Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Ask Slashdot: Open Hardware/Software-Based Security Token?

timothy posted about 6 months ago | from the you-could-use-postcards-scanned-by-an-arduino dept.

Security 113

Qbertino (265505) writes I've been musing about a security setup to allow my coworkers/users access to files from the outside. I want security to be a little safer than pure key- or password-based SSH access, and some super-expensive RSA Token setup is out of question. I've been wondering whether there are any feasible and working FOSS and open hardware-based security token generator projects out there. It'd be best with ready-made server-side scripts/daemons. Perhaps something Arduino or Raspberry Pi based? Has anybody tried something like this? What are your experiences? What do you use? How would you attempt an open hardware FOSS solution to this problem?

Sorry! There are no comments related to the filter you selected.

yubikey (3, Informative)

Anonymous Coward | about 6 months ago | (#47558705)

www.yubico.com ... not quite FOSS but its your ticket....

Re: yubikey (0)

Anonymous Coward | about 6 months ago | (#47562411)

1up for yubikey. Works like a charm.

Re:yubikey (0)

Anonymous Coward | about 6 months ago | (#47562967)

With the Yubikey NEO you can enable the CCID mode and load your own JavaCard applets.

Yubikey has applet source on github. Build and install them yourself.

Sure the smart card OS isn't open source, but are there any FOSS card OSes?

use SMS (3, Informative)

rMortyH (40227) | about 6 months ago | (#47558707)

You can set up 2nd factor using SMS pretty easily, and have it text you a second password that's good for five minutes.
Definitely the cheapest option.

If you make your own token with an arduino and an LCD and a real time clock and a battery you've already paid for the RSA tokens.


Re:use SMS (0)

Anonymous Coward | about 6 months ago | (#47558835)

I hope you are not employed to protect something important.

SMS has been proven to be highly insecure.

With cheap equipment, criminals can pretend to be your phone and let the SMS appear on their own equipment, without you knowing about it.

Re:use SMS (2)

FuegoFuerte (247200) | about 6 months ago | (#47558989)

The point of 2-factor auth is someone (like a criminal) can have one factor in their possession without it being any good. So with the SMS just being a form of "what you have" (it goes to your cell phone, and in theory only yours, and is time-limited to prevent re-use), an outside attacker would still have to gain the "what you know" or "what you are" factor (either your password/passcode or biometrics of some sort).

True, I wouldn't use SMS for highly classified document protection, but for most things SMS is just fine as a second factor.

Re:use SMS (0)

Anonymous Coward | about 6 months ago | (#47560141)

The GP's point is that the phone isn't guaranteed to be unique, as a malicious party could clone the phone, thus bypassing the "something you have" requirement as they don't "have your phone" but they can authenticate as if they did.

Though I think variations of that problem will come up in any solution created within the constraints of the article (any system based on open hardware can be spoofed rendering it a second "something you know" factor not a "something you have" factor, at which point you may as well use a strong password instead.

Re:use SMS (0)

Anonymous Coward | about 6 months ago | (#47561317)

Why cloning if you can hack it ?

Re:use SMS (0)

Anonymous Coward | about 6 months ago | (#47561507)

Ugh, you people are so stupid... neither of you work in the wireless industry.

1) SMS can be intercepted, hacked, etc : false. White it's certainly possible for someone working at the wireless company to send fake SMS messages directly from the MSC, they can't see them, and if they can't see them, neither can a malicious entity. The only way you see a SMS message in transit is if you are participating in a MITM attack against the device, in which you would be emulating the wireless carrier at the time of the message's transmission. If a one-time key is sent, you still need the target's account and password, which would not be intercepted if they were on their mobile device or a WiFi device on account of the SSL is a layer on top of the GPRS layer. You'd need to force the device to send it unencrypted, but that should rouse suspicion when the SSL images on a site don't work.

2) A RSA key or any other entrophy device is less secure than SMS, because the device often is just on a keyring on your target, so if you're shoulder surfing the target, you can just as easily swipe it. The SMS is only insecure by nature of smartphones showing the contents of the message on the home screen without unlocking it, effectively being the same.

In response to the OP's original question. No, you're barking up the wrong tree.

The main problem with authentication tokens is that you can lose them. You don't want to make it harder to recover.

What you should instead do is switch to a smartcard itself, smartcards are their own microcontrollers, complete with cpu and ram, not a USB stick that emulates one, but an actual smartcard. When you set it up, create three cards, one to use every day, and one to use under duress. Keep one card and the duress card in your wallet or whatever. If the cards are ever stolen, there is a 50% chance, not a 100% chance of the thief getting access, but if it's two-factor (and the card is simply the "something you have" bit) using both cards in a set timespan could set a self-destruct tripwire code if not disarmed.

But this is just thinking outside the box complexity. The average person has nothing of value. "hackers" mainly want access to financial records, and you're a moron if you are saving your passwords to such sites on any device. Everything else (eg MMORPG accounts, forum accounts, etc) is generally of low value. DHS/CSIS/GCHQ/etc aren't going to go through you to spy on you if they have to, they are going to subpoena the service you use, and get them to volunteer it over. So once again, encrypt things if you're paranoid.

The main thing to consider is that humans make mistakes, and losing hardware tokens, are worse than losing keys to a safe. At least you can break into a safe that you own, but a computer that own is encrypted, or will self-destruct if the wrong token is entered is high level paranoia. Can you afford that data to be destroyed by you or someone trying to get it? If yes, go nuts. If not, then you need to consider where you want to keep a unencrypted copy, or at least a decryptable copy that isn't immediately obvious. Like for me, if I was paranoid, I'd probably encrypt the computer, but keep an external drive in my parents garage with a sticky note puzzle that I'd get.

Re:use SMS (1)

GrpA (691294) | about 6 months ago | (#47563267)

Ugh, you people are so stupid... neither of you work in the wireless industry.

1) SMS can be intercepted, hacked, etc : false. White it's certainly possible for someone working at the wireless company to send fake SMS messages directly from the MSC, they can't see them, and if they can't see them, neither can a malicious entity. The only way you see a SMS message in transit is if you are participating in a MITM attack against the device, in which you would be emulating the wireless carrier at the time of the message's transmission.

Ever heard of "Malicious Number Porting"? Who needs to intercept SMS when your telco will do it for you?

SMS provides poor security...


Re:use SMS (1)

sjames (1099) | about 6 months ago | (#47561477)

It's not absolutely safe (is anything), but it meets the criterion of being a little safer than password/key alone.

Re:use SMS (1)

Jane Q. Public (1010737) | about 6 months ago | (#47559151)

I wouldn't say it's the "cheapest" option. If you want to go strictly software, you can use something like BitTorent Sync.

Before anybody jumps on me: I wrote "something like". No, it's not open source. But using iCloud or Azure are proprietary solutions too!

I don't "trust" BitTorrent Sync's security. But odds are it's fine for this kind of use. You can also control access to files by simply putting them in different folders, and giving different people access to them, or give out temporary authorization codes.

So don't misunderstand: I would not endorse its security unless BitTorrent agreed to an open security audit. But it's also a "free" solution. And it's available for Windows, Mac, Android, and iOS. I think Linux too but I don't remember for sure.

Re: use SMS (1)

corychristison (951993) | about 6 months ago | (#47559231)

I use BtSync for syncing a collection of files between my desktop, laptop, and mobile phone. It only syncs on my own network (because that's what I want -- I have ssh if I need into my files remotely).

In terms of general usefulness, it certainly works well. The security in terms of public facing networks appears to be decent. I don't know.

I've heard of people using it with a remote instance of ownCloud to provide a simple iCloud-like solution.

Re: use SMS (1)

Bradmont (513167) | about 6 months ago | (#47561109)

If you want an open source "something like btsync," check out Syncthing.

Re:use SMS (1)

jon3k (691256) | about 6 months ago | (#47559261)

Can you suggest a particular piece of software that you've had luck with? I'd be interested in this.

Yubikey is the way to go... (5, Informative)

bubulubugoth (896803) | about 6 months ago | (#47558711)

Yubikey is a USB OTP generator, it can be integrated quite easily and it has ssh and a little fast dig up I found this link about yubikey and openvpn..

http://www.yubico.com/applicat... [yubico.com]
http://forum.yubico.com/viewto... [yubico.com]

Re:Yubikey is the way to go... (0)

Anonymous Coward | about 6 months ago | (#47559265)

But he wants a free and open source software (FOSS) solution with open hardware.

Re:Yubikey is the way to go... (0)

Anonymous Coward | about 6 months ago | (#47559465)

Yubico provides full open source software libraries on their website and the specs for the hardware are fairly open as well (its a rather simple device). I've never had a desire to build my own hardware key, but I have used the open source python library for authentication/key generation purposes that were compatible with the platform.

Re:Yubikey is the way to go... (0)

Anonymous Coward | about 6 months ago | (#47561331)

To me the yubi-stuff sounds like an intransparent piece of commercialware. Security rests on the baindead decisions of some MBA muppet.

So, dont use.

Re:Yubikey is the way to go... (1)

SuperBanana (662181) | about 6 months ago | (#47563873)

The submitter asked:

"I've been wondering whether there are any feasible and working FOSS and open hardware-based security token generator projects out there"

Is Yubikey open source software and hardware? Because it appears to be neither.

RSA was in the NSA's back pocket. Why wouldn't these people? How can their hardware or software be audited?

OATH (4, Informative)

Roadmaster (96317) | about 6 months ago | (#47558723)

My organization uses 2FA with a standard that's compatible with Google Authenticator and a Yubikey (OATH: http://en.wikipedia.org/wiki/I... [wikipedia.org] and http://www.nongnu.org/oath-too... [nongnu.org] ). People with smartphones could use Google Authenticator to obtain auth tokens; an inexpensive ($25 per person) yubikey provides a very easy way to enter tokens without much hassle; and the open-source oathtool can generate tokens for other uses (i.e. add a "paper" authentication device with a long list of sequential tokens).

Re:OATH (2)

mlts (1038732) | about 6 months ago | (#47559211)

I'm using OATH/TKIP as well for my remote access as a backup if I can't SSH in via my private RSA key:

1: It is brain-deadly easy to implement. I use CentOS, so I can fetch the Google Authenticator code from EPEL.

2: Many different OTP apps out there. There is Google's. Amazon has one for AWS. There are a number of third party ones. All are interchangeable. At a desktop computer, I just plug the Yubikey in a USB slot, mash the button when the password is asked. Done.

3: The protocol is decently secure. Good enough for 2FA for Amazon AWS and Google's offerings.

Since the protocol is open, the hardware is inexpensive, and it is easy to implement, I'd go with this. Only exception is if someone needs it to work with AD... I'd probably say that SecurID is easier to get running... but a lot more expensive to buy seeds or physical authentication devices.

Re:OATH (1)

DavidRawling (864446) | about 6 months ago | (#47563669)

Actually, combine the Yubikey with AuthLite, and you have 2FA for Windows AD environments. I just implemented for a customer; they use the OTP for the username and the normal password for the password. This has two benefits: first, you don't hit the arbitrary 48 character password length limit for things like VPNs (yeah - you can have a 128 character UTF16 password, just don't try to connect remotely) and secondly, there's no customisation of apps required. It Just Works.

Re:OATH (0)

Anonymous Coward | about 6 months ago | (#47559301)

Google Authenticator is TOTP-only, which is time-based and would not seem to work with paper tokens.

Each device would have to be paired separately, and the paper counts as a device. Also the devices are not all using the same variant of the standard.

It sounds like good advice, just that you make it sound a little simpler than it is.

Re:OATH (0)

Anonymous Coward | about 6 months ago | (#47561333)

OATH (and Google Authenticator) also does HOTP (counter based), which works fine if you need to print out a list of tokens.

OATH (0)

Anonymous Coward | about 6 months ago | (#47560049)

I agree with OATH. Google authenticator is great. You can get the code to set up two factor on linux server using PAM by going to https://code.google.com/p/google-authenticator/. I was able to use it to get my SSH server with two factor time based authentication, and I finally feel secure having an SSH server on my home box.

Yubikey (0)

Anonymous Coward | about 6 months ago | (#47558739)

I had some good experience with the reasonable cheap Yubikey a few years ago. Though not a token that is usable without a computer, as it works as a usb key. Its not open hardware as far as i know.

Move your keys off your hardware (1)

djsmiley (752149) | about 6 months ago | (#47558749)

SSH keys on read only SD Card?

Re:Move your keys off your hardware (1)

jon3k (691256) | about 6 months ago | (#47559279)

But if it's readable how does this help anything? It can be read by malware and reused, right?

Re:Move your keys off your hardware (1)

iluvcapra (782887) | about 6 months ago | (#47559663)

The certs on the card would be the thing you have, the passkey to decrypt the certs on the card would be the thing you know.

Re:Move your keys off your hardware (0)

Anonymous Coward | about 6 months ago | (#47559297)

For added security the card should be write only. It's the only way to be sure!

Re: Move your keys off your hardware (0)

Anonymous Coward | about 6 months ago | (#47563681)

I like this.

Use smartphone as h/w platform (0)

Anonymous Coward | about 6 months ago | (#47558777)

Assuming most of your user-base has some sort of smartphone I'd look at using that to save trying to manage a slew of custom hardware. I don't know if you could register the phone's ID (if there is such a thing - what do I know?) and implement a simple challenge-response.

Re:Use smartphone as h/w platform (0)

Anonymous Coward | about 6 months ago | (#47561335)

Yeah, why build an Arduino+LCD+keyboard+software device if you can use an easily hackable "smart" phone for your security needs ?

Waiting for (1)

djupedal (584558) | about 6 months ago | (#47558791)

A self-selling token...

Google Authenticator for software tokens (4, Informative)

heypete (60671) | about 6 months ago | (#47558795)

For software tokens, Google Authenticator has apps for Android, iOS, and BlackBerry. They implement the TOTP standard, so any compatible code-generating software (such as the J2ME app I have on my non-smartphone) will work with it.

They also have a PAM module [google.com] that works with SSH (or anything else that uses PAM). I've used it before, and it works great.

For reference, neither the apps nor the PAM module depend in any way on Google services, they don't send any data to Google, and will work perfectly happily in a totally offline environment (assuming all the servers and client apps have synchronized clocks).

Re:Google Authenticator for software tokens (0)

kwerle (39371) | about 6 months ago | (#47558925)


Re:Google Authenticator for software tokens (1)

AnAirMagic (989649) | about 6 months ago | (#47559581)

I have found FreeOTP [google.com] much better than Google Authenticator.

Re:Google Authenticator for software tokens (1)

cant_get_a_good_nick (172131) | about 6 months ago | (#47559625)

Why so? Not doubting you, just wondering your reasoning...

Re:Google Authenticator for software tokens (1)

obarel (670863) | about 6 months ago | (#47560261)

Funny how the link is a Google link. Even when you try to avoid Google, you still have to do it through Google.

Re:Google Authenticator for software tokens (0)

Anonymous Coward | about 6 months ago | (#47561349)

I hope you have destroyed the GSM modem on that J2ME phone. Otherwise it can AND WILL be hacked if you have anything sensitive to protect. Did you check that GSM stack for buffer overflows ?

Yubikeys (1)

jmintha (56956) | about 6 months ago | (#47558865)

A secnod for Yubikeys. We love them. You can load your own key onto them so there is no worries when a third party (like RSA) gets hacked. There are open souce tools to configure them and run authentication servers. Integrated with PAM, and can be used with radius servers. And they are about $25 each, with no expiry date.

Google Authenticator (1)

bradgoodman (964302) | about 6 months ago | (#47558881)

Google Authenticator is an open source, RSA-soft-token-like system for two-factor authentication. Free applications exist for iPhone, Android, etc to act as your "key fob", and free, open-source PAM and Apache plug-in modules exist to allow you to require the tokens for SSH or web login.

I'd include links - but there are a lot of them depending on what you want (Linux, PAM, Apache, Andoird, iOS, etc) - So, "Just Google it!"

OTP is where it's at. (1)

tinytim (25110) | about 6 months ago | (#47558939)

FreeOTP and/or Google Authenticator may be exactly what you want from the client side.

I made a server-side implemention to get started with a little while ago:

https://github.com/adsllc/PHPO... [github.com]

Me too (1)

ledow (319597) | about 6 months ago | (#47558959)

I'd like something like this for a mixed Windows/Mac/Linux network but the costs are just prohibitive.

Yubikeys are $25 each for the hardware, and $45 PER USER. That's just ridiculous when you scale up, and there's an awful lot of manually faffing about to get to the point that it works.

To be honest, in my scenario (primary/secondary schools), I'm not looking for 2-factor as much as "I don't have to remember my password" login. If someone has the key, they have access (but only to another pupils account, which is nothing), and leave 2-factor as only a consideration for the staff (so then you could buy Yubi just for the staff, etc.). But anything software-licensed per-user is just ludicrously expensive when you start adding it up, on top of the "per-user" device costs to start with.

To be honest, I'd pay £10 each for a set of USB tokens that - when you press the button - just types in a username/password for you. Yubikey doesn't solve that problem on Windows, it just makes existing logins much more complicated (and, as pointed out in their manuals, when you get into mobile access they are useless anyway).

If someone could come up with a £10 USB keyboard-emulating device that types in a given string (I can code it so it presses tab / Return in all the right places, etc.), I'd probably buy it.

But on Windows, Yubikey is just too expensive for the software. I can't believe, given how little it does and how "third-party" it still feels after you've installed, that it costs that much to develop the Windows side of the software.

Re:Me too (0)

Anonymous Coward | about 6 months ago | (#47559043)

If someone has the key, they have access (but only to another pupils account, which is nothing)

Right up until some kid gets expelled or charged with a crime for something they didn't do.

And then it's a whole lot more than nothing.

Your indifference demonstrates your incompetence.

Re:Me too (1)

ledow (319597) | about 6 months ago | (#47559443)

1) You've confused American "schools" with British schools, where the pupils are children. I specifically mention primary and secondary - primary is up to age 10/11.

2) We still have tracing of what was accessed, it's still against school rules to allow someone access to your account. Their actions aren't your responsibility but may have been your fault.

3) Any "school" that expels a kid for losing their key and another kid doing stuff on their account, won't be a school over here for long.

4) No school will charge for a crime in such circumstances, unless a crime was committed, and then you have the "reasonable doubt" defence and legal requirements of proof.

If you think for a second that a teenager losing their access card is any different to them leaving the machine logged on for the microsecond it takes one of their "mates" to reach over and do something on their account, you're an idiot.

P.S. Been running IT in UK schools - state and private - for fifteen years, no complaints yet, and massive shortage of time to work for all the school who want me.

Re:Me too (2)

heypete (60671) | about 6 months ago | (#47559101)

I'd like something like this for a mixed Windows/Mac/Linux network but the costs are just prohibitive.

Yubikeys are $25 each for the hardware, and $45 PER USER. That's just ridiculous when you scale up, and there's an awful lot of manually faffing about to get to the point that it works.

Wait, what? Where do you get the $45 per user cost? I don't see that anywhere on their website.

The "YubiCloud" (where Yubico hosts the authenticator servers) has two modes: free and premium. The free service is open to everyone, even commercial users. The premium service offers an SLA and monthly usage statistics, and costs $3/YubiKey/year (1000-unit minimum).

You can also host your own local YubiKey authentication servers and keep things entirely in-house. Yubico has reference implementations for free on their site.

Re:Me too (0)

Anonymous Coward | about 6 months ago | (#47559371)

It sounds expensive, but compared to what RSA/EMC charges for their SecurID tokens, it isn't too much. There are other places (VASCO) that sell one time password keyfobs and might be cheaper, so might look at those as a Yubikey alternative.

I like the Yubikey in some environments, especially with students or kids, as one kid can't look at another kid's fob and get logged in [1].

[1]: I worked in college IT, and having the FBI or Secret service investigate something criminal coming from an account,only to find that the student's account was compromised, isn't that uncommon. There are many students who think it is quite funny to erase someone's papers or modify someone's code before a major project is due. In fact, some college prep courses teach this as "every competitor sabotaged means one less person taking your 'A' in a class."

You can create a token but keep it off nets (0)

Anonymous Coward | about 6 months ago | (#47559019)

You can create a token with anything that will be able to hold a key, increment a counter, encrypt it at each increment, and display results.
However, if you putthis on a network (e.g., by making a cellphone application of it), it is vulnerable to malware on the device. Keep
it electrically isolated (and disallow anything that'll read out the key once it is set up) and it can be safe. (You have to track
the output to deduce internal counter state, so authenticator must know the unique key in each token.)

The problem with software tokens is that anything that can read their memory can in principle figure out all about it and
forge results.

Note each token must have a unique key (and it better not be possible to deduce the key on any token from its
token number, nor from the key(s) on any other token(s).

For fans of software scheme: you must tell how your soft tokens resist attack by malware.

Remember that to get pay-tv signals, folks were willing and able to design special ICs. Do not underestimate
the energy, resources, or cleverness of attackers.

Re:You can create a token but keep it off nets (3, Insightful)

TheCarp (96830) | about 6 months ago | (#47559083)

> For fans of software scheme: you must tell how your soft tokens resist attack by malware.

A solution doesn't have to be a panacea for all attacks. A soft token could be on your phone, assuming you do not also use the phone to directly access the service, that is pretty decent protection. I would consider needing to also find and gain access to your phone, in addition to whatever access they may otherwise be able to get, as a pretty decent addition to the resistence.

> Remember that to get pay-tv signals, folks were willing and able to design special ICs.

Remember that people were willing to pay for those ICs to decode signals they already otherwise had access to, meaning there was a rather large potential market for those ICs before they were produced, especially since it is decently hard to justify how you are doing anything wrong by simply recieving and manipulating a signal...you aren't even stealing a service, you are just, not using their descrabling service, just providing your own instead; for a signal you could already recieve.....

Re:You can create a token but keep it off nets (0)

Anonymous Coward | about 6 months ago | (#47559365)

> For fans of software scheme: you must tell how your soft tokens resist attack by malware.

A solution doesn't have to be a panacea for all attacks. A soft token could be on your phone,

Phones are less secure than good laptops, like Chromebooks or app-whitelisted Windows laptops. They're lost more often. They're often personal devices so app whitelisting isn't a policy option, and you can't reasonably forbid employees from sharing them with family. Phones are a terrible place to implement 2SV. Even an app running on the laptop would be better. There is such a fetish around phones people are not making reasonable security decisions.

In this environment it almost seems crazy to point out, but the ssh-compatible smartcards that store ssh private keys such that they never leave the card are not phishable, while all these other 2SV schemes based on a code of some digits are phishable.

Re:You can create a token but keep it off nets (4, Interesting)

TheCarp (96830) | about 6 months ago | (#47560321)

All true and yet, I don't see how any of that matters. The point of using the phone is it is something you have, and its not tied to the device you are connecting with. Yes, you may lose the phone more often, BUT...that just means you replace the phone and reload the software with a new key....BFD.

Stealing your phone doesn't reveal what systems you would connect to. Getting access to your laptop, doesn't provide the authentication token. Its about using two factors that are not tied to eachother in a way that a remote attacker can discern that improves the security of such a system.

which is why I strongly disagree that an app on the laptop is better.... because an app on the laptop is on the laptop, one device which connects to it all. Or another way to think of it...where is the safest place for the key to your safe.... in an unmarked envelope in your house....or in an unmarked envelope at your friend's house?

Even if your friend's house is less secure than your own, its still the better place because.... there is no way for the attacker to make the association needed to find it....even if it is your friend's house that he robs, even if he finds the key there!

Sure its not protection from specific kinds of attackers, but, if your security measures need to stand up to NSA levels of scrutiny, I have no problem declaring your requirements out of scope for this level of discussion, and far beyond most people who could benefit from simple tokens.

Re: You can create a token but keep it off nets (0)

Anonymous Coward | about 6 months ago | (#47563757)

Google authenticator stores the codes and account data for each 2FA site on the phone' s data directory in a sqlite DB. I have personally extracted that DB from my phone using androids ADB shell into a Linux account. I have used sqlite tools to view the contents of the DB. It is in clear text. I have used ADB to place that sqlite DB into another phone. .. and instantly had all the same 2FA sites working just fine.

So lending your phone to someone else when it has a software based 2FA key gen on it will indeed compromise those .

Re:You can create a token but keep it off nets (2)

Miamicanes (730264) | about 6 months ago | (#47559449)

Strictly speaking, a USB (or bluetooth, or whaver) device has the potential to be MORE secure... IF it meets the following criteria:

* Negotiates directly with the remote service requesting authentication credentials, and has robust logic to detect MITM situations. For the purposes of this example, the local operating system is merely a bucket-brigade dumb transport layer that facilitates the delivery of packets between the token and remote login service.

* Has its own onboard hardkeys under the exclusive control of the token, with some degree of logic to verify that the user is deliberately consenting to the login attempt... preferably, enough to implement some kind of secondary authentication. I'm totally not a fan of biometrics, but if there's anyplace where a fingerprint sensor might be appropriate as the equivalent of a residential keyed non-deadbolt lock that says 'no' to casual attackers, without even pretending it could survive a full-on attack from someone willing to do something drastic (like break the door down), it's probably HERE.

* Has its own display, under the exclusive control of the token, and logic to display an appropriate level of concern to alert the user to unusual situations. For example, being asked to authenticate to ${some-specific-server} for ${limited-purpose} might merit full-on warnings the first time you authenticate, but require little more than a finger swipe or button press for subsequent uses that don't exceed some user-defined threshold.

Unfortunately, I've never even SEEN a hardware token available to non-enterprise customers even REMOTELY in the same ballpark as the feature set I've listed. Manufacturers just can't resist the temptation to eliminate the cost of an expensive dedicated display, or multiple hardkeys, or some comparable dedicated input and output hardware that's sealed, self-contained, and has no dependencies upon the security of anything beyond the token itself. It also assumes at least minimally-savvy users who'll take the time to at least read the first-time/threshold-exceeded warnings, and won't just blindly swat them away without independently contemplating their possible implications.

Ideally, the token would also have some additional security layer that causes it to be disabled permanently if the person with whom it's associated ceases to be alive (to ensure that a robber couldn't force you to tell him your access code at gunpoint, then shoot you anyway. If he knows that his free fountain of money shuts down the moment you die, he'll have more incentive to employ heroic means to keep you alive even if he's the reason you're in danger of death to begin with.

Finally, you'll want to have the token itself be a delegate of some master token, with a reissue procedure for replacing it with a new token that has multiple layers of identity-authorization, since there's always a very real risk of loss. It's little comfort knowing a thief can't get at your money if, from your perspective, it's as gone as if it were in a concrete vault at some unknown spot on the floor of the Pacific Ocean.

Re:You can create a token but keep it off nets (1)

mlts (1038732) | about 6 months ago | (#47559631)

I'm reminded of the IBM ZTIC. Great device, because it only used the computer as a means of getting power and a means of getting data from the device, via the USB port, over the network, to the bank, via a secured channel (encrypted from the device itself, so a malware-laden computer could only deny access, not tamper with packets.) When doing a bank transaction, the ZTIC would show on its screen the transaction and one would confirm/deny it on the device.

However, in the real world, I read complaints about the USB driver, and the fact that it only worked under Windows.

Since 3G chips are so cheap, I wonder about a device that is pretty much the same as a ZTIC, except uses its own low bandwidth cellular connection to contact the bank and be used as a second confirm/deny channel.

For general computer use, this device could function as a 2FA token, but when someone did an action like change a password or attempt to view/modify some critical records, the device would prompt for confirmation.

As for biometrics, I wouldn't trust them completely. A fingerprint scanner similar to the one on the iPhone 5S might be "good enough", but definitely have the ability to enter a PIN if needed.

Re:You can create a token but keep it off nets (0)

Anonymous Coward | about 6 months ago | (#47560947)

Much easier than that. The Chinese will determine the relevant phone numbers, hack the phones and have the required crypto information. At least that is what they did to RSA "Security" and their super-hilarious OTP generator dongle, which depended on a SINGLE, network-connected server for their security. All the millions of them !

Your advice is very bad.

Re:You can create a token but keep it off nets (0)

Anonymous Coward | about 6 months ago | (#47562459)

You're forgetting a very important detail -- China's leaders (government, business, and various permutations of the two) have personal investments in American companies that exceed the net worth of all but maybe the 100 wealthiest people in America. They aren't going to do ANYTHING that might endanger those investments.

Is "China" a threat to "the US"? Of course it is... but it's mostly because China's leaders know American history better than 99% of our own leaders, and they're following our recipe for power & prosperity almost chapter & verse. Frankly, the make-believe pious outrage of our government is a fucking *embarrassment* every time we make a big stink about China doing something that we've done to *them* a hundred times *worse*.

Food for thought: have you ever wondered why the telephone was "invented" in the US (by a Canadian), and electric lighting & commercial power as we know it was "invented" in the US (by a patent troll Edison and a Serbian supra-genius)... and NOT in Britain -- arguably, the most advanced nation on earth at the time, and probably the mightiest empire the world has ever known? Simple. IP law.

If Bell had tried to build the first commercial telephone exchange in Toronto or London, he would have been INSTANTLY sued into oblivion by the telegraph industry, and shut down for infringement by one or more powerful industrial conglomerates. In 19th-century Britain, it was nearly fucking IMPOSSIBLE for a "disruptive entrepreneur" to introduce some market-shifting technology.

Ditto, for electric lights. In America, we grew up with the myth that electric lights spontaneously came into existence through the grace of god and (alleged) noble effort of one of the worst patent trolls in American history -- Thomas Edison. The fact that British hackers were blowing glass bulbs and making homebrew battery-powered electric lights for DECADES almost as far back as the 1700s never gets noticed.

In both cases, American cities had commercial electric lights and telephones before British cities for exactly one reason: like China's IP law today, 19th-century American IP law was practically the wild, wild west compared to the crushing feudalism of European IP law. And like the US politely telling the British Empire to fuck off every time it complained about Andrew Carnegie infringing upon the patents of British steel magnates (who, if the decision were theirs to make, would have refused to even ALLOW American railroads to buy the steel needed to build mile-long bridges over the Mississippi River or build skyscrapers in Chicago).

Re:You can create a token but keep it off nets (1)

mlts (1038732) | about 6 months ago | (#47559497)

There is "secure enough". A token on a smartphone is vulnerable to unknown backdoors... but for almost anything but some high profile target, it will do the job decently well.

I have an older HTC phone (HTC One X Plus) running CM whose job it is to act as a backup token. Since it has no SIM card, and the Wi-Fi antenna isn't on, it is good enough. Physically, it uses dm-crypt and encrypts the /data partition using a long passphrase that is separate from the screen lock password. I don't think access to my stuff will get someone wanting to make an ASIC mask, so for my stuff, this is good enough.

If I were worried, I'd probably go with a vendor and a hardware, tamper-resistant key fob, such as what Amazon, PayPal, or Amazon ship. Still not 100%, but good enough.

Re:You can create a token but keep it off nets (0)

Anonymous Coward | about 6 months ago | (#47561307)

Given that Chinese intelligence is interested in ANYTHING in corporate America and Europe, your advice is not good. They use it to jumpstart their industry and their military.

Look at their latest fighter. A nice copy of the F-22. Also check their SAMs. They might be nice copies of both Patriot and SM-3. Both of which they got access to by hacking.

Re:You can create a token but keep it off nets (0)

Anonymous Coward | about 6 months ago | (#47561629)

Please give some advice about dealing with the Chinese, Chicken Little stuff isn't a solution in any way, shape or form. If 2FA with devices isn't workable, then what is your solution?

I'll probably go with the grandparent parent poster stated... SSH RSA keys for connections, and for Web stuff, the best way are client certs... but some fallback is needed.

What might be doable for Web pages is to have the page spit out a nonce (the time of day as precise as possible and a random value.) Then you sign both those items with your key, paste it in a field and hit "submit".

Of course, going back to OPIE or S/Key is an option, but even BSD hasn't supported S/Key since the 90s.

Re:You can create a token but keep it off nets (0)

Anonymous Coward | about 6 months ago | (#47562499)

They use it to jumpstart their industry and their military.

Newsflash: it was jumpstarted 20+ years ago. They're doing it TODAY so they can secretly take advantage of its non-public secrets and make profitable investments based on it that would get an American making the same investment based upon the same non-public data sent to prison for insider trading.

Smart cards work (2)

dremspider (562073) | about 6 months ago | (#47559037)

I have had a smart card setup for a little while. I use it for both OpenVPN and SSH access. I created the card by making my own CA and then using OpenSC to write to the card itself. There are some other cool things you can do like us it for PGP signing. I got a whole kit for about $100 bucks that came with a reader/writer, 2 cards and one USB thing. https://www.opensc-project.org... [opensc-project.org]

Re:Smart cards work (1)

Kjetil Nygård (2954215) | about 6 months ago | (#47559811)

I am using ePass2003 and cryptoStick. They work ok, but they are a bit slow.

When I run: time ssh localhost true

It takes 1 second with with ePass2003 or cryptoStick. But with a key on disk (and ssh-agent), it takes I wonder if anyone know of a faster USB-token.

Re:Smart cards work (0)

Anonymous Coward | about 6 months ago | (#47560255)

I use it with a couple of opengpg cards:
gpg-agent is used as agent for ssh and offcourse gpg

What do you really want to accomplish? (1)

pla (258480) | about 6 months ago | (#47559047)

If you only want a semipublic file share, just stand up a free AWS Linux instance and lock it down to SSH/SFTP. You get a few GB of free cloud storage (I don't actually know the limit, but I have 8 online now and have never paid a dime), and can sleep well knowing that a breach just means standing up a new instance rather than the end of your career.

You only really need to let people get onto your corporate network if you want to set up "real" remote access such as VPN or, as you mention, one of those crazy-expensive RSA Citrix gateways. And no offense, but the very fact that you have asked Slashdot how to do this on the cheap suggests that you really shouldn't do it at all (aside from my "safe" suggestion above).

Re:What do you really want to accomplish? (0)

Anonymous Coward | about 6 months ago | (#47560859)

Oh really ? You suggest some commercialware solution from that company "RSA" ? The guys who sold Lockheed secrets to China ?

Re:What do you really want to accomplish? (0)

Anonymous Coward | about 6 months ago | (#47561377)

Yeah, not so much. Try and have all the real facts, mmmmkay?

Tiqr - QR-based for use with smart phones (0)

Anonymous Coward | about 6 months ago | (#47559049)

See tiqr.org

It has apps for all major platforms, and is open source.

OPIE may be what you want. (2)

jcochran (309950) | about 6 months ago | (#47559113)

It's not a two factor authentication, it's actually a means of generating one time passwords. In a nutshell, you can have a local device calculate the password based upon a challenge sent from the system you wish to log onto, or you can preprint a list of passwords that you can use to log onto the system.
See http://en.wikipedia.org/wiki/O... [wikipedia.org] for a general description of the method. You ought to be able to find out more using that page as a starting point.

I use OPIE (1)

Kludge (13653) | about 6 months ago | (#47559905)

I print out a list of 100 passwords, fold it up, and keep it in my wallet. Each time I use one, I cross it out. It is small, flat, easy to carry, and always with me.
Just don't let your users write the name of the server and their username on it. :)

Thanks ! (0)

Anonymous Coward | about 6 months ago | (#47560897)

This is exactly the proper approach. Much more secure than much more expensive snake oil security "solutions". Including from that corrupt three-letter company and those based on some ridiculously insecure smart phones.

OpenOTP (0)

Anonymous Coward | about 6 months ago | (#47559169)

How about OpenOTP: http://www.rcdevs.com/products/openotp/

FreeOTP (mobile app) and Gemalto tokens (0)

Anonymous Coward | about 6 months ago | (#47559199)

FreeOTP is a open mobile app that works just like Google Authenticator. For hardware, check out the Gemalto tokens. I don't know about the "open"ness of the tokens, however.

Mobile OTP (1)

What'sInAName (115383) | about 6 months ago | (#47559257)

I'm surprised no one has mentioned Mobile-OTP (http://motp.sourceforge.net/). Perhaps it's a bit older, but it's absolutely free assuming your users have a mobile phone. (It doesn't even necessarily have to be a smart phone). We use this to secure our SSH gateways and it's not bad to set up -- it uses PAM.

SQRL (1)

ramriot (1354111) | about 6 months ago | (#47559313)

See:- https://www.grc.com/sqrl/sqrl.... [grc.com]

Using a smartphone as your token, and if that is not secure enough for you, I am for my sins presently building an HSM that will interface over NFC with the smartphone to keep all the cryptography parts and master key outside of the potentially vulnerable computing platform. Further I promise as do many of us working on this project to make everything we can public domain or at the least open licensed.

Before making comment on this please do read and digest all the reference material, TL;DR; does not cut it in crypto.

OpenOTP (0)

Anonymous Coward | about 6 months ago | (#47559429)

How about OpenOTP:

Nobody wants your "files" (-1)

Anonymous Coward | about 6 months ago | (#47559457)

The fact that the question includes the words "Arduino or Raspberry Pi based" tells me you're an idiot. Use Dropbox. Nobody wants your "files" anyway.

SmartCard tokens? (0)

Anonymous Coward | about 6 months ago | (#47559463)

Before retiring I helped implement a system using X.509/PKS11 and PKCS15. Tokens are available from several sources and require no special software on the server side for ssh access. Standard OpenSSH also supports PKCS11 in the client. We used OpenSC and OpenCt to integrate the cards into Linux and FreeBSD. We could have done the same on Mac an Windows, but chose commercial software instead.

Advantages include no central database, standards based, open source support available. Works with unmodified SSH. IIRC, the USD tokens we used were about $30 each.

Also, I am not an AC. I am Kevmeister, but when I try to post, slashdot decides I am not logged in for some reason.

passwindow (0)

Anonymous Coward | about 6 months ago | (#47559513)

Not gpl / freeware but worth a look.

Authy (1)

decsnake (6658) | about 6 months ago | (#47559579)

https://www.authy.com/ [authy.com]

Its the easy button for 2FA

Smartphone (or feature phone) (0)

Anonymous Coward | about 6 months ago | (#47559665)

Using anything other that the mobile phones people already ha e is idiocy. Check out smspasscode or get CM telecom's security app to distribute codes via push messaging and SMS for you.

Re:Smartphone (or feature phone) (1)

grahamsz (150076) | about 6 months ago | (#47560377)

I'm inclined to agree. People rarely forget their smartphones

I've been looking at DuoSecurity. Rather than SMS they send a push notification to your phone before clearing your login. No screwing around typing codes, just a "was that you logging in from" popup on the phone that I can use to authorize the connection.

Anyone actually used them? Is it as good as their demos?

Re:Smartphone (or feature phone) (0)

Anonymous Coward | about 6 months ago | (#47561047)

Just dont use this "solution" wherever either the Chinese or the Russkie mafia might be slightly interested. They have more than enough exploits for either Android or the JesusPhone.

Re:Smartphone (or feature phone) (1)

langedb (518453) | about 6 months ago | (#47562505)

We use Duo at work and I use it personally (free for up to 10 users with unlimited integrations). Their app is TOTP compatible so it works well with Google Authenticator and the like. The service also supports hard tokens and 3rd party tokens like yubikey. The push works as advertised and is dead simple, and yes, it works just like the demos. Their integrations are generally easy to use. We've found their APIs to be decent as well having written our own user-registration portal as well as custom integrations for some apps.

S/Key (2)

userw014 (707413) | about 6 months ago | (#47559673)

RSA did implement their scheme as an iPhone app. If you're willing to consider something that might work as a smart-phone app, think about S/Key. It's supported as a PAM module for the *nixes. (Of course, that assumes you're willing to trust the smart-phone apps.)

I recall using S/key ages ago (1990s) back in the days of Telnet (before ssh.) Back then, if you didn't have an S/key calculator, you could also use a paper list of one-time passwords. Ever so often, we had to re-seed our s/key (because we limited the number of passwords per. seeding.) S/key can be a bit annoying, but it ought to be cheap to implement.

If you want to go with a hand-held device, I'm sure you could implement an S/Key end-user calculator on an Arduino or Raspberry Pi - but how much can you afford to spend? I wouldn't be surprised if a Arduino-like solution cost more than RSA tokens.

S/Key is focused on a single server. If you require your users to connect through a bastion host, it might be workable - but the model breaks down if you want multiple servers, unless they share a filesystem.

See Identiva PassKey (0)

Anonymous Coward | about 6 months ago | (#47560375)

This wireless login device is supersecure since it doesn't reveal the password to the computer, and also manages all the passwords for avoiding remembering. All using a standard and unmodified browser (just its configuration), and compatible with all your favourite websites right now.

See it in action here: www.identivasecurity.com

Multiple options (2)

dissy (172727) | about 6 months ago | (#47560533)

TOTP (time-based one time keys), HOTP (hmac? one time keys), and RFC6238 are todays friendly search terms.

TOTP is what the traditional RSA tokens use, in which the time is a component of the encryption used so the code generated from the private key changes (usually every 30 or 60 seconds)

HOTP is the latest in one time pads, where each code generated is good until used but only once.
It differs from true OTPs in that the data is procedurally generated from a private key instead of all the keys/data being generated in bulk ahead of time. One hopes the private key is smaller than a crap-ton of bulk keys or binary data needed for a true OTP.

Google Authenticator is one pre-made generic solution, and you don't need to use Google to utilize it.
The encryption it uses is open and has an RFC, and their own software lets you input the private key via QR code for the user if you wish, and utilize multiple profiles/keys.

Google released an open source PAM module for all your Linux authentication needs, including SSH.
I use this myself for access to my home network (ssh + port forwards)

There are also tons of programs that run the identical encryption methods, lots being open source.
I've seen them available for every OS commonly used (and then some) plus every smartphone out there.

I've also recently purchased a Yubico key, which is a hardware version of the RSA token.
The basic model runs $25 each if you buy single keys, and they can be loaded with up to two profiles using various encryption methods and keys.

Instead of an LCD display with a rolling code, they are USB devices that show up as USB keyboard HIDs. You plug it in and once the OS has it powered and ready, there is a touch-sensitive "button" you touch and the dongle types in the code valid for that 30 second period.
It also takes into account how long it needs to type the codes (sha256 with serial can be 158 characters and takes ~3-4 seconds to type in at the default key rate)
It will always type the key that will be valid at the time its about to hit enter.

Yubico is RFC6238 compatible, and also can utilize OpenRADIUS which then makes it compatible with pretty much everything.

A third option, though more for Windows login / Active Directory, and definitely not open source, is EIDVirtual.
It basically lets you reformat a USB flash drive to contain a 4k private key and special header so along with its smartcard driver extension, the keys show up as smart cards and USB flash (technically you can still store data on the drive if you want)

The software is very cheap (7 euro if I recall), works flawlessly in AD setups (tested on XP, 7, and 8), and uses any old flash drive with 1mb of storage.
The downside of course is you don't get any of the fancy (or even required) hardware protection of the private key. I believe it uses the USB drives serial and model/make as part of its formula so blind copying isn't trivial, but the hardware exists to easily fake that info for anyone intent on doing so.
Not nearly as secure as the other options, but it is at least priced accordingly, and doesn't try to add 2-3 zeros to the pricetag for the "enterprise" label.

Yubikey (0)

Anonymous Coward | about 6 months ago | (#47560643)

Have a look at http://www.yubico.com/ hardware tokens (one-time password generators) and cloud based verification, open API, low cost, and if you are lucky, you can even get a VeriSign logo on it...

TAN Listen (0)

Anonymous Coward | about 6 months ago | (#47560783)

If you need *real* security as opposed to "colored-glass-bead-android"-class security*, use the approach German banking industry has used for a long time with great success:

Simply print one-time keys of 6 random numbers each on a sheet of paper. Use one number (Transaction Authorization Number) per login process. Lock the account if more than three bad TANs have been used against an account.

Have security officers (whose primary job can be anything else PC-related) issue said TAN lists.

Generating the random number sheets from a crypto-strong PRNG (e.g. 3DES in counter-mode) seeded from the Linux /dev/random source should be rather trivial.

Users can carry the TAN List inside their wallet.

It is more difficult to protect the key material generation machine and key material distribution. Disconnect the key material generation PC from the net and physically remove/destroy all unecessary USB and network connections. Keep said machine and the printer in a properly secured room/safe.

Regarding "RSA Security" - they are a big-time fraud because they ignored almost every established rule regarding cyptographic security. And NSA is corrupt, too, because they did not stop this corrupt company from selling their snake oil to U.S. defence contractors. This fraud enabled Chinese intelligence to clean out the clock of Lockheed-Martin and thereby the U.S. air force and their F-22 fighter. Neither NSA nor DISA leadership was punished. All the fun of a corrupt government and corrupt intelligence/security.

*With a nice assortment of backdoors (also called "programming errors") for "anti-terror" intel ops. Ready to be used by the Russkie Mafia, too.

The IT integration (0)

Anonymous Coward | about 6 months ago | (#47560835)

...works by coding PAMs (Pluggable Authenticatiob Module) for all the relevant systems. A competent systems programmer should be able to implement this without too much effort.

You need to devise a way to bring the TAN Lists to the relevant server systems. Secure Copy (scp) is your friend. Or GNUpg.

2FA has been free for ages (0)

Anonymous Coward | about 6 months ago | (#47560891)

on windows platforms we've been using SMS2 (www.wrightccs.com) for free two factor auth for ages. we use google authenticator with it but there is also text message.

Just go to RSA. (0)

Anonymous Coward | about 6 months ago | (#47560901)

By the time you roll your own solution, you could have deployed RSA SecurID - soft tokens, or hard, or ODA (SMS) authentication. Virtual appliance on VMWare. Yeah, it costs some money - what's your time worth? It's not as expensive as you seem to think.

Re:Just go to RSA. (0)

Anonymous Coward | about 6 months ago | (#47561269)

You mean using a product from a company responsible for one of the worst espionage cases in U.S. history ? Yéah, brave $hilling, man.

Re:Just go to RSA. (0)

Anonymous Coward | about 6 months ago | (#47561387)

Yeah, try again. Nice FUD, and nice with the $ as S. Grow up and have a real discussion outside Mommy's basement.

Learn what really happened. A *shitload* more than your little blurb is what really went on.

Or should we use the same logic to condemn OpenSSL because of Heartbleed?

LinOTP (0)

Anonymous Coward | about 6 months ago | (#47561111)


cryptostick (0)

Anonymous Coward | about 6 months ago | (#47561361)

Open source hardware and software.

Otherwise, Yubikey is quite good alternative.

smart cards (1)

manu0601 (2221348) | about 6 months ago | (#47562703)

There are smart cards at affordable price. The biggest problem is to find some that can run without a binary blob driver (would you trust it?).

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?