Apache Milagro Aims to Fix Web Security for Cloud, Mobile, IoT
Editor's Note: This article is paid for by MIRACL as a Diamond-level sponsor of ApacheCon North America, to be held May 11-13, 2016, and was written by Linux.com.
As the Internet continues to both grow in size and widen in scope, so do demands on the supporting infrastructure. The number of users and devices, amount of activity, internationalization of the web, and new devices that range from mobile apps and cloud instances to "Internet of Things," put strain on the system. Not just for bandwidth or service availability, but also on the assurance of trust -- trust that the entities at each end are who (or what) they say they are, and that their communications are private and secure.
One piece of assuring trust is watching for and fixing vulnerabilities in key software and systems. (E.g., the "HeartBleed" bug in OpenSSL, Superfish malware, and the September 2011 revocation of DigiNotar's certificate authority.)
HackerOne, founded in 2012, has been instrumental in helping to discover and disclose computer security vulnerabilities. According to CEO Mårten Mickos, "As of mid-April 2016, the company's customers had fixed over 22,000 bugs and vulnerabilities that were reported to them by HackerOne's global community of security researchers and hackers," says Mickos. "We have publicly disclosed at least 1,600 reports, which provides invaluable data to security researchers and others."
Another way of assuring trust is through the PKI (Public-Key Infrastructure), which is supposed to allow web browsers to validate that the various web sites their users request are who/what they say they are, along with securing TLS and SSH connections. But this system, too, has its limitations.
"Securing website communications with SSL/TLS (Secure Sockets Layer/Transport Layer Security) has traditionally required too much knowledge and effort," comments Josh Aas, Executive Director of the Internet Security Research Group, which provides Let's Encrypt, a free, automated, and open certificate authority (CA).
Let's Encrypt eliminates barriers of cost and complexity by offering individuals and companies the ability to install free certificates in seconds.
"In some countries it has been difficult or impossible to obtain SSL/TLS certificates from established providers... and some of the established providers have been shown to be too lax about security," Aas adds. "Let's Encrypt is working to alleviate these problems for current PKI users, with scalable automated provisioning, global availability, a level of transparency that people should expect from organizations they trust."
However, while essential to keeping today's Internet working safely, there are new, fast-growing security and privacy concerns that these activities don't address.
Cloud, Mobile Apps, IoT Need New Trust Paradigms
Web browsing typically involves a user going to a variety of sites throughout the day. The primary "trust" concern is ensuring we have reached the correct, legitimate site, e.g., Amazon.com, AmericanExpress.com, PayPal.com, rather than an incorrect or spoofed site, and that a connection announcing itself as secure, e.g., with an HTTPS or SHTTP in the URL.
This authentication is currently done using a PKI (Public Key Infrastructure) certificates system -- although, as HackerOne, Let's Encrypt and other organizations' activities show, along with too many unacceptable "events," there are some cracks in the infrastructure.
But even if the existing PKI is fixed, it can't address, or isn't a match for, some of the new Internet methods' requirements.
"Monolithic trust hierarchies rely on PKI, and don't scale well," says Brian Spector, CEO at MIRACL, which develops authentication and encryption for use in distributed environments, and is one of the key contributors to Apache Milagro (incubating), a distributed cryptosystem for cloud computing, within the Apache incubator.
Additionally, says Spector, legacy authentication methods aren't a match for the needs of cloud, mobile, containers, IoT and other environments.
"Digital certificates don't easily allow mutual authentication," says Spector. "For example, when I use my web browser, I go to lots of websites. The only thing that needs authenticating is the link between a website and the browser."
By comparison, says Spector, "When I use a mobile app on my smartphone, each app is 'hard-wired' to go to its specific target. The Facebook app only connects to Facebook, my bank's mobile app only connects to that bank, the Instagram app goes only to Instagram. The only thing that needs authenticating is the link between a web site and the browser.
“Likewise, when I use mobile apps, each app is 'hard-wired' to reach its specific target,” says Spector. “The Facebook app only connects to Facebook, my bank's mobile app only connects to that bank, the Instagram app connects only to Instagram. A mobile app authenticates the user to the site, and encrypts app/server communications. And today, certificates only validate web sites."
Also, Spector points out, "Unlike browsers, which have a URL bar that can 'turn green' to show validation, there isn't an equivalent one on a mobile app, that users can see."
The same is true in cloud environments, which are increasingly populated by often-ephemeral container and virtual machine instances spawned automatically and rapidly on demand.
Each container or VM instance needs its own authentication; they can't simply all be identically-tokened clones. Also, communication inside and among containers needs to be secured -- encrypted. "You need to secure each container so that it is securely bootstrapped, uniquely keyed and identified, so these keys can be used to do ad-hoc peer-to-peer security, client/server security, container communication security, et cetera," says Spector. "And home-grown PKI solutions tend to be difficult to set up, brittle once that's done, and don't scale well."
When it comes to securing the Internet of Things, device fleets can have millions of devices connecting to a back end. "Like mobile apps, these need to communicate over secure TLS, using pre-shared keys that are dynamically generated for each session," says Spector. "You don't want IoT devices to have to do certificates processing, or load certificates as each device is manufactured."
A Proposed Distributed Trust Authority
Apache Milagro (incubating) project's proposed distributed trust authority (D-TA) architecture is intended to let the various players be in a distributed computing scenario so no one party has a root key, according to Spector, replacing either single-authority certificates or public key infrastructure.
This proposed distributed trust structure would be less vulnerable, according to Spector, "because there is no single point of compromise, like digital certificates have. It can't be spoofed, because trust is distributed among multiple points. And there are no stored usernames or passwords, so even if one point is compromised, there is nothing to steal.
"We want to move from a single, monolithic hierarchy of trust to one where publishers of enterprise, web and mobile apps can decide on, and provide, security," Spector said. "For example, a company based in Germany may have a different set of criteria for selecting D-TA's to get key shares than one in the United States for selecting trust partners. Or, say, an organization decides that it doesn't want any single commercial entity to hold its trust network. Just like Apache decided they didn't want a single corporate entity to 'own' the web server platform, we believe the same should be true for online authentication -- people should be able to determine what's best for their needs, and choose the partners that work best for them."
Some parts and versions of the proposed D-TA are already available and in use. For example, Experian, NTT, and Gov.UK are working with MIRACL's M-Pin protocol to do zero-password multi-factor authentication and certificate-less HTTPS.
Apache Milagro (incubating) isn't looking to replace digital certificates and PKI for web server-to-browser authentication, notes Spector -- although the company does offer a multi-factor in-browser tool. "We are looking to go where digital certificates and PKI cannot – cloud, mobile, containers, IoT -- where mutual authentication and key agreement is needed, but can't be easily done using those legacy methods."
This article was sponsored by MIRACL, a leading Internet cyber-security solution provider and a pioneer in cryptographic solutions for IoT devices and applications. Read the white paper "How to Renew Trust in the Internet" by our Chief Cryptographer, Dr. Mike Scott.