SPADE: SPKI/SDSI for Attribute Release Policies in a Distributed Environment

Shibboleth is a federated administrated system that supports inter-institutional authentication and authorization for sharing of resources. SPKI/SDSI is a public key infrastructure whose creation was motivated by the perception that X.509 is too complex and flawed. This thesis addresses the problem of how users that are part of a Public Key Infrastructure in a distributed computing system can effectively specify, create, and disseminate their Attribute Release Policies for Shibboleth using SPKI/SDSI. This thesis explores existing privacy mechanims, as well as distributed trust management and policy based systems. My work describes the prototype for a Trust Management Framework called SPADE (SPKI/SDSI for Attribute Release Policies in a Distributed Environment) that I have designed, developed and implemented. The principal result of this research has been the demonstration that SPKI/SDSI is a viable approach for trust management and privacy policy specification, especially for minimalistic policies in a distributed environment

Limited Delegation (Without Sharing Secrets) in Web Applications

Delegation is the process wherein an entity Alice designates an entity Bob to speak on her behalf. In password-based security systems, delegation is easy: Alice gives Bob her password. This is a useful feature, and is used often in the real world. But it\u27s also problematic. When Alice shares her password, she must delegate all her permissions, but she may wish to delegate a limited set. Also, as we move towards PKI-based systems, secret-sharing becomes impractical. This thesis explores one solution to these problems. We use proxy certificates in a non-standard way so that user Alice can delegate a subset of her privileges to user Bob in a secure, decentralized way for web applications. We identify how delegation changes the semantics of access control, then build a system to demonstrate these possibilities in action. An extension on top of Mozilla\u27s Firefox web browser allows a user to create and use proxy certificates for delegation, and a module on top of the Apache web server accepts multiple chains of these certificates. This is done in a modified SSL session that should not break current SSL implementations

Simple Public Key Infrastructure Analysis Protocol Analysis and Design

Secure electronic communication is based on secrecy, authentication and authorization. One means of assuring a communication has these properties is to use Public Key Cryptography (PKC). The framework consisting of standards, protocols and instructions that make PKC usable in communication applications is called a Public Key Infrastructure (PKI). This thesis aims at proving the applicability of the Simple Public Key Infrastructure (SPKI) as a means of PKC. The strand space approach of Guttman and Thayer is used to provide an appropriate model for analysis. A Diffie-Hellman strand space model is combined with mixed strand space proof methods for proving the correctness of multiple protocols operating in the same context. The result is the public key mixed strand space model. This model is ideal for the analysis of SPKI applications operating as sub-protocols of an implementing application. This thesis then models the popular Internet Transport Layer Security (TLS) protocol as a public key mixed strand space model. The model includes the integration of SPKI certificates. To accommodate the functionality of SPKI, a new protocol is designed for certificate validation, the Certificate Chain Validation Protocol (CCV). The CCV protocol operates as a sub-protocol to TLS and provides online certificate validation. The security of the TLS protocol integrated with SPKI certificates and subprotocols is then analyzed to prove its security properties

Greenpass Client Tools for Delegated Authorization in Wireless Networks

Dartmouth\u27s Greenpass project seeks to provide strong access control to a wireless network while simultaneously providing flexible guest access; to do so, it augments the Wi-Fi Alliance\u27s existing WPA standard, which offers sufficiently strong user authentication and access control, with authorization based on SPKI certificates. SPKI allows certain local users to delegate network access to guests by issuing certificates that state, in essence, he should get access because I said it\u27s okay. The Greenpass RADIUS server described in Kim\u27s thesis [55] performs an authorization check based on such statements so that guests can obtain network access without requiring a busy network administrator to set up new accounts in a centralized database. To our knowledge, Greenpass is the first working delegation-based solution to Wi-Fi access control. My thesis describes the Greenpass client tools, which allow a guest to introduce himself to a delegator and allow the delegator to issue a new SPKI certificate to the guest. The guest does not need custom client software to introduce himself or to connect to the Wi-Fi network. The guest and delegator communicate using a set of Web applications. The guest obtains a temporary key pair and X.509 certificate if needed, then sends his public key value to a Web server we provide. The delegator looks up her guest\u27s public key and runs a Java applet that lets her verify her guests\u27 identity using visual hashing and issue a new SPKI certificate to him. The guest\u27s new certificate chain is stored as an HTTP cookie to enable him to push it to an authorization server at a later time. I also describe how Greenpass can be extended to control access to a virtual private network (VPN) and suggest several interesting future research and development directions that could build on this work.My thesis describes the Greenpass client tools, which allow a guest to introduce himself to a delegator and allow the delegator to issue a new SPKI certificate to the guest. The guest does not need custom client software to introduce himself or to connect to the Wi-Fi network. The guest and delegator communicate using a set of Web applications. The guest obtains a temporary key pair and X.509 certificate if needed, then sends his public key value to a Web server we provide. The delegator looks up her guest\u27s public key and runs a Java applet that lets her verify her guests\u27 identity using visual hashing and issue a new SPKI certificate to him. The guest\u27s new certificate chain is stored as an HTTP cookie to enable him to push it to an authorization server at a later time. I also describe how Greenpass can be extended to control access to a virtual private network (VPN) and suggest several interesting future research and development directions that could build on this work

PKI Scalability Issues

This report surveys different PKI technologies such as PKIX and SPKI and the issues of PKI that affect scalability. Much focus is spent on certificate revocation methodologies and status verification systems such as CRLs, Delta-CRLs, CRS, Certificate Revocation Trees, Windowed Certificate Revocation, OCSP, SCVP and DVCS.Comment: 23 pages, 2 figure

The Value of User-Visible Internet Cryptography

Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have demonstrated that explicit, user-visible cryptographic mechanisms are not widely used by non-expert users, and as a result arguments have been made that cryptographic mechanisms need to be better hidden or embedded in end-user processes and tools. Other mechanisms, such as HTTPS, have cryptography built-in and only become visible to the user when a dialogue appears due to a (potential) problem. This paper surveys deployed and potential technologies in use, examines the social and legal context of broad classes of users, and from there, assesses the value and issues for those users