Post on 17-Dec-2014
description
RuhR-University Bochum System Security Lab
TruWallet: Trustworthy and Migratable Wallet-Based Web Authentication
Sebastian Gajek1, Hans Löhr2, Ahmad-Reza Sadeghi2, Marcel Winandy2
1 Tel Aviv University, Israel2 Ruhr-University Bochum, Germany
ACM STC 2009 – 4th Annual Workshop on Scalable Trusted ComputingChicago, Illinois, USA – November 13, 2009
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 2
RuhR-University Bochum
Marcel Winandy
System Security Lab
Introduction
● Identity theft is a growing crime on the Internet(especially phishing)
● Classical phishing: faked web sites
● Malware phishing: attacking user's device
password
Adversary A Phishing Server
password
password
Adversary A Phishing Server
password
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 3
RuhR-University Bochum
Marcel Winandy
System Security Lab
Introduction
● Countermeasures against phishing– A broad range of approaches exists
● Promising: “wallet” (authentication agent)– Stores all user login credentials
– Authenticates web sites for their legitimacy
– Performs login on behalf of user
+
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 4
RuhR-University Bochum
Marcel Winandy
System Security Lab
Introduction
● However: needs strong protection mechanism (malware could attack wallet directly)
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 5
RuhR-University Bochum
Marcel Winandy
System Security Lab
Introduction
● However: needs strong protection mechanism (malware could attack wallet directly)
● We have trusted computing – so what?(secure boot, sealing, attestation, etc.)
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 6
RuhR-University Bochum
Marcel Winandy
System Security Lab
Introduction
● However: needs strong protection mechanism (malware could attack wallet directly)
● We have trusted computing – so what?(secure boot, sealing, attestation, etc.)
● Scalability issues:– PKI dependency: server can change SSL certificate
(update, new CA, new URL, etc.)
– Device restriction: wallet locked-down to one platform
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 7
RuhR-University Bochum
Marcel Winandy
System Security Lab
TruWallet - Overview
● High-level architecture● Automated login with SSL-PKI-independent
server authentication● Secure migration of wallet data to other devices● Implementation
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 8
RuhR-University Bochum
Marcel Winandy
System Security Lab
TruWallet Architecture
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 9
RuhR-University Bochum
Marcel Winandy
System Security Lab
TruWallet Architecture
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 10
RuhR-University Bochum
Marcel Winandy
System Security Lab
TruWallet Architecture
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 11
RuhR-University Bochum
Marcel Winandy
System Security Lab
TruWallet Architecture
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 12
RuhR-University Bochum
Marcel Winandy
System Security Lab
TruWallet Architecture
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 13
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 14
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Registration (user creates new account)
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 15
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Registration (user creates new account)– TruWallet creates high-entropy password
new password
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 16
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Registration (user creates new account)– TruWallet creates high-entropy password
– Derive shared secret from server_finished
client_hello
SSL handshake
encSSL(server_finished)
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 17
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Registration (user creates new account)– TruWallet creates high-entropy password
– Derive shared secret from server_finished
client_hello
SSL handshake
encSSL(server_finished)sharedsecret
sharedsecret
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 18
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Registration (user creates new account)– TruWallet creates high-entropy password
– Derive shared secret from server_finished
client_hello
SSL handshake
encSSL(server_finished)sharedsecret
sharedsecret
Link password with shared secret (and server URL)
new password
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 19
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Login (user connects to registered account)– Server is authenticated via challenge-response
client_hello
SSL handshake
encSSL(server_finished)
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 20
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Login (user connects to registered account)– Server is authenticated via challenge-response
client_hello
SSL handshake
encSSL(server_finished)
nonce
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 21
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Login (user connects to registered account)– Server is authenticated via challenge-response
client_hello
SSL handshake
encSSL(server_finished || HMACsharedsecret
(trnscrpt))
nonce
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 22
RuhR-University Bochum
Marcel Winandy
System Security Lab
SSL-PKI-Independent Server Authentication
● Login (user connects to registered account)– Server is authenticated via challenge-response
client_hello
SSL handshake
encSSL(server_finished || HMACsharedsecret
(trnscrpt))
nonce
sharedsecret
sharedsecret
Only if server can prove knowledge of shared secret, user password is sent.
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 23
RuhR-University Bochum
Marcel Winandy
System Security Lab
Secure Migration of Wallet Data
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 24
RuhR-University Bochum
Marcel Winandy
System Security Lab
Secure Migration of Wallet Data
● Another Wallet on destination platform● Establish a trusted channel between platforms
– Secure channel (confidentiality)
– Bound to TCB configuration of destination
● Send wallet data through trusted channel● Trusted Channel based on [Asokan+2007],
– But here: less components, less steps
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 25
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 26
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 27
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 28
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 29
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 30
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 31
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 32
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 33
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 34
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 35
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 36
RuhR-University Bochum
Marcel Winandy
System Security Lab
Migration ProtocolStorageManager Wallet Wallet Trust
ManagerStorageManager TPM
loadData()
requestTrustedChannel()TPM_CreateWrapKey()
(PKBind
, ESKBind
)
TPM_CertifyKey(PKBind
)
certBind(cert
Bind, PK
Bind, ESK
Bind)
(certBind
, PKBind
)
verify(certBind
)
wd
ewd :=Tspi_Data_Bind(PK
Bind,wd)
ewd unbind(ewd) TPM_LoadKey(ESKBind
)
TPM_Unbind(ewd)
verify(TCB_conf)
SKBind
:= decrypt_SRK(ESKBind
)
wd:= decrypt_SKBind
(ewd)wd
storeData(wd)
Source platform Destination platform
request-TrustedChannel()
ESKBind
:= encrypt_SRK(SK
Bind,TCBconf)
wd
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 37
RuhR-University Bochum
Marcel Winandy
System Security Lab
Implementation
● Security Kernel: Turaya/L4
– L4 microkernel
– security services● TruWallet:
– Java implementation
– Uses Paros HTTP/HTTPS Proxy
– Running in a Linux VM● Web Browser:
– Firefox, running in separate Linux VM
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 38
RuhR-University Bochum
Marcel Winandy
System Security Lab
Implementation Overview
mGUIStorage
MgrTrustMgr
NetworkMgr
L4 microkernel
LinuxVirtual Machine
Firefox
Hardware
Security Kernel(Turaya)
LinuxVirtual Machine
Paros Wallet
TPM
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 39
RuhR-University Bochum
Marcel Winandy
System Security Lab
Implementation Overview
mGUIStorage
MgrTrustMgr
NetworkMgr
L4 microkernel
LinuxVirtual Machine
Firefox
Hardware
Security Kernel(Turaya)
LinuxVirtual Machine
Paros Wallet
TPMVideo NIC Disk
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 40
RuhR-University Bochum
Marcel Winandy
System Security Lab
Implementation Overview
mGUIStorage
MgrTrustMgr
NetworkMgr
L4 microkernel
LinuxVirtual Machine
Firefox
Hardware
Security Kernel(Turaya)
LinuxVirtual Machine
Paros Wallet
TPMNIC
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 41
RuhR-University Bochum
Marcel Winandy
System Security Lab
Conclusion
● Phishing is a serious threat
● Wallets can perform login on behalf of user
● TruWallet provides:
– Secure execution environment
– Server authentication with less SSL PKI dependency
– Secure migration to other computing devices
● Prototype based on L4 microkernel and virtualization
● Future work:
– TruWallet on dynamic root of trust (Intel TXT)
2009-11-13TruWallet: Wallet-Based Web Authentication (STC 2009) 42
RuhR-University Bochum
Marcel Winandy
System Security Lab
Questions?
Marcel WinandyRuhr-University Bochum
marcel.winandy@trust.rub.de