[Swan] Authentication with pam_url and nonces
Mirsad Goran Todorovac
mirsad.todorovac at alu.unizg.hr
Sun Feb 6 20:21:28 EET 2022
Hi all,
The passwordless authentication over pam_url used with IKEv2 with the
certificates was considered
a source of brute force attacks and a dangerous module to implement for
it could allow everyone to
access the system if accidentally left as the only and sufficient module
in PAM stack.
Mainly, the PHP script controlled access over IP address and that was
the possible door for fake IP
impersonations despite using libcurl.4.0 and TLSv1.3.
I have considered implementing authentication over PSK authenticating
module and PHP script over
a variant of HMAC-SHA256. Although the secret was never transferred in
cleartext and not even over
TLSv1.3, I used to have a naive nonce generation with PRF seeded from
nanoseconds of the Linux
monotonous clock which doesn't have the nanosecond resolution in the
first place.
Now I don't seed the PRNG every time except on first call to the nonce
generator, so I am guaranteed
to get different nonce every time even if called several time within the
same nanosecond.
So, the main question appears to be if there is a smarter way of
preventing brute force replay attacks
than having a database of already used nonces. Especially when
considering possible DoS attack scenarios.
The code is published here for your convenience:
https://github.com/mtodorov3-69/pam_url
The experimental PHP script for authorization is in the folder
examples/experimental.
The PAM module should build out-of-the-box and if it doesn't, please
submit bug reports.
Thank you very much.
Kind regards,
Mirsad Todorovac
--
Mirsad Goran Todorovac
CARNet sistem inženjer
Grafički fakultet | Akademija likovnih umjetnosti
Sveučilište u Zagrebu
--
CARNet system engineer
Faculty of Graphic Arts | Academy of Fine Arts
University of Zagreb, Republic of Croatia
tel. +385 (0)1 3711 451
mob. +385 91 57 88 355
More information about the Swan
mailing list