8defense against illegal use of single sign on …iaster.com/uploadfolder...keywords:...
TRANSCRIPT
36
Defense against Illegal Use of Single Sign on Mechanism
for Distributed Network Services
M. Nagasuresh 1 PG Scholar, Department of Computer Science & Engineering,
Anna University Regional Centre, Madurai, India
M. Vinoth Kumar 2 Assistant Professor, Department of Computer Science & Engineering
University College of Engineering, Ramanathapuram, India
ABSTRACT
Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential
to be authenticated by multiple service providers in a distributed computer network. Recently, Chang and
Lee proposed a new SSO scheme and claimed its security by providing well-organized security
arguments. The existing system is actually insecure as it fails to meet credential privacy and soundness
of authentication, specifically, the two impersonation attacks. The first attack allows a malicious service
provider, who has successfully communicated with a legal user twice, to recover the user’s credential and
then to impersonate the user to access resources and services offered by other service providers. In
another attack, an outsider without any credential may be able to enjoy network services freely by
impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to
explain why attacks are possible against their SSO scheme. To give the better security for the single sign
on mechanism ECDSA Elliptic curve Digital Signature Algorithm is going to apply in the distributed
services. This algorithm provides an enhanced security while passing the credentials between different
distributed services.
Keywords: Authentication, Distributed Computer Networks, Information Security, Security Analysis,
Single Sign-On (SSO).
1. INTRODUCTION
Network security consists of the provisions made in an underlying computer network infrastructure, policies
adopted by the network administrator to protect the network and the network-accessible resources from
unauthorized access, and consistent and continuous monitoring and measurement of its effectiveness
combined together. Network security starts from authenticating any user with a username and a password.
Once authenticated, a state full firewall enforces access policies such as what services are allowed to be
accessed by the network users. Though effective to prevent unauthorized access, this component fails to
check potentially harmful content such as computer worms being transmitted over the network. An Intrusion
Prevention System (IPS) helps to detect and inhibit the action of such malware. Network security is
involved in organizations, enterprises, and other types of institutions. The most common and simple way of
protecting a network resource is by assigning it a unique name and a corresponding password.
Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential
to be authenticated by multiple service providers in a distributed computer network . An SSO scheme
should meet at least three basic security requirements, unforgeability, credential privacy, and soundness.
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, pp. 36-44
© IASTER 2014, www.iaster.com ISSN Online: 2347-5099, Print: 2348-0009
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, www.iaster.com ISSN
(O) 2347-5099
(P) 2348-0009
37
Unforgeability demands that, except the trusted authority, even a collusion of users and service providers
are not able to forge a valid credential for a new user. Credential privacy guarantees that colluded
dishonest service providers should not be able to fully recover a user’s credential and then impersonate
the user to log in to other service providers. Soundness means that an unregistered user without a
credential should not be able to access the services offered by service providers.
2. THE PUBLIC-KEY CRYPTOSYSTEM ENCRYPTION AND DECRYPTION PROCESS
Suppose user A wants to send a private message, M, to user B.
• User A gets User B's public key from some public source.
• User A encrypts message M using B's public key. This produces a cipher text message, C
• Ciphertext message C is sent over some communication channel
• Upon receipt, user B decrypts message C using their private key. This results in the original
message M.
3. ELLIPTIC CURVE ENCRYPTION / DECRPTION
This is the simplest approach to encryption / decryption using elliptic curves. We must first encode any
plain text message m to be sent as an x-y point Pm. This Pm is a point on elliptic curve Eq(a,b).Pm is
encrypted as a cipher text and subsequently decrypted.
Performing Encryption / Decryption
1. Select suitable elliptic curve and point G as in D-H key exchange. Then select an elliptic group
Eq(a,b) as parameters.
2. Each user A selects a private key nA, such that nA<n and compare a public key PA=nA*G. User B
selects private key nB and computes public key nB and computes public key PB=nB*G.
3. To encrypt and sen message Pm to B, A chooses a random positive integers k and produces the
cipher text Cm consisting of the pair or Points,
Cm={kG,Pm+kPB}
Note that A has used B’s public keyPB.
4. To decrypt the cipher text, B multiplies the first point in the pair by B’s secret or private key (nB)
and subtracts the result from the second point such as,
(Pm+kPB) – nB(kG)
= Pm + k(nBG) – nB(kG)
= Pm.
4. SINGLE SIGN-ON AND SESSIONS
Single sign-on (SSO) solution that enables users to authenticate once yet access multiple resources. In
other words, successive attempts by a user to access protected resources will not require them to provide
authentication credentials for each attempt. This chapter explains the Session Service, the SSO solution,
and the SSO APIs.
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, www.iaster.com ISSN
(O) 2347-5099
(P) 2348-0009
38
5. COOKIES AND SESSIONS
A cookie is an information packet generated by a web server and passed to a web browser. It maintains
information about the user’s habits with regards to the web server by which it has been generated. It does
not imply that the user is authenticated. Cookies are domain-specific; for example, a cookie generated by
Domain A cannot be used in Domain B. Cookies will only be passed to a server in the domain for which
the cookie is set. Conversely, servers may only set a cookie in their own domain. In an Access Manager
deployment, the cookie contains the Session ID, an encrypted string generated by the Session Service.
With the session ID, a protected resource can get access to the Session where the user’s session
information is stored. This information is then used for session validation.
6. CHALLENGES
With the development of distributed computer networks, it is easy for user terminals to share information
and computing power with hosts. The distributed locations of service providers make it efficient and
convenient for subscribers to access the resources. In general solutions, users must register with each
service provider and keep different Identity/password pairs for accessing each service provider. However,
when users have to keep so much secret information, security problems can occur and increase the
overhead for the networks. In a unidirectional identification scheme, an entity identifies the other party by
challenging some secret information. In addition, the mutual identification protocol can allow two
communicating parties to verify each other. Thus, there are four important security problems that the user
identification scheme must solve. i.e,
• It must determine whether users are legitimate or not
• Service providers must be authenticated
• A common session key must be appropriately established
• The privacy of legal users must be ensured
In 2000 Lee and Chang[9] first proposed a user identification protocol that provides session key
establishment and user anonymity for distributed computer networks. Since that time many improvements
for dealing with possible attacks have been proposed. In 2004, Wu and Hsu[6] pointed out that Lee and
Chang’s protocol might suffer from masquerading attacks, and they proposed a modification to correct
this issue .Later Yang et al. showed that Wu–Hsu’s modified version could not protect the user’s secret
token against a malicious service provider, and they proposed an enhancement to prevent this kind of
attack. In 2005, Lee demonstrated two possible attacks on Wu–Hsu’s scheme. Under these attacks, the
adversary can forge a legal token to cheat the service provider. In 2006, Mangipudi and Katti presented a
denial-of-service (DoS) attack on Yang et al.’s scheme and proposed an improvement to overcome this
drawback. Recently, Hsu and Chuang demonstrated that both Yang et al.’s and Mangipudi – Kati’s
schemes are vulnerable to identity disclosure attacks and proposed an improvement to prevent such
attacks. Although Hsu and Chuang’s scheme has many attractive features; in fact, it does not provide all
of the security properties that they claimed. Hsu–Chuang’s scheme might be vulnerable to impersonation
attacks since it employs an analogous RSA signature to generate secret tokens. In this kind of attack, an
attacker can masquerades a legal user to cheat the service provider. In addition, Hsu–Chuang’s scheme
uses time stamps to avoid replay attacks and unfortunately, it is difficult to verify the timestamp when
entities are located in different time zones or when there is a congested network environment that has
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, www.iaster.com ISSN
(O) 2347-5099
(P) 2348-0009
39
unstable latency. Therefore, additional time-synchronized mechanisms are needed to adjust the clock
between the two parties the propose a secure single sign-on mechanism to allow mobile users to use the
unitary token to access service providers..The proposed scheme is based on one-way hash functions and
random nonce to solve the weaknesses described above and to decrease the overhead of the system.
7. PROPOSED METHODOLOGY
The first attack, the “credential recovering attack” compromises the credential privacy in the scheme as a
malicious service provider is able to recover the credential of a legal user. The other attack, an
“impersonation attack without credentials,” demonstrates how an outside attacker may be able to freely
make use of resources and services offered by service providers, since the attacker can successfully
impersonate a legal user without holding a valid credential and thus violate the requirement of soundness
for an SSO scheme. In real life, these attacks may put both users and service providers at high risk In fact;
this is a traditional as well as prudential way to deal with trustworthiness, since cannot simply assume that
beside the trusted authority, all service providers are also trusted. The basic reason is that assuming the
existence of a trusted party is the strongest supposition in cryptography but it is usually very costly to
develop and maintain. In particular defined collusion impersonation attacks as a way to capture the
scenarios in which malicious service providers may recover a user’s credential and then impersonate the
user to login to other service providers. It is easy to see that the above credential recovery attack is simply
a special case of collusion impersonation attack where a single malicious service provider can recover a
user’s credential. It must be emphasized that impersonation attacks without valid credentials seriously
violate the security of SSO schemes as it allows attackers to be successfully authenticated without first
obtaining a valid credential from the trusted authority after registration.
In proposed system that the Chang–Lee scheme is actually insecure by presenting two impersonation
attacks, i.e., credential recovering attack and impersonation attack without credentials. These two attacks
imply that the Chang–Lee[9] SSO scheme fails to meet credential privacy and soundness, which are
essential requirements for SSO schemes and authentication protocols. It also identifies the flaws in their
security arguments in order to explain why it is possible to mount our attacks against their scheme.
Similar attacks can also be applied to the Hsu–Chuang scheme, on which the Chang–Lee scheme is based.
Finally, to avoid these two impersonation attacks, the propose an improved SSO scheme to enhance the
user authentication phase of the Chang-Lee scheme. To this end, the employ the efficient Elliptic Curve
based verifiable encryption of signatures (VES) proposed by Ateniese to verifiably and securely encrypt a
user’s credential. In fact, Ateniese’s VES was originally introduced to realize fair exchange. There are no
similar attacks in the setting of SSO, and this is also the first time of using VES to design an SSO scheme,
to the best of our knowledge.
The security of the improved SSO scheme by focusing on the security of the user authentication part,
especially soundness and credential privacy due to two reasons. On the one hand, the unforgeability of the
credential is guaranteed by the unforgeability of Elliptic Curve -VES signatures, and the security of
service provider authentication is ensured by the unforgeability of the secure signature scheme chosen by
each service provider.
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, www.iaster.com ISSN
(O) 2347-5099
(P) 2348-0009
40
8. ADVANTAGES
• The authors claimed to be able to: “prove that and are able to authenticate each other using our
protocol.” but they provided no argument to show why each party could not be impersonated by an
attacker. Second, the authors did discuss informally why their scheme could withstand
impersonation attacks.
• In other words, it means that in an SSO scheme suffering these attacks there are alternatives which
enable passing through authentication without credentials.
• The main advantages of Elliptic Curve Cryptography are, it uses shorter key length than secure
RSA. So processing overhead is less for Elliptic Curve Cryptography and it improves the
computational efficiency compare to RSA.
A. User Identification Phase
To access the resources of service provider, user needs to go through the authentication protocol
specified. Here, and are random integers chosen by and, respectively; and are three random nonces; and
denotes a symmetric key encryption scheme which is used to protect the confidentiality of user’s identity.
B. Signature Assignment Phase
Once user enters into the service the portal will assign unique session id for each users with the unique
key assignment for every machine. Once user request the service the portal will check the session id and
the unique key ECDSA (Elliptic Curve Digital Signature Algorithm scheme) for each request. If the
authentication fails the user will not enjoy the distributed services.
C. Recovering Attack
The key creations for the specific user identity are differing from the existing system. The Elliptic Curve
Digital signature algorithm (ECDS) is used for the effective security. The security issues are discussed
about the authentication credentials passing from one service to another. To manage the secure passing of
unique credentials this ECDS algorithm is used. This enhanced security application will lead in the secure
single sign on in different distributed service environment.
D. Security Analysis
The security of the improved SSO scheme by focusing on the security of the user authentication part,
especially soundness and credential privacy due to two reasons. On the one hand, the unforgeability of the
credential is guaranteed by the unforgeability of ECDSA, and the security of service provider authentication
is ensured by the unforgeability of the secure signature scheme chosen by each service provider.
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, www.iaster.com ISSN
(O) 2347-5099
(P) 2348-0009
41
9. SAMPLE SCREEN SHOTS
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, www.iaster.com ISSN
(O) 2347-5099
(P) 2348-0009
42
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, www.iaster.com ISSN
(O) 2347-5099
(P) 2348-0009
43
10. CONCLUSION
The project demonstrates two effective impersonation attacks on Chang and Lee’s single sign-on scheme.
The first attack allows a malicious service provider, who has successfully communicated with a legal user
twice, to recover the user's credential and then to impersonate the user to access resources and services
offered by other service providers. In another attack, an outsider without any credential may be able to
enjoy network services freely by impersonating any legal user or a nonexistent user. The next level of
approach security issues are to be considered. The key creation for the specific user identity are differing
from the existing system. The Elliptic Curve Digital Signature algorithm (ECDS) is used for the effective
security. The security issues are discussed about the authentication credentials passing from one service to
another. To manage the secure passing of unique credentials this ECDS algorithm is used. This enhanced
security application will lead in the secure single sign on in different distributed service environment.
International Journal of Research in Computer Applications & Information
Technology, Volume-2, Issue-2, March-April, 2014, www.iaster.com ISSN
(O) 2347-5099
(P) 2348-0009
44
REFERENCES
[1] A. C. Weaver and M. W. Condtry, “Distributing internet services to the network’s edge,” IEEE
Trans. Ind. Electron., vol. 50, no. 3, pp.404–411, Jun. 2003.
[2] L. Barolli and F. Xhafa, “JXTA-OVERLAY: A P2P platform for distributed, collaborative and
ubiquitous computing,” IEEE Trans. Ind. Electron., vol. 58, no. 6, pp. 2163–2172, Oct. 2010.
[3] X. Li, W. Qiu, D. Zheng, K. Chen, and J. Li, “Anonymity enhancement on robust and efficient
password-authenticated key agreement using smart cards” IEEE Trans. Ind. Electron., vol. 57, no.
2, pp. 793–800, Feb. 2010.
[4] M. Cheminod, A. Pironti, and R.Sisto, “Formal vulnerability analysis of a security system for
remote field bus access” IEEE Trans. Ind. Inf., vol. 7, no. 1, pp. 30–40, Feb. 2011.
[5] A.Valenzan ,L.Durante, and M.Cheminod, “Review of security issues in industrial networks” IEEE
Trans. Ind. Inf., vol. PP, no. 99, 2012, DOI 10.1109/TII/2012.2198666.
[6] T.-S.Wu and C.-L. Hsu ,“Efficient user identification scheme with key distribution preserving
anonymity for distributed computer networks,” Computer. Security, vol. 23, no. 2, pp.120–
125,2004.
[7] Y. Xu, R. Song, L. Korba, L. Wang, W.Shen, and S. Y. T. Lang, “Distributed device networks with
security constraints,” IEEE Trans. Ind. Inf., vol. 1, no. 4, pp. 217–225, Nov. 2005
[8] Jiangshan Yu, Guilin Wang, and Yi Mu” Provably Secure Single Sign-on Scheme in Distributed
Systems and Networks” Center for Computer and Information Security.
[9] C.-C. Chang and C.-Y. Lee, “A secure single sign-on mechanism for distributed computer
networks,” IEEE Trans. Ind. Electron., vol. 59, no. 1, pp. 629–637, Jan. 2012.
[10] G. Wang, J. Yu, and Q. Xie, “Security analysis of a single sign-on mechanism for distributed
computer networks”, Cryptology ePrint Archive, Rep. 102, Feb. 2013