Welcome the company of trees

Setting up an identity

2012-12-07

Abstract

Identity is a difficult problem and the solutions are not so straight forward. There are several ways to do this and different types of identification are needed for different services.


Password

Lets start out easy, the password. This together with a username has been the way to identify to a services from beginning of computer identity. It was also the first identity method to be cracked. This already in 1962, by Allen Scherr a Ph.D. student at MIT, who printed the plain text password on the CTSS at MIT. Now passwords have evolved since then and plain text passwords are hopefully not used any more. In the age of internet services it is hard to know what standards the password storage is using.

There are several ways to hash the password, which means that the password is mathematically transformed, in a way that one can not easily go back to the original password. There are several methods and they are constantly being evaluated. The current Cryptographic hash functions several have weaknesses. Sure not very weak weaknesses, but one has to be aware of how one stores the passwords. If the method used gets broken, like MD5, the passwords have to be renewed, and that can only be done with the participation of the users.

Another problem when it comes to storing passwords is that once a passwords have been transformed all users with the same password will have the same hash. To make the recovering of original passwords more difficult one can salt the hash. What does that means ? One adds a random string to the password and hashes the new string. When storing the password one adds the random string to the hash to make sure one can reproduce the hash when the proper password is provided. This makes all hashes randomly different even if the same password was used. Crackstation has good explanation of the problems with passwords without salt.

Now, you have stored your passwords for the site properly using a strong hash with salt, still the problem of choosing the password exists. The user has to pick a "safe" password. The identity is only as safe as the password. To help illustrate the problem of password length and character usage one can look at The Password Haystack. Still the password haystack does not deal with the problem of using dictionary words. If your secret password is just a dictionary word the hacker will use a dictionary and try all the words in, by hashing it and comparing it to your password until it finds your password.

Trustware in their Trustwave 2012 Global Security Report found that the most common password used by global business is "Password1" as it satisfies the default Microsoft Active Directory complexity setting. This show part of the problem. How do we determine if the passwords stored by the users are "safe" and will the users not register if they can not pick their simple passwords ? It is a difficult problem. One can actively try to crack the users secret passwords with password crackers like John the Ripper. One can also try to educate the user when entering the password and not allow unsafe passwords. When the user enters the password in the password entry form, it can be checked with CrackLib using for example python-crack in the website code. It will not solve all the problems with selecting passwords but is a step in the right direction, and hopefully catches the simpler passwords like password.

Now, why do everybody use passwords if it has such problems ? Well, there are plenty of other technology to handle identity, but username/password is implemented for ALL services. Below I will discuss more secure setups, with certificates and keys, but it boils down to your application needs to support it and what becomes more and more a problem, it has to work from a mobile platform.

The simplicity of username/password has another advantage. It is easy to create new identities for different services. You can create different accounts on different services that are not connected to each other. In the current state of affairs often account creation requires an email address, and if you use the same email address everywhere, still the accounts can be tied across services on the back-end. One not so well know method to create different email addresses is sub-addressing, but still the username is tied to your main email account.

S/MIME certificate

The S/MIME standard has been around for quite a while and uses a Certificate Authority (CA) to provide identities. As discussed one can either use a self-signed CA or services online that provides S/MIME certificates.

In the following example I will use StartSSL to create a S/MIME certificate and store it on my encrypted storage device (for backup) and in my Aventra MyEID PKI card (for usage). I have already created an account with StartSSL where you automatically get a S/MIME certificate to authenticate with the service. Now if you are about to start an account please read the instructions carefully. First of all make sure that the email address you would like your S/MIME for is accessible and that StartSSL email servers are on the greylistd white-list if you use your own mail server. Also make extra sure that you save the generated certificate and store it where you can get to it in case of problems.

First you need to validate an email address, for what you need the certificate. The Validations Wizard with Email Address Validation is a start. On the next page enter the email address and you will get a validation code sent to it. Paste it into the website and you have a validated email. You need to renew this validation every 30 days. You will not get a message when the validation time runs out. You need to log in and check and renew the validation when needed. I try to do it regularly but I have missed a few days sometimes due to travels.

Then I choose to create a new S/MIME and Authentication Certificate in the Certificates Wizard. Then I selected High Grade key size (2048 bit currently), select Software Security Device. This so that we can save the certificate out to file. In my case the hardware storage is shown as well. I am not yet familiar enough with the PKI card and how it works together with the browser to use it for this important certificate.

Note

Here is a trade-off. If you select to store it in the software you can save the key to for example an encrypted SD card, for backup or you use the hardware card to generate the key. The key is then locked into the card and you can not back it up. If you loose it/the card breaks you will not be able to use it or you have to pay StartSSL to expire the certificate, before you can create a new one. On the other hand when the key is locked into the card someone else can not copy it either.

The next step is Select Email Address. Here I select my validated email for the usage of this key is email and there might be people who are still on XP, especially in the enterprise, that wants to use this certificate. I stick with Secure Hash Algorithm SHA1 (Default) even if SHA1 is quite under attack. It should be safe enough for a year I hope.

Now the certificate has been installed in the browser. It is stored in the Browser, and now we need to back it up to a secure media. To find your Certificate you need to (in Firefox on Linux) go to Edit -> Preferences. Select Advanced, tab Encryption. There select "View Certificates". There under "Your Certificates" you will see the new certificate stored on the "Software Security Device". Select it and click the "Backup..." button. Choose where to store the Certificate, I recommend an encrypted USB stick. Now you need to set a Certificate backup password. Keepassx has password generation and storage. A confirmation of successful storage will appear.

Now we have saved our certificate, and we now transfer it over to the PKI card.

pkcs15-init --store-private-key
    certificate.p12 --format pkcs12 --auth-id 01

. Check your card instructions to make sure that --auth-id 01 is the correct id for you. One can set up several pins on cards. Once that is done it should appear in the Certificate Manager stored on the Card Name Security Device. With the restart the Software Device Certificate should be gone, and you can use the PKI card Certificate. I am not sure at what point the Certificate store is cleared, so backing up the p12 file is important.

To set up opensc with Mozilla and other applications is currently out of the scope of this article, but basically the opensc-pkcs11.so has to be loaded in the Security Devices section in Thunderbird. Once that has been set up you can write an email in Thunderbird, with the identity you registered. Write a short email to a friend and sign it using Security -> Digitally Sign This Message. Once your friend have your signature, he can encrypt a message to you. When you receive it you need your PKI card and PIN to read it.

GnuPG

Now I want to use the generated certificate/key also with GnuPG. I can of course also create a GnuPG key and store it somewhere but as I already have a PKI card I installed gnupg-pkcs11-scd, to use PKCS#11 cards with GnuPG. I got started using these instructions. The instructions below works for my setup with debian sid as of 2012-12-07.

The path to the provider-p1-library is different on Debian.

provider-p1-library
    /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so

. You also need to enable the gpg-agent by adding the line use-agent in ~/.gnupg/gpg.conf and restart X.

Once the card and ID:s were r

OpenID and OAuth

This is an area I have not yet delved into. The feeling I got so far is that it is mostly web-centric.

Facebook, Passport, or G+

There are several players that want to own your identity. Now we are not building a server with all these capabilities just to give away the keys. If you do not want to learn all this, just pick your trusted provider and go on your merry way. There are many providers that provides the services we are setting up.