Document
advertisement
SEE-GRID tutorial, Istanbul, 09-10.12.2004 Security on Grid Roberto Barbera Univ. of Catania and INFN Overview • Glossary • Encryption • • Symmetric algorithms Asymmetric algorithms: PKI • Certificates • • Digital Signatures X509 certificates • Grid Security • • • • Basic concepts Grid Security Infrastructure Proxy certificates Command line interfaces SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 2 Overview • Glossary • Encryption • • Symmetric algorithms Asymmetric algorithms: PKI • Certificates • • Digital Signatures X509 certificates • Grid Security • • • • Basic concepts Grid Security Infrastructure Proxy certificates Command line interfaces SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 3 Glossary • Principal • An entity: a user, a program, or a machine • Credentials • Some data providing a proof of identity • Authentication • Verify the identity of the principal • Authorization • Map an entity to some set of privileges • Confidentiality • Encrypt the message so that only the recipient can understand it • Integrity • Ensure that the message has not been altered in the transmission • Non-repudiation • Impossibility of denying the authenticity of a digital signature SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 4 Overview • Glossary • Encryption • • Symmetric algorithms Asymmetric algorithms: PKI • Certificates • • Digital Signatures X509 certificates • Grid Security • • • • Basic concepts Grid Security Infrastructure Proxy certificates Command line interfaces SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 5 Cryptography K1 Encryption M K2 C Decryption M • Mathematical algorithm that provides important building blocks for the implementation of a security infrastructure • Symbology • • Plaintext: M • Cyphertext: C • Encryption with key K1 : E K1(M) = C • Decryption with key K2 : D K2(C) = M Algorithms • Symmetric: K1 = K2 • Asymmetric: K1 ≠ K2 SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 6 Symmetric Algoritms • The same key is used for encryption and decryption • Advantages: • A ciao B 3$r 3$r ciao Fast • Disadvantages: • • how to distribute the keys? the number of keys is O(n2) • Examples: • • • • • A ciao B 3$r 3$r ciao DES 3DES Rijndael (AES) Blowfish Kerberos SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 8 Public Key Algorithms • Every user has two keys: one private and one public: • • • No exchange of secrets is necessary • • • • it is impossible to derive the private key from the public one; a message encrypted by one key can be decripted only by the other one. the sender cyphers using the public key of the receiver; the receiver decripts using his private key; the number of keys is O(n). Examples: • • A ciao B 3$r A ciao 3$r ciao B cy7 cy7 A’s keys B’s keys public private public private ciao Diffie-Helmann (1977) RSA (1978) SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 9 Overview • Glossary • Encryption • • Symmetric algorithms Asymmetric algorithms: PKI • Certificates • • Digital Signatures X509 certificates • Grid Security • • • • Basic concepts Grid Security Infrastructure Proxy certificates Command line interfaces SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 10 One-Way Hash Functions • Functions (H) that given as input a variable-length message (M) produce as output a string of fixed length (h) • 1. 2. 3. the length of h must be at least 128 bits (to avoid birthday attacks) given M, it must be easy to calculate H(M) = h given h, it must be difficult to calculate M = H-1(h) given M, it must be difficult to find M’ such that H(M) = H(M’) • Examples: • • • SNEFRU: hash of 128 or 256 bits; MD4/MD5: hash of 128 bits; SHA (Standard FIPS): hash of 160 bits. SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 11 Digital Signature • A calculates the hash of the message • A encrypts the hash using his private key: the encrypted hash is the digital signature. • A sends the signed message to B. • B calculates the hash of the message and verifies it with the one received by A and decyphered with A’s public key. • If the two hashes are equal, the message wasn’t modified and A cannot repudiate it. A’s keys A This is some Hash(A) message Digital Signature message Digital Signature B Hash(B) =? Hash(A) public This is some This is some message Digital Signature private SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 12 Digital Certificates • A’s digital signature is safe if: 1. 2. • A’s private key is not compromised B knows A’s public key How can B be sure that A’s public key is really A’s public key and not someone else’s? • • A third party guarantees the correspondence between public key and owner’s identity, by signing a document which contains the owner’s identity and his public key (Digital Certificate) Both A and B must trust this third party • Two models: • • X.509: hierarchical organization; PGP: “web of trust”. SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 13 PGP “web of trust” D B F C E A • F knows D and E, who knows A and C, who knows A and B. • F is reasonably sure that the key from A is really from A. SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 14 X.509 The “third party” is called Certification Authority (CA). • Issue certificates for users, programs and machines • Check the identity and the personal data of the requestor • Registration Authorities (RAs) do the actual validation • CA’s periodically publish a list of compromised certificates • Certificate Revocation Lists (CRL) • They contain all the revoked certificates yet to expire • Online Certificate Status Protocol (OCSP). • CA certificates are self-signed SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 15 X.509 Certificates • An X.509 Certificate contains: Structure of a X.509 certificate • owner’s public key; • identity of the owner; Subject:C=CH, O=CERN, OU=GRID, CN=Andrea Sciaba 8968 • info on the CA; Issuer: C=CH, O=CERN, OU=GRID, CN=CERN CA time of validity; Expiration date: Aug 26 08:08:14 2005 GMT • Public key Serial number: 625 (0x271) • Serial number; CA Digital signature • digital signature of the CA SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 16 Overview • Glossary • Encryption • • Symmetric algorithms Asymmetric algorithms: PKI • Certificates • • Digital Signatures X509 certificates • Grid Security • • • • Basic concepts Grid Security Infrastructure Proxy certificates Command line interfaces SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 17 GRID Security: the players Users • Large and dynamic population •Different accounts at different sites •Personal and confidential data •Heterogeneous privileges (roles) •Desire Single Sign-On “Groups” • “Group” data • Access Patterns • Membership Grid Sites • Heterogeneous Resources • Access Patterns • Local policies • Membership SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 18 The Risks • Launch attacks to other sites • Large distributed farms of machines • Illegal or inappropriate data distribution and access sensitive information • Massive distributed storage capacity • Disruption by exploiting security holes • Complex, heterogeneous and dynamic environment • Damage caused by viruses, worms etc. • Highly connected and novel infrastructure SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 19 The Grid Security Infrastructure (GSI) B A Based on X.509 PKI: A’s certificate • • • every user/host/service has an X.509 certificate; certificates are signed by trusted (by the local sites) CA’s; every Grid transaction is mutually authenticated: VERY IMPORTANT Verify CA signature Random phrase Private keys must be stored only: 1. A sends his certificate; Encrypt with A’ s private key in protected places 2. B verifies signature in A’s certificate; 3. B sends to A a challenge string; Encrypted phrase AND 4. A encrypts the challenge string with his 5. 6. 7. 8. private key; A sends encrypted challenge to B B uses A’s public key to decrypt the challenge. B compares the decrypted string with the original challenge If they match, B verified A’s identity and A can not repudiate it. Decrypt with A’ s public key in encrypted form Compare with original phrase SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 20 Certificate request … more details • Egee/LCG recognizes a given set of CAs • https://lcg-registrar.cern.ch/pki_certificates.html • How do you request a certificate depends on your CA • The certificate request is created together with the certificate private key (encrypted by a pass phrase) • For GILDA, have a look at the Demo Video: • • https://gilda.ct.infn.it/video/Certification/Allproxy.html (Flash) https://gilda.ct.infn.it/video/Certification/AllCertproxy.ram (Real) SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 21 Certificate Request User generates public/private key pair. CA confirms identity, signs certificate and sends back to user. Cert Request Public Key Cert ID Private Key encrypted on local disk User send public key to CA along with proof of identity. SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 22 Certificate Information • To get cert information run grid-cert-info [scampana@grid019:~]$ grid-cert-info -subject /C=CH/O=CERN/OU=GRID/CN=Simone Campana 7461 • Options for printing cert information -all -subject -issuer -startdate -enddate -help SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 23 X.509 Proxy Certificate • GSI extension to X.509 Identity Certificates • • • Enables single sign-on Support some important features • • • • signed by the normal end entity cert (or by another proxy). Delegation Mutual authentication Has a limited lifetime (minimized risk of “compromised credentials”) It is created by the grid-proxy-init command: % grid-proxy-init Enter PEM pass phrase: ****** • Options for grid-proxy-init: • • • -hours <lifetime of credential> -bits <length of key> -help SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 24 grid-proxy-init • User enters pass phrase, which is used to decrypt private key. • Private key is used to sign a proxy certificate with its own, new public/private key pair. • User’s private key not exposed after proxy has been signed User certificate file Pass Phrase Private Key (Encrypted) User Proxy certificate file • Proxy placed in /tmp, read-only by user • the private key of the Proxy is not encrypted: • stored in local file: must be readable only by the owner; • proxy lifetime is short (typically 12 h) to minimize security risks. • NOTE: No network traffic! SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 25 Proxy again … • grid-proxy-init ≡ “login to the Grid” • To “logout” you have to destroy your proxy: • grid-proxy-destroy • • • This does NOT destroy any proxies that were delegated from this proxy. You cannot revoke a remote proxy Usually create proxies with short lifetimes • To gather information about your proxy: • grid-proxy-info • Options for printing proxy information -subject -type -strength -issuer -timeleft -help SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 26 Delegation and limited proxy • Delegation = remote creation of a (second level) proxy credential • New key pair generated remotely on server • Clients signs proxy cert and returns it • Allows remote process to authenticate on behalf of the user • Remote process “impersonates” the user • The client can elect to delegate a “limited proxy” • Each service decides whether it will allow authentication with a limited proxy • Job manager service requires a full proxy • GridFTP server allows either full or limited proxy to be used SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 27 Long term proxy • Proxy has limited lifetime (default is 12 h) • Bad idea to have longer proxy • However, a grid task might need to use a proxy for a much longer time • Grid jobs in HEP Data Challenges on LCG last up to 2 days • myproxy server: • • Allows to create and store a long term proxy certificate: myproxy-init -s <host_name> -d -n • -s: <host_name> specifies the hostname of the myproxy server • -d: server to use the subject of the certificate as the default username • -n: avoids the use of a passphrase to access to the long-term proxy – so the WMS can perform the renewals automatically. • myproxy-get-delegation -s <host_name> • Get a new proxy from the MyProxy server • myproxy-destroy • A dedicated service on the RB can renews automatically the proxy • contacts the myproxy server SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 28 GSI environment variables • User certificate files: • • • • Host certificate files: • • • Certificate: X509_USER_CERT (default: $HOME/.globus/usercert.pem) Private key: X509_USER_KEY (default: $HOME/.globus/userkey.pem) Proxy: X509_USER_PROXY (default: /tmp/x509up_u<id>) Certificate: X509_USER_CERT Private key: X509_USER_KEY (default: /etc/grid-security/hostcert.pem) (default: /etc/grid-security/hostkey.pem) Trusted certification authority certificates: • X509_CERT_DIR (default: /etc/grid-security/certificates) SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 29 Further Information Grid • LCG Security: http://proj-lcg-security.web.cern.ch/proj-lcg-security/ • LCG Registration: http://lcg-registrar.cern.ch/ • Globus Security: http://www.globus.org/security/ Background • GGF Security: http://www.gridforum.org/security/ • GSS-API: http://www.faqs.org/faqs/kerberos-faq/general/section-84.html • GSS-API: http://docsun.cites.uiuc.edu/sun_docs/C/solaris_9/ SUNWdev/GSSAPIPG/toc.html • IETF PKIX charter: http://www.ietf.org/html.charters/pkix-charter.html • PKCS: http://www.rsasecurity.com/rsalabs/pkcs/index.html SEE-GRID tutorial, Istanbul, 09-10.12.2004 - 30
