Secure Private Key Storage for UNIX? 95
An anonymous reader asks: "Microsoft Windows, from 2000 forward (except ME) offers secure certificate and private storage at the OS level in what is called a protected store. Offline, it's encrypted by a combination of the user's password and a session key stored on the filesystem. When the OS is running, the private keys stored are available to the logged in user, optionally encrypted with another password. The keys are stored in protected memory, so no applications can access them without going through the Microsoft CAPI calls. This code also is FIPS 140-1 level 1 (the best one can get for software cryptography modules) compliant." Does any other OS provide this kind of feature at the OS-level? If so, who? If not, why?
This functionality (especially certified FIPS 140-1 or FIPS 140-2) would be nice to see in UNIX variants. MacOS's key-chain functionality is similar, but stores at the application level, and is not FIPS compliant. An implementation of the protected store functionality will allow applications like Firefox, Thunderbird and gpg to have one common place to obtain private keys and certificates rather than maintaining their own individual key-stores. An additional application for this would be the ability to use hardware PKCS #11 tokens.
I am wondering why this functionality does not exist at the OS level in most OSes except Windows. A number of applications on many platforms have this functionality, but its at the app level, with their own key-stores, and not a standard at the OS level."
I am wondering why this functionality does not exist at the OS level in most OSes except Windows. A number of applications on many platforms have this functionality, but its at the app level, with their own key-stores, and not a standard at the OS level."
OS X Keychain is not "application level" (Score:5, Informative)
Keychain is at the application level? (Score:4, Informative)
I'm not sure what they're trying to claim here, but unless their definition of OS means "kernel", the Mac OS X (and classic Mac OS, AFAIK) keychain most certainly is an OS-level service. Keychain items can be shared among all applications, though most applications limit access to these items to a list of trusted applications for obvious security reasons.
I don't know about the question of protected memory or FIPS certification, but the rest of this question just seemed like FUD to me.
Re:Well duh.. (Score:3, Informative)
He didn't specify Linux, he said UNIX.
chmod 600 (Score:2, Informative)
Just make sure to store the key encrypted with a passphrase
Much like KDE's kwalletmanager (Score:5, Informative)
No (Score:5, Informative)
Linux Kernel keyring; openCryptoki (Score:5, Informative)
Re:Eggs and baskets (Score:5, Informative)
I disagree. Right now, we're putting all our eggs in a bunch of half-assed baskets woven from tissue paper and lunchmeat. I'd much rather trust one well-audited, well-engineered solution than the 100 home rolled ones we have to trust now.
KDE does this now with KWallet (although without the spiffy kernel-level protections the author claims that Windows supports). If I'm writing a KDE application, I don't have to worry about getting password storage right - some other folks who know a whole lot more about the problem have already taken care of it for me.
I think this is good in the same way that using libc's strncmp is better than writing your own. Sure, there might be some undiscovered flaw lurking that's just waiting to open our systems to the world, and an environment of heterogeneous strncmp implementations would keep a successful attack from owning everything that links to libc. And yet, I have a lot of faith that the libc version is much better than anything I'm likely to come up with on my own.
Finally, if an error in strncmp were to be discovered, an upgrade of one library file would fix every dynamically linked program on my system. If each of those programs used their own, then each one would have to be audited to make sure they weren't broken in a similar way. In the same way, an upgrade to KWallet helps every program that uses it. Other programs have to hope that new vulnerabilities are specific to KWallet's own code and not a more general problem.
The Unix way is to build a tool that does one thing supremely well, then trust it. I think this is a prime candidate for the same treatment.
By the way, I'm only using KWallet as an example because I'm familiar with it; I'd be even more interested in Theo de Raadt getting a wild hair and writing OpenSecureStore some weekend.
Re:I think we did this first... (Score:3, Informative)
code from somewhere else into itself and running it. But if an app doesn't go out of its way to let you in, you aren't getting in, and if your kernel is owned, so are you, even on Windows.
what about
strace -p pid
gdb program pid
Attaching debugger to running process in Linux (Score:4, Informative)
SanityInAnarchy has apparently not been doing a lot of development in a UNIX environment. While I don't blame him/her for potentially missing out on the ptrace syscall, as it's not mentioned in Stevens' Advanced Programming in the UNIX Environment, I do find it a bit sad that he/she makes such bold statements about the security of a computer system without checking at least the valid command line parameters to one of the tools he is referring to. Luckily an Anonymous Coward already told the world about two of these.
For those not familiar with the ptrace syscall, here is some info about linux ptrace:
Detecting that you're being traced is possible, but it equally possible to circumvent possible detection by tracing at the correct time, deliver spoofed signals, modifying memory in the traced process to avoid being detected. In short: if you cannot trust your system administrator and yourself (at least all processes running as you) you are out of luck as to local security. Network security is one step worse, in that you have to trust even more persons.
Oh, and don't use trustno1 as password!
Re:Well duh.. (Score:3, Informative)
HP has 3 (4?) flavors of UNIX:
http://welcome.hp.com/country/us/en/prodserv/serv
HP-UX, Linux, Tru64
They also have UnixWare, though I'm not sure if that's UNIX or an application suite for UNIX, or something that is "kinda like but not really" UNIX.
VMS is not UNIX, so I won't count that.
Given that these are "for sale", I don't think "dead" is quite the appropriate term.
You can drop out Linux since it's not a IBM creation, reducing their number of Unix OSes by 1, but that's still a positive number.
We use all of the above (except UnixWare) and many more where I work, in various places (LARGE organization).
As for IBM, AIX and Linux. I5 might be a Unix OS also, but I'm not familiar with it.
http://www-03.ibm.com/systems/i/os/ [ibm.com]
Also for sale. And AIX is also still used (they have AIX server in various places in the organization where I work also)