerberos into their products. MIT itself provides for free many versions of Unix that has been in-Kerberizing. Even for the interests ported to the operating system or client-server software that does not support Kerberos, MIT provides its source-code, also is free. Project Athena Kerberos itself implement in many applications such as NFS, rlogin, email, and system passwords. Secure RPC (Sun Microsystems) also implements the same thing.

There are several things to consider in the implementation of Kerberos. Modification of the client and server software will cause the restriction application options. Unfortunately there are no alternative methods as a substitute for source-code modification (as in a proxy that allows custom user procedure or custom client software). Then, most people also agreed to call: "Kerberos is relatively difficult to implement / manage".

The package offered by systems other autentisasi TIS-FWTK: authentication-server. This server is designed in a modular, flexible mechanism that supports many popular autentisasi as standard reusable password system, S / Key, SecurdID card from Security Dynamics (systems with time-stamps), card-004 Digital Pathways SNK (CR system) and ease of integration new mechanism. Back to the conversation at the beginning of this writing, if our primary interest is how to prepare the 'defense' for non-anonymous inbound service, perhaps the authentication-server is a solution worth considering. Why? How does this system work? Not much space in this paper to load all our discussions about autentisasi, but the cover illustration below will give some idea for your interest in network security, concerning the authentication-server.

Author: Eueung Mulyana & Onno W. Purbo

No comments:

Post a Comment