Towards User-Friendly Credential Transfer on Open ... · 1 Kari Kostiainen, N. Asokan Nokia...

1

Kari Kostiainen, N. Asokan Nokia Research Center

Alexandra Afanasyeva SUAI

ACNS 2011

Towards User-Friendly Credential Transfer on Open Credential Platforms

© 2011 Nokia Research Center

3

Trusted execution environment (TrEE)

© 2011 Nokia Research Center 3

4

Credential transfer


Outline

1. Credential transfer problem

2. Credential transfer protocol

3. Analysis

5 © 2011 Nokia Research Center

6

Credential transfer problem


7

Closed provisioning


Control point

Service provider Service provider Service provider

8

Open provisioning


User authentication

User authentication

User authentication

Copyable Non-transferable Non-transferable

9

Late user binding


Device certificate

Enc(credentials)

User binding User binding

10

Temporal disconnection


Requirements

• Usability −No additional user interaction

• Security −Credential secrecy

−“Credential fidelity”


12

Credential transfer protocol


13

Protocol overview


HSM Provisioner (P)

Source device (S)

OS

TrEE

Target device (T)

OS

TrEE

PKTS/SKTS, CertTS

PKT/SKT, CertT

PKS/SKS, CertS

Trusted Server (TS)

OS

1. User identity installation

2. Provisioning and user binding

3. Credential backup and “identity verification delegation”


5. Identity verification, credential recovery and “provisioning delegation”

6. Automatic re-provisioning

14



PwdS

SealedPwdS

SealedPwdS Seal(PwdS)

PwdS

Store SealedPwdS

User Source OS Source TrEE

1. Trust on first use 2. Typical device login

ProvCred, SealedPwdS

15

2. Credential provisioning


ProvCred

CertS + user auth.

SealedCred

Verify CertS and extract PKS

Map Cred to PKS

ProvCred Enc(PKS, Cred || policy)

Cred || policy Dec(SK, ProvCred) PwdS Unseal(SealedPwdS) SealedCred Seal(Cred || policy || PwdS)

Store SealedCred

Provisioner Source OS Source TrEE

16

3. Credential backup to server


Source OS Source TrEE Trusted Server (TS)

CertS, EncCred / SDT

EncCred / SDT

CertTS, SealedCred

Verify CertTS and extract PKTS Cred || policy || PwdS Unseal(SealedCred)

Copyable: EncCred Enc(PKTS, Cred || PwdS) Non-transferable: SDT Sign(SKS, PKTS) || Enc(PKTS, PwdS)

CertTS

Store CertS and EncCred / SDT

CertS, EncCred / DT EncCred

SealedPwdT

17

5. Credential recovery


Trusted Server (TS) Target TrEE Target OS

PwdToken PwdToken, CertT

Verify CertT and extract PKT

PwdT Dec(SKTS, PwdToken) Copyable: Cred || PwdS Dec(SKTS, EncCred) Verify PwdT = PwdS

EncCred End(PKT, Cred || PwdT) Non-transferable: Extract PwdS from SDT Verify PwdT = PwdS

DT Sign(SKTS, PKT) || Sign(SKS, PKTS)

PwdT Unseal(SealedPwdT) PwdToken Enc(PKTS, PwdT)

Install EncCred

User identity installation

18

6. Credential re-provisioning


Target TrEE Target OS Provisioner

CertT, CertS, CertTS, DT

Verify Certs Verify signatures on DT

Find Cred for PKS

ProvCred Enc(PKT, Cred || policy)

ProvCred

ProvCred

Install ProvCred

19

Analysis


Analysis

• Usability −Reusing typical device login

• Credential secrecy −Common public key mechanism

−Trusted server (HSM)

• Credential fidelity −User identity password

−Brute force (throttling)

−Phishing (separate password)

−Password change (“trusted UI” or secure connection to server)

• Protocol validated with AVISPA tool 20 © 2011 Nokia Research Center

Summary

• Credential transfer challenging −Open provisioning

−Late user identity binding

−Temporal disconnection

• Server-assisted credential transfer protocol −Can be implemented using existing devices


Towards User-Friendly Credential Transfer on Open ... · 1 Kari Kostiainen, N. Asokan Nokia...

Documents

Transcript of Towards User-Friendly Credential Transfer on Open ... · 1 Kari Kostiainen, N. Asokan Nokia...