[Authentication] "Wallet" security analysis

Michael Leupold lemma at confuego.org
Fri Jul 17 02:02:50 PDT 2009 

On Friday 17 July 2009 07:46:57 Anders Rundgren wrote:
> Hi,
> Since I'm working with similar stuff but for PKI a security analysis would
> maybe be of some value?

Yeah, of course.

> There are essentially two attacks that you want to protect from:
> 1. Key theft
> 2. Key misuse
>
> For asymmetric keys, it is enough to make the container "strong" in
> various ways to thwart key theft since crypto-operations are indirect.
>
> Protecting against key misuse (trojans authenticating to services) is much
> harder since it more or less assumes that the key-using app is
> authenticating to the crypto store.  Since the app is running in user-mode
> it means that you have to rely on a potentially untrusted application. 
> Since I'm not a Linux-person I don't know how to do this authentication in
> a good way. Would "root" ownership of the calling ".EXE" be a possible way
> to
> characterize a trusted application?  Pardon me if I'm off here due to my
> Linux incompetence...
>
> Anyway, I'm a bit puzzled about the security offered by "wallets" for
> shared secrets, particularly when there is an open API involved.

Yes, that's indeed a security problem we have knowlingly been living with due 
to a lack of ways to fix it.

While some platforms might provide what it takes to authenticate an 
application and apply acls (I don't think all so, eg. I haven't found a way to 
get peer process' identity on Windows sockets), this is not the only threat. 
Another one would be ptracing/debugging as that's very well possible for the 
service itself (running as user) as well as for trusted applications (at least 
unless disabled) or applications spying on each other using the X protocol 
(eg. keylogging).

A solution to this might well be underway using AppArmor, SELinux or the 
likes. But until somethings's available security could be described as:
- Secrets are protected while your collection is locked.
- Secrets are not protected while your collection is unlocked - so don't use 
untrusted software and lock your screen if you take a break :-)

Regards,
Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freedesktop.org/archives/authentication/attachments/20090717/71bee4ba/attachment.pgp

More information about the Authentication mailing list