Title: SGFR: Secure Groupware for First Responders http:cs'uccs'edusgfr Contact: chowcs'uccs'edu A NISSC Sp
1SGFRSecure Groupware for First
Respondershttp//cs.uccs.edu/sgfr/Contact
chow_at_cs.uccs.eduA NISSC Sponsored Project
- C. Edward Chow (PI)
- Chip Benight (PI)
- Ganesh Godavari
- Department of Computer Science
- Part of this work is based on research sponsored
by the Air Force Research Laboratory, under
agreement number F49620-03-1-0207. it was
sponsored by a NISSC summer 2003 grant.
2Goal of SGFR
- SGFR Secure Groupware for First Responder
- The goal is to design a framework for enhancing
groupware packages such as instant messenger and
video conferencing tool, - with security through
- scalable group key management (Keystone from UT
Austin), and - secure model secure group policy management
(Antigone from U. Michigan) - With stress level and tool usage effectiveness
evaluation - This is a joint project with Dr. Chip Benight of
psychology department. - The enhanced secured groupware will be tested in
a field trial with Citys Emergency Response team.
3SGFR Features
Psychology EvaluationStress Level
Tracking Effectiveness of Tool Usage(Keyboard/Mou
se Event Tracking,History of Commands, Mistakes,
Popup Quiz?)
Security Enhanced GroupwareInstant
messenger(JabberX)
Group Communication Server Instant Messaging
Server (Jabber)
Group Key ManagmentSecure Group Rekeying
system(Keystone)
4SGFR System Architecture
SGFR Client
SGFR Group Key Server
SGFR Instant MessengerServer
SGFR Client
SGFR Client
Group key distribution
Registration/authentication
Sign-in create/join chat groups
Encrypt/Decrypt msgs using group key
5SGFR System Operation
6Associate JabberX client with Keyserver and
Jabber server
- Users login to the Jabber server
- If login successful, the client registers with
the Keyserver. - When a user creates/joins a group, the Keyserver
gives a key to the client. - When a user leaves the group, the Keyserver
generates a new key for the remaining members of
the group.
7First group key assigned to group
User ganesh joining group g1
Second group key assigned to groupWhen a member
joined
Output of the Keystone Server
User ayen joining group g1
8Packet captured by Ethereal Packet Sniffer
Encrypted Hello Surrounded by ltbodygttag
Output of the Jabber server running on a machine
9Keystone Registrar Setup
- Registrar Setup
- R ltgt S using SSL
- S gt R registrar key KR, client list
- Secret key KR is called registrar key.
- Client list contains the identities and ID
numbers of clients that does not contain access
control information
10Secure Keystone Client Request
- Client Registration
- C ltgt R using SSL
- R gt C IDc, kc
- R gt S IDc, kc KR
- Where Kc is client individual key
- IDc is clients identity number
11Request and Reply
- A request may contain operations to more than one
group - Operations
- Join
- Leave
- Re-synchronize
- C gt S request kc
- S gt C ack kc, ind.rekeykc
12Key Updates
- Keyserver distributes new keys using the rekey
messages. - Reliable key updates can be done using
- TCP
- Reliable multicast Transport protocol
- Key stone uses UDP over IP multicast for
efficient rekey message delivery and Forward
Error Correction technique
13Re-synchronization
- FEC does not provide 100 reliability
- Solution 1
- Client request for retransmission of the lost
rekey message - Disadvantages
- Inefficient when the number of lost rekey is
large - Solution 2
- Keystone provides resynchronization mechanism for
clients to update their keys incase of message
loss.
14keyserver
- Keyserver.cmain()
- sslInfoInit(sslInfo, keyFile, certFile,
caFile, caPath) - sslCTX sslInit(sslInfo, 1)
- if (getSpec(servRec, f) ! 0) in spec.c..
- / the specification file is processed /
- setupKGraph(servRec)
- setupReqAddr((servRec-gtreqAddr)) // listen
for requests for clients - setupReqAddr((servRec-gtregReqAddr))
//listen for requests from registrar
15Keystone Specification File
- // 1 group, group-oriented TCP, period 1.0, DES3,
RSA - global-parameters
- begin
- rekey-period 1.0
- encryption DES3-CBC
- message-digest MD5
- signature-scheme RSA
- key-file serverkey.rsa
- request-port 20002
- register-port 30002
- key-tree-degree 4
- access-control none
- end
- group g1
- begin
- rekeying GROUP-ORIENTED
- rekey-delivery TCP-unicast
16Key Trees
(changed to k1-8)
k1-8k123
k1-8k456
k1-8k78
(changed to k78)
k78k7
k78k8
k9
u2
u3
u4
u5
u6
u7
u8
u9
u1
Wong et al. SIGCOMM 98, Wallner et al. Internet
Draft
17Registrar setup
- Registrar.cmain()
- / connect to keyserver /
- sslInfoInit(sslInfo, keyFile, certFile, caFile,
caPath) - sslCTX sslInit(sslInfo, 1)
- ssl sslConnect(sslCTX, ksAddr.sk)
- / receive register initialization from
keyserver / - msg.size sslRecv(ssl, msg.msg, msg.max)
- curr msg.msg
- curr getMsgHdr(curr, ver, type, size,
seq, msgSPI, msgVer) - if (type ! INIT_REGISTER) / error /
- if (sslRecvFile(ssl, cListFilename) ! 0) /
error / - while (1)
-
- if (childProcess(sk, ksAddr.sk, regSA, indSA,
sslCTX, seqToKS, lockFile, clientAuthInfo)! 0) -
-
18Registrar Client Registration
- Registrar.cchildProcess()
- ssl sslAccept(sslCTX, sk)
- if (cliAuthInfo ! NULL)
- if ((i checkClientCert(ssl, cliAuthInfo)) lt
0) / ERROR / - if (consRegToKS(indSA, seqToKS, reg) ! 0)
- fprintf(stderr, "ERROR registration to
key server\n") - return -1
-
- / sign and encrypt registration info with
regSA / - putMsgSize(reg.msg, 0)
- if (signEncMsgSA(reg, regSA) ! 0)
- return -1
-
19Client Setup
- Protocol.cinitializeclient()
- sslInfoInit(sslInfo, keyFile, certFile, caFile,
caPath) - registerSSL(ksCtx, sslInfo, regAddr)
- registerSSL.cregisterSSL()
- sslCTX sslInit(sslInfo, 1)
- ssl sslConnect(sslCTX, regAddr-gtsk)
- Gchat.ccmd_join()
- reqGroups(ksCtx, numGrps, grpName, request)
- Where request can be join/leave/resyn
- getGroupKey(ksCtx, grpName, version)
20SSL Initialization
- void sslInit(SSLInfo sslInfo, int verifyPeer)
-
- / SSL initialization /
- SSLeay_add_ssl_algorithms()
- SSL_load_error_strings()
- if ((sslCTX SSL_CTX_new(SSLv3_method()))
NULL) - ERR_print_errors_fp(stderr)
- return NULL
-
-
-
- if (verifyPeer)
- SSL_CTX_set_verify(sslCTX,
SSL_VERIFY_PEER, NULL) - else
- SSL_CTX_set_verify(sslCTX,
SSL_VERIFY_NONE, NULL) -
- return ((void ) sslCTX)
- /
21SSL Server connection
- void sslAccept(void sslCTX_v, int sock)
- / begin of sslAccept() /
- SSL_CTX sslCTX (SSL_CTX ) sslCTX_v
- SSL ssl X509 peerCert
-
- if ((ssl SSL_new(sslCTX)) NULL)
- fprintf(stderr, "ERROR no ssl\n")
- return NULL
-
- SSL_set_fd (ssl, sock)
- if (SSL_accept(ssl) -1)
- ERR_print_errors_fp(stderr)
- SSL_free(ssl)
- return NULL
-
- if (SSL_CTX_get_verify_mode(sslCTX)
SSL_VERIFY_PEER) - if ((peerCert SSL_get_peer_certificate
(ssl)) NULL) - fprintf(stderr, "ERROR no peer
cert\n")
22SSL Client connection
- void sslConnect(void sslCTX_v, int sock)
- / begin of sslConnect() /
- SSL_CTX sslCTX (SSL_CTX ) sslCTX_v
- SSL ssl
- X509 peerCert
- if ((ssl SSL_new (sslCTX)) NULL)
- fprintf(stderr, "ERROR no ssl\n")
- return NULL
-
- SSL_set_fd (ssl, sock)
- if (SSL_connect(ssl) -1)
- ERR_print_errors_fp(stderr)
- SSL_free(ssl)
- return NULL
-
- if ((peerCert SSL_get_peer_certificate
(ssl)) NULL)
23Access Control List
- / check client certificates /
- / return -1 if error or client not found /
- int checkClientCert(void ssl_v, ClientAuthInfo
cliAuthInfo) -
- SSL ssl (SSL ) ssl_v
- X509 peerCert
- char peerName256
- int i, peerNameSize
- if ((peerCert SSL_get_peer_certificate
(ssl)) NULL) - fprintf(stderr, "ERROR no peer cert\n")
- return -1
-
- X509_NAME_oneline(X509_get_subject_name(peerCe
rt), peerName, sizeof(peerName)) - peerNameSize strlen(peerName)1
- / got the subject line so compare with the list
u want to allow./ -
24Encryption CBF
- int EncryptString (char in, char out, unsigned
char key, int plainlen) -
- int cipherlen, tmplen
- unsigned char iv8 1,2,3,4,5,6,7,8
- EVP_CIPHER_CTX ctx
- EVP_CIPHER_CTX_init(ctx)
- EVP_EncryptInit(ctx,EVP_bf_cbc(),key,iv)
- if (!EVP_EncryptUpdate(ctx,out,cipherlen,in,plai
nlen)) -
- return -1
-
- if (!EVP_EncryptFinal(ctx,outcipherlen,tmplen))
-
- return -1
-
25Decryption CBF
- int DecryptString(char in, char out, unsigned
char key, int cipherlen) -
- int plainlen, tmplen
- unsigned char iv8 1,2,3,4,5,6,7,8
- EVP_CIPHER_CTX ctx
- EVP_CIPHER_CTX_init(ctx)
- EVP_DecryptInit(ctx,EVP_bf_cbc(),key,iv)
- if (!EVP_DecryptUpdate(ctx,out,plainlen,in,ciphe
rlen)) - return -1
-
- if (!EVP_DecryptFinal(ctx,outplainlen,tmplen))
- return -2
-
- plainlen tmplen
26Testing Results
Table 1 time taken for client registration group
join, group leave
Table 2 time taken for file transfer
27Conclusion
- A secure group communication software package
SGFR v.0 was developed. - Use Digital Certificate to authenticate client
access. - Group keys are distributed when members
join/leave or based on some time period. - Group key is used to encrypted the messages.
- Enhance text-based chat with remote file download
and remote display. - Ported the SGFR v.0 to run on handheld devices
include PDA running Linux and Sony PalmTop.
28Future work
- Improve the file transfer capability using
Reliable Multicast Transport Protocol. - Improve Keystones error handling mechanism
between keyserver/registrar and client manager. - Improve Keystone client manager by moving it into
socket layer and providing socket layer API
between a client manager and data processor. - Integrate with Wireless Sensor Networks and
improve security of their operations.