[Crypto-chi] Hardware tokens

Jesse Young jlyo at jlyo.org
Tue Dec 23 17:10:33 CST 2014 

I remember the SecurID breach, but only looked up the details recently.
I doesn't look like there was a problem with the token itself, rather
RSA (the company) kept a copy of all the secrets resident on the
tokens. This is known as key escrow, and it's a bad thing if you don't
trust your escrow service (and why should you?) Lockheed was bitten by
it. Really the only parties that should have had the secret were
Lockheed and their employees (with the employee's copy locked up in the
token.)

Shared secret tokens (like the SecurID) are also less of an interest to
me, because the secret, by definition, needs to be available to the
service you're authenticating against. It does seem to be more popular
on the web these days (see Google Authenticator / OATH). I have it set
up for my email.

I think the hardware tokens can be made secure precluding poor
implementations. In fact some cryptoprocessors have anti-tampering
features that are purported to defend against highly sophisticated
and expensive attacks.

FWIW, everything I know about the SecurID breach came from this
Slashdot discussion:
http://yro.slashdot.org/story/11/06/07/129217/rsa-admits-securid-tokens-have-been-compromised

Tell me more about the CCC, is there a separate mailing list / resources
from the cryptoparty's?

Jesse

On Tue, 23 Dec 2014 14:08:15 -0600
Matt Chapman <mchap88 at gmail.com> wrote:

> On-topic:
> With hardware tokens, never forget:
> http://en.wikipedia.org/wiki/SecurID#March_2011_system_compromise
>
> Off-topic-ish:
> How's CCC going? I'd love to go to one, but haven't heard much about
> it since the last crypto party.
> 
> Matt
> 
> On Tue, Dec 23, 2014 at 1:58 PM, Freddy Martinez
> <freddymartinez9 at gmail.com> wrote:
> 
> > Off-topic:
> > lol. GSM SIM cards are not secure.
> >
> > On-topic
> >
> > I love this topic. I have been looking at hardware tokens out of
> > curiosity for work and have a few ideas as well. I'd love to see
> > something like this Jesse.  My concern is that this would be out of
> > scope for cryptoparty but we could do something like this at CCC.
> > The goal for CCC was to do more advanced level talks and create a
> > place for working on projects like this.
> >
> > Freddy
> >
> > On Tue, Dec 23, 2014 at 1:42 PM, Jesse Young <jlyo at jlyo.org> wrote:
> > > Hey all,
> > >
> > > I've taken an interest in hardware based security tokens on Linux
> > > lately. Let's just say it's a big painful mess of components that
> > > don't quite work together [1]. I've come up with a set of
> > > requirements for my personal setup that I think are achievable,
> > > although it has and will take quite a bit of work. I've surveyed
> > > the ecosystem, and came up with a set of requirements that I
> > > think are achievable.
> > >
> > > My requirements are:
> > > 1. All secrets must be stored or wrapped in hardware
> > > 2. All secret keys must be unextractable
> > > 3. New key generation must be done in hardware
> > > 4. Existing keys must be able to be imported into hardware
> > >
> > > As far as application integration goes, here are my ideas:
> > > 1. Linux PAM (authentication and single-sign-on)
> > > 2. LUKS disk encryption
> > > 3. OpenSSH
> > > 4. GnuPG
> > > 5. Web browser client cert (Chromium and/or Firefox)
> > > 6. X.509 certificate authority
> > > 7. Kerberos auth for work (not very familiar with this one)
> > > 8. OATH time and HMAC one-time-passwords
> > >
> > > I have a TPM in my laptop, and access to an Aladdin eToken 32k
> > > 4.2b to play around with at work. I also bought a smartcard
> > > reader, and have been exploring GSM SIM cards and a Bank of
> > > America EMV (chip credit card). So far most of my success has
> > > been with the TPM, namely SSH keys [2] and the X.509 CA. I
> > > haven't been able to generate useful keys on the eToken.
> > >
> > > I have (5) implemented against OpenDNSSEC's SoftHSM, although it
> > > fails all the requirements since it's a software solution. The
> > > value, however, is that I can isolate the key in a separate user
> > > and process, similar to ssh-agent or gpg-agent. The interface to
> > > SoftHSM is PKCS#11 which is common among hardware PKI tokens.
> > >
> > > This brings me to my next idea: the Yubikey NEO [2]. It's a USB
> > > device that seems to have a bit of a following and support. Does
> > > anyone have experience and opinions with this device (or other
> > > hardware tokens)? The Yubikey NEO looks like it can integrate
> > > with most the applications I have.
> > >
> > > I'm at a point where I can start writing a presentation about all
> > > this with some confidence. When's the next cryptoparty when I
> > > should have it ready by?
> > >
> > > Thanks,
> > > Jesse
> > >
> > > [1]
> > >
> > https://blog.flameeyes.eu/2011/04/network-security-services-nss-and-pkcs-11
> > > [2] https://www.yubico.com/products/yubikey-hardware/yubikey-neo/
> > >
> > > _______________________________________________
> > > cryptoparty-chi mailing list
> > > cryptoparty-chi at groups.sshchicago.org
> > > http://groups.sshchicago.org/listinfo/cryptoparty-chi
> > >
> > _______________________________________________
> > cryptoparty-chi mailing list
> > cryptoparty-chi at groups.sshchicago.org
> > http://groups.sshchicago.org/listinfo/cryptoparty-chi
> >

More information about the cryptoparty-chi mailing list