[186678] in North American Network Operators' Group
Re: de-peering for security sake
daemon@ATHENA.MIT.EDU (Owen DeLong)
Sun Dec 27 20:09:26 2015
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAPkb-7D23c+07Bk_n4KAQWZ8PWE-ztoQ=cPzHX_w5TqG813adA@mail.gmail.com>
Date: Sun, 27 Dec 2015 17:08:17 -0800
To: Baldur Norddahl <baldur.norddahl@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On Dec 27, 2015, at 14:33 , Baldur Norddahl =
<baldur.norddahl@gmail.com> wrote:
>=20
>=20
>=20
> On 27 December 2015 at 22:08, Owen DeLong <owen@delong.com =
<mailto:owen@delong.com>> wrote:
> This is a bit of a tangent, really. The discussion was about =
authentication factor
> counts and Baldur tried to use PCI-DSS acceptance of =
password-encrypted
> private key authentication as two-factor to bolster his claim that it =
was, in fact
> two-factor, when it clearly isn=E2=80=99t actually two-factor as has =
been stated previously.
>=20
> I wanted to stay out of this, but Owen you are full of shit here. I am =
pointing out that your homemade definition does not match up with what =
others think two factor means. PCI DSS might be utter crap, but they are =
still more than "Owen DeLong and his personal opinion=E2=80=9D.
Dude=E2=80=A6 It=E2=80=99s not just my opinion. Virtually every one else =
who chimed in on the thread other than you backed my position on this.
> You are utterly confused about the meaning about two factor. You =
apparently believe the magic words "two factor" is a statement about the =
security of a system, while it is in fact just a simple property. A =
property that even an inherently insecure and weak system can have.=20
No, as I pointed out, you can have very weak security with two weak =
factors.
However, the property two-factor means something and it=E2=80=99s not =
what you apparently think.
> It is not, as you have said, about strengthen the search space of a =
crypto key (just double the key length if you need that). In fact, many =
two factor systems do not use crypto keys at all. An example of such a =
non crypto based system is a credit card with magnetic strip plus pin. =
The magnetic strip contains just the card number, which can also be read =
directly from the card and even memorized by the owner.
Actually, the magnetic stripe contains quite a bit more than the card =
number, but that=E2=80=99s another tangent.
I never said you had to have crypto for two-factor, nor did I say that =
two factor magically made things stronger.
> We need two factor because if you have just one factor, say the =
password, the hacker will simply call the user and ask him to tell the =
password. And the users will happily obligate. Experience shows this. On =
the other hand, if you give the users a single factor system with a =
physical token (a key), that gets stolen, misplaced or "borrowed" far =
too easily. Therefore industry standard is card + pin to enter a =
building (=3Dtwo factor). Secure places require three factor (card + pin =
+ biometric).
Card+pin is an example of two factors=E2=80=A6 You _HAVE_ the card and =
you _KNOW_ the PIN.
Password-encrypted Key, OTOH, is something you _KNOW_ and something else =
you _KNOW_. It=E2=80=99s not something you _HAVE_ or something you =
_ARE_.
There are three generally accepted categories of Factors for =
authentication=E2=80=A6
1. Something you HAVE
2. Something you KNOW
3. Something you ARE
In order to qualify as 2-factor, a system must require something from =
two of the categories. Two things from the same category do not qualify.
> SSH keys are two factor because people do not in general memorize the =
key file. Because they do not, you can not gain access to the system =
with only what you know (=3Din your mind). Unless the user violated =
protocols and changed the passphrase to null, you can not gain access =
just by possession of the key file. That is all that is required to name =
it two factor. That Owen DeLong believes the system stinks does not =
change that at all.
Something on disk counts as something you know. A private/public key =
pair is not something you HAVE because it=E2=80=99s not a physical =
object and it=E2=80=99s certainly not something you ARE.
It=E2=80=99s clearly in the something you KNOW category for all =
practical purposes, even if you don=E2=80=99t memorize it into your =
mind.
Now, a private key in black box where you feed it encrypted stuff to be =
decrypted or decrypted stuff to be encrypted and you cannot extract the =
private key, that could be something you HAVE.
But at that point, it=E2=80=99s the black box that is the thing you =
have, not the key itself. The key in the box and the boxes ability to =
decrypt/encrypt using that key is merely a mechanism for proving
that you have the correct black box.
> Historically the banks used to depend on a system that is the same as =
ssh keys: certificate files you have on your computer to access the bank =
website. That also is a two factor system. The users did not usually =
memorize the content of the certificates. The system is weak because bad =
guys used malware to steal the certificate files and install key loggers =
to also get the other factor, the password.=20
Again, real two-factor authentication depends on factors from different =
categories above. The certificate, like it or not, whether you memorize =
it or not, is something you KNOW, not something you HAVE.
To qualify as something you HAVE, it has to be a unique physical token =
with some degree of difficulty in duplication. Some physical tokens are =
easier to duplicate than others. Examples include keys for pin-tumbler =
locks.
Even those come in varying degrees of difficulty (3, 5, or 7 pins, =
straight or spool pins, angled pin alignments, etc.)
> In my country (Denmark) they decided hardware keys are still too =
expensive, so they developed a two factor system based on paper keys. =
You will get a piece of paper with a few hundred random numbers. When =
you log in, you are asked to type one of the numbers in to prove that =
you are in possession of the key paper. The codes are just 6 digits and =
infinite weak if you believe them to be part of any crypto scheme. This =
system has also been broken because now bad guys ask the users to take =
pictures of the key paper to prove something, and the users happily do =
just that. Banks are still happy though, because the loss is less than =
the cost to ship hardware keys to everyone.
Why not just use Google Authenticator (free App) with a unique series on =
people=E2=80=99s smartphones? I=E2=80=99m pretty sure smartphones are =
quite common in DK by now.
> Only strong two factor systems are really resistant to the users =
defeating the system by doing stupid things. That does not mean that =
only strong two factor systems are two factor. That would be silly - =
Owen what would you then name weak and broken two factor systems? It is =
a property - nothing more.
Correct. However, calling a system which depends on two =E2=80=9Cfactors=E2=
=80=9D from the same factor category doesn=E2=80=99t meet the =
requirements of a two factor system.
Password protected SSH key is all in the something you KNOW category. =
Especially when you consider that you aren=E2=80=99t presenting the =
password and the key to the authenticator, you are using the password to =
unlock the key that is presented to the authenticator.
(yes, I realize the key isn=E2=80=99t actually presented, it=E2=80=99s =
done differently involving using the key to encrypt a hash which can =
then be verified as correctly encrypted by decrypting with the public =
key, but that=E2=80=99s a technicality that isn=E2=80=99t really =
relevant here).
Owen
