Integrating DAGA into the - PDF document

1 Integrating DAGA into the cothority fra
Integrating DAGA into the cothority framework and using it to build a login service DEDIS, EPFL 2018/19 - Lucas Pires Responsible: Prof. Bryan Ford, Dr. E

2 wa Syta Supervisor: Linus Gasser 1 Integ
wa Syta Supervisor: Linus Gasser 1 Integrating DAGA into the cothority framework and using it to build a login service D eniable A nonymous G roup A uthen

3 tication • Decentralized Authenticatio
tication • Decentralized Authentication Protocol • Forward - security, etc. more later 2 Motivation / Intro • Authentication Identification and Privacy

4 • ➔ where possible, get rid of ident
• ➔ where possible, get rid of identification • ➔ DAGA • GOAL: offer easy way to use DAGA, Login Service 3 Overview • Background / DAGA • Cothori

5 ty implementation • Authentication de
ty implementation • Authentication delegation • PoC & demo • Conclusion 4 Background / DAGA 5 Properties Description Big picture Background / DAGA –

6 6 DAGA Background / DAGA – 6 DAGA Ent
6 DAGA Background / DAGA – 6 DAGA Entity / user Background / DAGA – 6 DAGA Anytrust servers Entity / user Background / DAGA – 6 DAGA Anytrust servers

7 Entity / user Group Auth. request Decisi
Entity / user Group Auth. request Decision Background / DAGA – 7 DAGA Anytrust servers Entity / user • Completeness • Soundness Group Auth. request Deci

8 sion Background / DAGA – 7 DAGA Anytr
sion Background / DAGA – 7 DAGA Anytrust servers Entity / user • Completeness • Soundness • Anonymity Group Auth. request Decision Background / DAGA

9 – 8 DAGA Entity / user • Anonymity â
– 8 DAGA Entity / user • Anonymity • Proportionality Group Auth. request Decision Anytrust servers + Linkage Tag Background / DAGA – 9 DAGA • Anonym

10 ity • Proportionality • Deniability
ity • Proportionality • Deniability Group Auth. request Decision Entity / user Anytrust servers + Linkage Tag Background / DAGA – 10 DAGA • Anonymity

11 • Proportionality • Deniability •
• Proportionality • Deniability • Forward security Group Auth. request Decision Anytrust servers Entity / user + Linkage Tag Background / DAGA – 11 Ve

12 rifiers Prover Context Build request / c
rifiers Prover Context Build request / client’s protocol Adapted / redrawn from https://github.com/dedis/student_17/blob/master/pfs_pop/presentation_pfs_pop

13 .pdf Background / DAGA – 11 Verifiers
.pdf Background / DAGA – 11 Verifiers Prover Context Build request / client’s protocol Initial tag Adapted / redrawn from https://github.com/dedis/studen

14 t_17/blob/master/pfs_pop/presentation_pf
t_17/blob/master/pfs_pop/presentation_pfs_pop.pdf Background / DAGA – 11 Verifiers Prover Context Build request / client’s protocol Initial tag Proof gene

15 ration Adapted / redrawn from https://g
ration Adapted / redrawn from https://github.com/dedis/student_17/blob/master/pfs_pop/presentation_pfs_pop.pdf Distributed randomness / challenge generation

16 ∑ Challenge ∑ commitments Backgroun
∑ Challenge ∑ commitments Background / DAGA – 11 Verifiers Prover Context Build request / client’s protocol Initial tag Proof generation Adapted / r

17 edrawn from https://github.com/dedis/stu
edrawn from https://github.com/dedis/student_17/blob/master/pfs_pop/presentation_pfs_pop.pdf Distributed randomness / challenge generation ∑ Challenge ∑

18 commitments Request (with ∑ response
commitments Request (with ∑ responses) Servers’ protocol Collective proof verification, decision and Tag building Linkage tag Overview • Background /

19 DAGA • Cothority implementation •
DAGA • Cothority implementation • Authentication delegation • PoC demo • Conclusion &? Future 12 Cothority Implementation 13 • DAGA Library (contin

20 uation of A. Villard’s work) • New S
uation of A. Villard’s work) • New Service & Protocols (context generation / challenge generation / DAGA servers’ protocol) • Can run simulations loca

21 lly and on DETERLab • 80% code cove
lly and on DETERLab • 80% code coverage • Possible to generate proto files • CLI client Cothority Implementation 14 • DAGA Library (continuation of

22 A. Villard’s work) • New Service & P
A. Villard’s work) • New Service & Protocols (context generation / challenge generation / DAGA servers’ protocol) • Can run simulations locally and on

23 DETERLab • 80% code coverage • Pos
DETERLab • 80% code coverage • Possible to generate proto files • CLI client 15 DAGA Cothority 16 Client / 3 rd party service admin 1) Collect public

24 keys of subscribers 2) Build a roster
keys of subscribers 2) Build a roster of willing conodes (partnerships or open access nodes) Administrative phase 16 Client / 3 rd party service admin Con

25 text generation protocol Random node 1)
text generation protocol Random node 1) Collect public keys of subscribers 2) Build a roster of willing conodes (partnerships or open access nodes) 3) Ca

26 ll CreateContext ( keys , roster ) Adm
ll CreateContext ( keys , roster ) Administrative phase Other nodes 16 Client / 3 rd party service admin Context Context generation protocol Random node 1) C

27 ollect public keys of subscribers 2) B
ollect public keys of subscribers 2) Build a roster of willing conodes (partnerships or open access nodes) 3) Call CreateContext ( keys , roster ) Admi

28 nistrative phase Other nodes New Cothori
nistrative phase Other nodes New Cothority For the new context Entity Build auth. Message M Initial tag Proof generation challenge generation protocol ∑ C

29 hallenge Call Auth(M, ) Ser
hallenge Call Auth(M, ) Servers’ protocol Linkage tag DAGA cothority Call PKClient ( ∑ commitments, ) DAGA context Need to keep

30 state across endpoint calls ➔ avoid b
state across endpoint calls ➔ avoid by storing it in clients Cothority Implementation 18 • DAGA Library (continuation of A. Villard’s work) • New Serv

31 ice & Protocols (context generation / c
ice & Protocols (context generation / challenge generation / DAGA servers’ protocol) • Can run simulations locally and on DETERLab • 80% code coverage

32 • Possible to generate proto files •
• Possible to generate proto files • CLI client Simulation results – total authentication time 19 2) Local Setup: • Debian 9, AMD64 • CPU: 8 @ 2.50

33 GHz • RAM: 16 GiB 1) DETERLab Setup:
GHz • RAM: 16 GiB 1) DETERLab Setup: • pc2133 nodes: • Ubuntu 14.04, AMD64 • CPU: 4 @ 2,13 GHz • RAM: 4 GiB • LAN with 100 ms delay Local DETE

34 RLab Wall time [s] Number of group membe
RLab Wall time [s] Number of group members Number of group members Original results and previous student’s results 20 Taken from https://github.com/dedis/stu

35 dent_17/blob/master/pfs_pop/presentation
dent_17/blob/master/pfs_pop/presentation_pfs_pop.pdf Original paper (2014) Previous student Simulation results – total authentication time 21 Wall time [s]

36 Local 4 servers Local 16 servers Number
Local 4 servers Local 16 servers Number of group members Number of group members Simulation results – total server traffic 22 Traffic [KiB] ~ Previous stu

37 dent’s results Cothority Implementatio
dent’s results Cothority Implementation 23 • DAGA Library (continuation of A. Villard’s work) • New Service & Protocols (context generation / challeng

38 e generation / DAGA servers’ protocol)
e generation / DAGA servers’ protocol) • Can run simulations locally and on DETERLab • 80% code coverage • Possible to generate proto files • CLI cl

39 ient Overview • Background / DAGA •
ient Overview • Background / DAGA • Cothority implementation • Authentication delegation • PoC demo • Conclusion &? Future 24 Authentication delegat

40 ion 25 DAGA cothority Entity / user Auth
ion 25 DAGA cothority Entity / user Authentication delegation 25 DAGA cothority Entity / user Service Provider Authentication delegation 25 DAGA cothority Ent

41 ity / user Service Provider Authenticat
ity / user Service Provider Authentication delegation 25 DAGA cothority Entity / user Service Provider Authentication Delegation Protocol 26 RP IdP OpenID c

42 onnect authentication - “code flow”
onnect authentication - “code flow” 26 RP GET rp /login IdP OpenID connect authentication - “code flow” 26 RP GET IdP / daga_auth REDIRECT IdP / d

43 aga_auth GET rp /login IdP OpenID conne
aga_auth GET rp /login IdP OpenID connect authentication - “code flow” 26 RP IdP authenticates user - agent GET IdP / daga_auth REDIRECT IdP / daga_aut

44 h 200 authentication page GET rp /login
h 200 authentication page GET rp /login GET rp /callback with code REDIRECT rp /callback with code IdP OpenID connect authentication - “code flow” 26

45 RP IdP authenticates user - agent GET
RP IdP authenticates user - agent GET IdP / daga_auth REDIRECT IdP / daga_auth 200 authentication page GET rp /login GET rp /callback with code POST IdP

46 / token_endpoint with code 200 token
/ token_endpoint with code 200 token REDIRECT rp /callback with code IdP OpenID connect authentication - “code flow” 27 RP IdP GET IdP / daga_auth R

47 EDIRECT IdP / daga_auth 200 authenticat
EDIRECT IdP / daga_auth 200 authentication page GET rp /login 27 RP IdP GET IdP / daga_auth REDIRECT IdP / daga_auth 200 authentication page GET rp /login

48 27 RP IdP DAGA client daemon Browser /
27 RP IdP DAGA client daemon Browser / WEB UI REDIRECT IdP / daga_auth 200 authentication page GET rp /login GET IdP / daga_auth 28 RP IdP DAGA client d

49 aemon Browser / WEB UI 28 RP IdP DAGA c
aemon Browser / WEB UI 28 RP IdP DAGA client daemon Browser / WEB UI Arguments, context + key 28 RP IdP DAGA client daemon Browser / WEB UI Arguments, co

50 ntext + key Call PKClient (commitments
ntext + key Call PKClient (commitments) Challenge 28 RP IdP DAGA client daemon Browser / WEB UI Arguments, context + key Call PKClient (commitments) Chal

51 lenge Auth. Msg 28 RP IdP DAGA client d
lenge Auth. Msg 28 RP IdP DAGA client daemon Browser / WEB UI Arguments, context + key Call PKClient (commitments) Challenge Auth. Msg POST back with Auth.

52 msg 28 RP IdP DAGA client daemon Brows
msg 28 RP IdP DAGA client daemon Browser / WEB UI Arguments, context + key Call PKClient (commitments) Challenge Auth. Msg POST back with Auth. msg Call

53 Auth (Auth. msg) Linkage Tag 28 RP IdP D
Auth (Auth. msg) Linkage Tag 28 RP IdP DAGA client daemon Browser / WEB UI Arguments, context + key Call PKClient (commitments) Challenge Auth. Msg POST ba

54 ck with Auth. msg Call Auth (Auth. msg)
ck with Auth. msg Call Auth (Auth. msg) Linkage Tag GET rp /callback with code REDIRECT rp /callback with code 28 RP IdP DAGA client daemon Browser / WE

55 B UI Arguments, context + key Call PKC
B UI Arguments, context + key Call PKClient (commitments) Challenge Auth. Msg POST back with Auth. msg Call Auth (Auth. msg) Linkage Tag GET rp /callback w

56 ith code POST IdP / token_endpoint wit
ith code POST IdP / token_endpoint with code 200 token REDIRECT rp /callback with code Demo 29 Conclusion 30 • Democratization of DAGA as anonymous au

57 thentication is feasible • Future work
thentication is feasible • Future works: Conclusion 30 • Democratization of DAGA as anonymous authentication is feasible • Future works: • Need ways t

58 o manage partnerships and evolve context
o manage partnerships and evolve contexts Conclusion 30 • Democratization of DAGA as anonymous authentication is feasible • Future works: • Need ways to

59 manage partnerships and evolve contexts
manage partnerships and evolve contexts • Need ways to scale (random sub - groups) Conclusion 30 • Democratization of DAGA as anonymous authentication is

60 feasible • Future works: • Need way
feasible • Future works: • Need ways to manage partnerships and evolve contexts • Need ways to scale (random sub - groups) • Need to armor everything

61 (memory protection,…) 31 Taken from ht
(memory protection,…) 31 Taken from https://github.com/dedis/student_17/blob/master/pfs_pop/report_pfs_pop.pdf 32 Local 8 servers, linear Local 8 servers, li