This is similar to what we've done with WiKID (sourceforge.net). A hash of the server's cert is stored on the auth server and is sent down to the software token with the OTP. The token fetches the cert via the user's internet connection, hashes it and compare the two hashes. If it matches, the otp is presented and copied to the clipboard. and the default browser is launched to the website.
The key difference is that your server becomes the validation source and not a 3rd party.
ROI is essentially a ratio measuring a payback period, which can lead to distortions. Say you have two projects. The first has an investment of $1,000,000 and saves you $100,000 per month. The second has an investment of $100,000 and saves $10,000 a month. Both have a payback period of 10 months (100,000/10,000) and both have an ROI of 100% (100,000/10,000). Which project do you do? Assuming that you can afford to both project, which do you do? Based on this information, you would do both. The missing element is cost-of-capital, which where security comes in.
Look at it this way: You are looking to roll out an SSL-based VPN that will reduce your ongoing remote access costs by $200,000 per year for 2,000 users. Youre concerned however that one of the main drivers for the project is that users want to login from un-trusted web kiosks. You think doing using SSL instead of a client-based solution is more risky than going with IPSec, but how can you analyze it? If your companys WACC is 10%, then the value of $200,000 should be $2,000,000. But this project is far riskier than youre companys main line of business, so the project should capped at a much higher rate. If you use 20%, then the value is $1,000,000.
Tokens and other shared-secret systems can't support multiple domains for obvious reasons. WiKID is a commercial open source solution that uses public key cryptography. Thus it can support more than one authentication domain without a drop in security.
We are currently killing bugs in the OSS system, adding more app support and adding mutual authentication. Then we will make it less 'rpm-based' for other distros. feedback is very welcome.
disclosure: i am with the company.
Available in both open (https://sourceforge.net/projects/wikid-twofactor/) and closed source (http://www.wikid.com/ versions. Closed source supports wireless devices such as Blackberries, Palm, PocketPC J2ME. Unlike certs, there is no need to manage white & black lists (CRL) etc. Unlike RSA soft tokens, the PIN is stored on the server and communication between the token and the server is encrypted asymmetrically. If the token is stolen, the PIN must be checked at the server allowing lock-out after an admin set number of attempts. Open sourced plugins are available for PHP, Java, COM/IIS, Citrix, C++, SugarCRM, etc. with more on the way. Token roll out can be completely automated via ASP scripts using trusted LAN credentials.
The two attacks mentioned by Schneier can be thwarted using strong authenticaiton.
First, the session hijacking attack: Any two-factor authentication system can thwart this attack if the banks require a second one-time passcode for processing a transaction - in addition to authenticating for the session.
Second: pharming, DNS-casche poisoning: I can tell you at least that our solution (http://www.wikidsystems.com/ can stop this via out PC client (yes, runs on Mac & Linux). We encrypt a PIN and send it to the server. The server responds with the one-time passcode encrypted. If DNS is down, no passcode. I suspect that some challenge-response systems might also block this, but I don't know.
As for the MITM attack, it is possible to extend a PC client to stop this as well.
I would expect more from Schneier on this front. Disappointing, IMO.
My Sony Vaio laptop died a horrible death. The system would just shut down, not even a blue screen of death - all hardware. Now, my Sony desktop is dying I think the fan is giving out or it's just overheating.
Slashdot Mirror
This is similar to what we've done with WiKID (sourceforge.net). A hash of the server's cert is stored on the auth server and is sent down to the software token with the OTP. The token fetches the cert via the user's internet connection, hashes it and compare the two hashes. If it matches, the otp is presented and copied to the clipboard. and the default browser is launched to the website.
The key difference is that your server becomes the validation source and not a 3rd party.
ROI is essentially a ratio measuring a payback period, which can lead to distortions. Say you have two projects. The first has an investment of $1,000,000 and saves you $100,000 per month. The second has an investment of $100,000 and saves $10,000 a month. Both have a payback period of 10 months (100,000/10,000) and both have an ROI of 100% (100,000/10,000). Which project do you do? Assuming that you can afford to both project, which do you do? Based on this information, you would do both. The missing element is cost-of-capital, which where security comes in.
Look at it this way: You are looking to roll out an SSL-based VPN that will reduce your ongoing remote access costs by $200,000 per year for 2,000 users. Youre concerned however that one of the main drivers for the project is that users want to login from un-trusted web kiosks. You think doing using SSL instead of a client-based solution is more risky than going with IPSec, but how can you analyze it? If your companys WACC is 10%, then the value of $200,000 should be $2,000,000. But this project is far riskier than youre companys main line of business, so the project should capped at a much higher rate. If you use 20%, then the value is $1,000,000.
Google "nordea phish" to see how this system has been attacked.
A good two-factor authentication system should include host authentication as well to prevent MITM attacks.
n
http://en.wikipedia.org/wiki/Mutual_authenticatio
Otherwise, banks would be better off using OTPs to validate the transactions.
What about FreeNX? http://freenx.berlios.de/.
Open source, free, supports remote X, RDP * VNC and you can run authentication through PAM for 2-factor authentication support.
commercial site, open source site & sourceforge site
We are currently killing bugs in the OSS system, adding more app support and adding mutual authentication. Then we will make it less 'rpm-based' for other distros. feedback is very welcome. disclosure: i am with the company.
Did you consider WiKID Systems?
/ ) and closed source (http://www.wikid.com/ versions. Closed source supports wireless devices such as Blackberries, Palm, PocketPC J2ME. Unlike certs, there is no need to manage white & black lists (CRL) etc. Unlike RSA soft tokens, the PIN is stored on the server and communication between the token and the server is encrypted asymmetrically. If the token is stolen, the PIN must be checked at the server allowing lock-out after an admin set number of attempts. Open sourced plugins are available for PHP, Java, COM/IIS, Citrix, C++, SugarCRM, etc. with more on the way. Token roll out can be completely automated via ASP scripts using trusted LAN credentials.
e .
Available in both open (https://sourceforge.net/projects/wikid-twofactor
In terms of evaluating based on financial, relative security and operations issues you might want to read this, which I wrote for WiKID: http://www.securitydocs.com/library/3048. A cleaner costs analysis between a hardware tokens such as RSA and WiKID is here: http://www.wikidsystems.com/features/lessexpensiv
The two attacks mentioned by Schneier can be thwarted using strong authenticaiton.
First, the session hijacking attack: Any two-factor authentication system can thwart this attack if the banks require a second one-time passcode for processing a transaction - in addition to authenticating for the session.
Second: pharming, DNS-casche poisoning:
I can tell you at least that our solution (http://www.wikidsystems.com/ can stop this via out PC client (yes, runs on Mac & Linux). We encrypt a PIN and send it to the server. The server responds with the one-time passcode encrypted. If DNS is down, no passcode. I suspect that some challenge-response systems might also block this, but I don't know.
As for the MITM attack, it is possible to extend a PC client to stop this as well.
I would expect more from Schneier on this front. Disappointing, IMO.
My Sony Vaio laptop died a horrible death. The system would just shut down, not even a blue screen of death - all hardware. Now, my Sony desktop is dying I think the fan is giving out or it's just overheating.