Kx509: Leveraging Kerberos to Obtain Digital Certificates for Web

Download Report

Transcript Kx509: Leveraging Kerberos to Obtain Digital Certificates for Web

KX509: Leveraging Kerberos to
Obtain Digital Certificates for
Web Client Authentication
University of Michigan
Kevin Coffman <[email protected]>
Bill Doster <[email protected]>
Why X.509?
• An accepted international standard
• Application support out of the box
– Web servers, web browsers, directory servers,
IMAP servers, etc
• Allows the possibility for inter-institution
authentication
• No need for N²-1 cross-realm trusts
April 11, 2000
CIC TechForum 2000
Why Kerberos?
• We have been using Kerberos on campus
since 1990
• We have 200K+ principals defined in our
Kerberos database
• It’s an integral part of our infrastructure
• It is currently used for authenticating to
many services (AFS, dial-in, e-mail, login
servers, web pages.)
April 11, 2000
CIC TechForum 2000
Project History
(Where We Started From)
• Started with MIT code for issuing
certificates
• Shortcomings in the MIT code
– Passwords passed to web server
– User interaction required
• Obtain certificate
• Maintain and protect private key(s)
– Long-term certificates, ignoring revocation
– Only supported for Netscape Communicator
April 11, 2000
CIC TechForum 2000
Project Goals
(What We Are Doing)
• Eliminate password prompts for web access
(actually use Kerberos)
• Transparent web authentication
– Make certificate generation automatic at Kerberos login
– Make certificate installation invisible to the user
• Browser-neutral, cross-platform
• Position for inter-institution authentication
April 11, 2000
CIC TechForum 2000
Project Non-goals
(What We Are NOT Doing)
• Not a complete PKI
• Not to be used for e-mail or document
encryption
• Not to be used for e-mail or document
signing (not yet, anyway)
• Not a complete replacement of the current
cookie method of authentication (not yet, anyway)
April 11, 2000
CIC TechForum 2000
KX509 Description
• Uses short-term (~1 day) certificates -“junk keys”
• Obtains certificates securely from a
kerberized certificate authority (KCA)
server
• Used for authentication ONLY!
• Columbia PKCS#11 code
April 11, 2000
CIC TechForum 2000
Why “Junk Keys” ?
• Revocation becomes a non-issue
• Private key storage is less an issue
• The directory isn’t the center of the universe
(?)
– Certificate management is less critical
– Certificate publication for sharing is not
necessary
April 11, 2000
CIC TechForum 2000
The Cookie Trail
April 11, 2000
CIC TechForum 2000
KX509 Overview
Client
Workstation
Enterprise-Wide
Kerberos Servers
Unmodified
Kerberos “Login”
(kinit, klog,
Kerb95,…)
Standard
Kerberos
TGT Request
login
password
Standard
Kerberos
Service Ticket
Request
TGT
Kerberos Ticket File
(plus registry on
Windows)
Use TGT to get
service ticket
Use RSA Key-pair
& certificate
PKCS#11
module
Unmodified
Netscape
Browser
Unmodified
Kerberos Server
(KDC)
kx509
Unmodified
Kerberos Server
(TGS)
Kerberos Authenticated Request
With public-key to be certified
Store Generated
RSA key-pair &
One-day certificate
Kerberized
Certificate
Authority
(KCA)
X.509 v3 Certificate
good for one day
Enterprise & External Web Servers
Standard HTTPS
(with X.509 Client
Authentication)
Unmodified
Internet
Explorer
Unmodified
Web Servers


April 11, 2000
CIC TechForum 2000

Copy of KCA’s
Published Certificate
Demonstration...
April 11, 2000
CIC TechForum 2000