c. edward chow (pi) chip benight (pi) ganesh godavari department of computer science
Post on 20-Mar-2016
31 Views
Preview:
DESCRIPTION
TRANSCRIPT
1
SGFR:Secure Groupware for First Responders
http://cs.uccs.edu/~sgfr/Contact: chow@cs.uccs.eduA NISSC Sponsored Project
C. Edward Chow (PI)Chip Benight (PI)Ganesh Godavari
Department of Computer Science
Part of this work is based on research sponsored by the Air Force Research Laboratory, under agreement number F49620-03-1-0207. it was sponsored by a NISSC summer 2003
grant.
2
Goal of SGFR• SGFR: Secure Groupware for First Responder:• The goal is to design a framework for enhancing
groupware packages such as instant messenger and video conferencing tool,– with security through
• scalable group key management (Keystone from UT Austin), and• secure model secure group policy management (Antigone from U.
Michigan)– With stress level and tool usage effectiveness evaluation
• This is a joint project with Dr. Chip Benight of psychology department.
• The enhanced secured groupware will be tested in a field trial with City’s Emergency Response team.
3
SGFR Features
Security Enhanced GroupwareInstant messenger
(JabberX)
Group Communication ServerInstant Messaging Server
(Jabber)
Psychology EvaluationStress Level Tracking
Effectiveness of Tool Usage(Keyboard/Mouse Event Tracking,History of Commands, Mistakes,
Popup Quiz?)
Group Key ManagmentSecure Group
Rekeying system(Keystone)
4
SGFR System Architecture
SGFR Client
SGFR Client
SGFR Client
SGFR Group Key Server
SGFR Instant Messenger
Server
Group key distribution
Sign-in create/join chat groups
Registration/authentication
Encrypt/Decrypt msgs using group key
5
SGFR System Operation
Registrar
JabberXclient
ControlManager
KeyServer
Jabber Server
DataBroadcast
JabberXClient
JabberXClient
Multicast/Unicast
Rekey messages
Rekey messages
Registration
Requests
ApplicationData
6
Associate JabberX client with Keyserver and Jabber server
• Users login to the Jabber server• If login successful, the client registers with
the Keyserver.• When a user creates/joins a group, the
Keyserver gives a key to the client.• When a user leaves the group, the
Keyserver generates a new key for the remaining members of the group.
7
Output of the Keystone Server
User ganesh joining group g1
User ayen joining group g1
First group key assigned to group
Second group key assigned to groupWhen a member
joined
8
Packet captured by Ethereal Packet Sniffer
Output of the Jabber server running on a machine
Encrypted “Hello”
Surrounded by <body>tag
9
Keystone Registrar Setup
• Registrar Setup– R <=> S : using SSL – S => R : registrar key KR, client list
Secret key KR is called registrar key.
Client list contains the identities and ID numbers of clients that does not contain access control information
10
Secure Keystone Client Request
• Client Registration– C <=> R : using SSL– R => C : IDc, kc
– R => S : { IDc, kc} KR
Where Kc is client individual key
IDc is clients identity number
11
Request and Reply
• A request may contain operations to more than one group– Operations
• Join• Leave• Re-synchronize
– C => S : {request} kc
– S => C : {ack} kc, {ind.rekey}kc
12
Key Updates• Keyserver distributes new keys using the
rekey messages. • Reliable key updates can be done using
– TCP– Reliable multicast Transport protocol
• Key stone uses UDP over IP multicast for efficient rekey message delivery and Forward Error Correction technique
13
Re-synchronization
• FEC does not provide 100% reliability• Solution 1
– Client request for retransmission of the lost rekey message
• Disadvantages– Inefficient when the number of lost rekey is large
• Solution 2– Keystone provides resynchronization mechanism for
clients to update their keys incase of message loss.
14
keyserverKeyserver.c:main() sslInfoInit(&sslInfo, keyFile, certFile, caFile,
caPath); sslCTX = sslInit(&sslInfo, 1); if (getSpec(servRec, f) != 0) {…in spec.c..} /* the specification file is processed */ setupKGraph(servRec); setupReqAddr(&(servRec->reqAddr)); // listen
for requests for clients setupReqAddr(&(servRec->regReqAddr));
//listen for requests from registrar
15
Keystone Specification File// 1 group, group-oriented TCP, period 1.0, DES3, RSA
global-parametersbegin rekey-period: 1.0 encryption: DES3-CBC message-digest: MD5 signature-scheme: RSA key-file: serverkey.rsa request-port: 20002 register-port: 30002 key-tree-degree: 4 access-control: noneend
group g1begin rekeying: GROUP-ORIENTED rekey-delivery: TCP-unicastend
16
Key Trees
k1-9
k123 k456
k1
k789
k2 k3 k4 k5 k6 k7 k8
u2 u3 u4 u5 u6 u7 u8 u9u1
k9
(changed to k78)
(changed to k1-8)
[Wong et al. SIGCOMM ’98, Wallner et al. Internet Draft]
{k78}k7 {k78}k8
{k1-8}k123 {k1-8}k456 {k1-8}k78
17
Registrar setup Registrar.c:main()
/* connect to keyserver */sslInfoInit(&sslInfo, keyFile, certFile, caFile, caPath);sslCTX = sslInit(&sslInfo, 1);ssl = sslConnect(sslCTX, ksAddr.sk);
/* receive register initialization from keyserver */ msg.size = sslRecv(ssl, msg.msg, msg.max); curr = msg.msg; curr += getMsgHdr(curr, &ver, &type, &size, &seq, &msgSPI, &msgVer); if (type != INIT_REGISTER) { /* error */ } if (sslRecvFile(ssl, cListFilename) != 0) { /* error */ } while (1) {
: if (childProcess(sk, ksAddr.sk, regSA, indSA, sslCTX, seqToKS, lockFile, clientAuthInfo)!= 0)
:}
18
Registrar Client RegistrationRegistrar.c:childProcess()
ssl = sslAccept(sslCTX, sk); if (cliAuthInfo != NULL) { if ((i = checkClientCert(ssl, cliAuthInfo)) < 0) { /* ERROR */}
if (consRegToKS(indSA, seqToKS, ®) != 0) { fprintf(stderr, "ERROR: registration to key server\n"); return -1; }
/* sign and encrypt registration info with regSA */ putMsgSize(reg.msg, 0); if (signEncMsgSA(®, regSA) != 0) { return -1; }
19
Client SetupProtocol.c:initializeclient()sslInfoInit(&sslInfo, keyFile, certFile, caFile, caPath);registerSSL(ksCtx, &sslInfo, ®Addr);
registerSSL.c:registerSSL()sslCTX = sslInit(sslInfo, 1);ssl = sslConnect(sslCTX, regAddr->sk);
Gchat.c:cmd_join()reqGroups(ksCtx, numGrps, grpName, request);
– Where request can be “join”/”leave”/”resyn”
getGroupKey(ksCtx, grpName, version)
20
SSL Initializationvoid * sslInit(SSLInfo *sslInfo, int verifyPeer){ /* SSL initialization */ SSLeay_add_ssl_algorithms(); SSL_load_error_strings(); if ((sslCTX = SSL_CTX_new(SSLv3_method())) == NULL) { ERR_print_errors_fp(stderr); return NULL; }
::
if (verifyPeer) { SSL_CTX_set_verify(sslCTX, SSL_VERIFY_PEER, NULL); } else { SSL_CTX_set_verify(sslCTX, SSL_VERIFY_NONE, NULL); } return ((void *) sslCTX);} /
21
SSL Server connectionvoid * sslAccept(void *sslCTX_v, int sock){ /* begin of sslAccept() */ SSL_CTX *sslCTX = (SSL_CTX *) sslCTX_v; SSL *ssl; X509 *peerCert; if ((ssl = SSL_new(sslCTX)) == NULL) { fprintf(stderr, "ERROR: no ssl\n"); return NULL; } SSL_set_fd (ssl, sock); if (SSL_accept(ssl) == -1) { ERR_print_errors_fp(stderr); SSL_free(ssl); return NULL; }
if (SSL_CTX_get_verify_mode(sslCTX) == SSL_VERIFY_PEER) { if ((peerCert = SSL_get_peer_certificate (ssl)) == NULL) { fprintf(stderr, "ERROR: no peer cert\n"); SSL_free(ssl); return NULL; } } else { fprintf(stderr, "ERROR: ask for account and password\n"); return NULL; } return ((void *) ssl);}
22
SSL Client connectionvoid * sslConnect(void *sslCTX_v, int sock){ /* begin of sslConnect() */ SSL_CTX *sslCTX = (SSL_CTX *) sslCTX_v; SSL *ssl; X509 *peerCert;
if ((ssl = SSL_new (sslCTX)) == NULL) { fprintf(stderr, "ERROR: no ssl\n"); return NULL; }
SSL_set_fd (ssl, sock); if (SSL_connect(ssl) == -1) { ERR_print_errors_fp(stderr); SSL_free(ssl); return NULL; }
if ((peerCert = SSL_get_peer_certificate (ssl)) == NULL) { fprintf(stderr, "ERROR: no peer cert\n"); SSL_free(ssl); return NULL; } return ((void *) ssl);}
23
Access Control List/* check client certificates *//* return -1 if error or client not found */int checkClientCert(void *ssl_v, ClientAuthInfo *cliAuthInfo){ SSL *ssl = (SSL *) ssl_v; X509 *peerCert; char peerName[256]; int i, peerNameSize;
if ((peerCert = SSL_get_peer_certificate (ssl)) == NULL) { fprintf(stderr, "ERROR: no peer cert\n"); return -1; }
X509_NAME_oneline(X509_get_subject_name(peerCert), peerName, sizeof(peerName)); peerNameSize = strlen(peerName)+1;
/* got the subject line so compare with the list u want to allow.*/ : : return SUCCESS/FAILURE;} /* end of checkClientCert() */
24
Encryption CBFint EncryptString (char *in, char *out, unsigned char *key, int plainlen){ int cipherlen, tmplen; unsigned char iv[8] = {1,2,3,4,5,6,7,8}; EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);EVP_EncryptInit(&ctx,EVP_bf_cbc(),key,iv);
if (!EVP_EncryptUpdate(&ctx,out,&cipherlen,in,plainlen)) { return -1; }
if (!EVP_EncryptFinal(&ctx,out+cipherlen,&tmplen)) { return -1; }
cipherlen += tmplen;EVP_CIPHER_CTX_cleanup(&ctx);return cipherlen;}
25
Decryption CBFint DecryptString(char *in, char *out, unsigned char *key, int cipherlen){ int plainlen, tmplen; unsigned char iv[8] = {1,2,3,4,5,6,7,8}; EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(&ctx);EVP_DecryptInit(&ctx,EVP_bf_cbc(),key,iv);
if (!EVP_DecryptUpdate(&ctx,out,&plainlen,in,cipherlen)) { return -1; }
if (!EVP_DecryptFinal(&ctx,out+plainlen,&tmplen)) { return -2; }
plainlen += tmplen;
EVP_CIPHER_CTX_cleanup(&ctx);return plainlen;}
26
Testing ResultsRuns Client Registration
Time (ms)Group Join Time
(ms)Group Leave Time
(ms)1 279.62 233.46 135.54
2 249.28 652.74 126.78
3 253.93 706.04 769.08
4 259.46 118.15 434.12
Avg/Run 260.5725 427.5975 366.38
Table 1 time taken for client registration group join, group leave
File size Time Taken (ms)8.5K 35302.47
25K 105986.05
60K 305934.53
195K 1007949.38
Table 2 time taken for file transfer
27
Conclusion• A secure group communication software
package SGFR v.0 was developed. – Use Digital Certificate to authenticate client access.– Group keys are distributed when members join/leave
or based on some time period.– Group key is used to encrypted the messages.– Enhance text-based chat with remote file download
and remote display.• Ported the SGFR v.0 to run on handheld devices
include PDA running Linux and Sony PalmTop.
28
Future work
• Improve the file transfer capability using Reliable Multicast Transport Protocol.
• Improve Keystone’s error handling mechanism between keyserver/registrar and client manager.
• Improve Keystone client manager by moving it into socket layer and providing socket layer API between a client manager and data processor.
• Integrate with Wireless Sensor Networks and improve security of their operations.
top related