Linux Means Business: Security and Authentication with Digital Signatures

How one university uses PGP and digital signatures to make its network secure.

This system has a couple of weaknesses. For one thing, it offers only file-level protection. It checks all the logical possibilities of modified files, deleted files and extra files. What about someone modifying the disk in some strange way that fools the upper level routines? Digitally signing a representation of the raw disk data is more secure.

This system is also vulnerable if the public key on the server could be modified or replaced with a different one. The same vulnerability exists for the upgrade software on the server. In practice, getting root access in order to replace the public key and creating unauthorized upgrades is a roundabout way to launch an attack. If the attacker already had root access on a particular computer, there wouldn't be any reason to use the upgrade system to get privileges or modify the server.

Authenticating Users without a Database

With the labs gradually coming on-line, we're dealing with the problem of authenticating student access. Most schools can just put a login program on their client PCs which checks the user's password against a central database via a high-speed campus LAN. This won't work for us for many reasons. Many of our labs will not be on-line in the near future. Even when on-line, the network support is unreliable and often slow. Another problem is that we have lots of weekend seminars students sign up for at the last minute. The students sign up for classes in small “education centers” that send us floppy disks with registration information via snail-mail long after the fact. Even if every lab were on-line, the logistics of collecting and distributing all of the information overnight would be extremely difficult. Luckily, public key cryptography and clear-signed digital signatures offer a solution:

  1. A public and private key pair are generated for use by Field Representatives (FRs).

  2. The FR public key is stored on the computer lab servers.

  3. At registration time, a student entitled to computer lab access brings a floppy disk to the FR.

  4. The FR clear-signs a certificate with the student's name, ID number, dates of validity and, optionally, information about which privileges are granted.

  5. At least five characters are removed from the digital signature block and given to the student as his “password”. In Listing 3, the last five characters of the second encrypted line were used as the password.

  1. The first time a student uses any particular computer lab, he inserts the disk into a client PC and enters his student ID number and password. The password and certificate on the disk are recombined and sent to the server where it is checked using the FR's public key. If the signature is both valid and unexpired (based on the dates in the certificate), access is granted.

  2. One final step makes the system more convenient for students when returning to a lab. The server maintains a simple database, keyed on the student ID number with the student's password encrypted with a standard one-way encryption routine like crypt(1). The next time a student visits that particular lab, he doesn't need to bring the floppy disk; he can just enter his password and be validated.

  3. This database is automatically managed in the same way as a DNS cache. The date of expiration from the user's certificate becomes a “time to live” field in their database record. A cron job can be set up to periodically delete all expired entries.

This scheme has a lot of advantages. Reliable communication between the field staff, the main office and the labs is not required. Each of the three can be in completely separate, isolated locations. (And this is often the case.)

As in the first system, no real “secrets” are stored on the lab servers. If someone gets access to a lab server, there's no information that can help him: the public key can be read by anyone. The encrypted passwords are stored on the server; however, since they're random strings and not picked by the users, they aren't susceptible to the typical dictionary attack. Apart from dictionary attacks, standard Unix passwords are usually a secure system.

Various user access levels and periods of validity can be assigned to students by adding them to the certificates. The certificate can contain more information than just the student's name and ID number. Any kind of information that's worth keeping track of can be put into it.

Students have instant access to the computer lab once they've received their certificate. There is no delay waiting for a database to be propagated.

Since the certificates are in plain text, students can see at a glance if the certificates are correct, if they've expired yet, etc. This should make the system user-friendlier, and also limit the amount of assistance needed for help desk calls. There would never be any question about whether a certificate was still valid, issued for the correct person or contained the correct information.