Andrew McNabGrid Certs, Manchester HEP, 8 Nov 2002Slide 1 What can you do with a Grid Certificate? Andrew McNab High Energy Physics University of Manchester

Andrew McNab Grid Certs, Manchester HEP, 8 Nov 2002 Slide 1

What can you do with a Grid Certificate?

Andrew McNab

High Energy PhysicsUniversity of Manchester


Overview

• Public Key Cryptography• Encrypting and Signing with a public key• Proving its MY public key - CAs• Connecting with a key - ssh• Connecting with a certificate - https• Delegating - Globus proxies• Passports vs Visas• Access control lists - GGF• Putting the grid into the OS - SlashGrid• Extending HTTPS - G-HTTPS


Public Key Cryptography

• This is one of the most interesting and downright useful areas of applied maths

• Invented twice thanks to Official Secrets Act– by people at GCHQ 1970-4 (published 1998)– again by Diffie and Hellman at Stanford, 1976

• Various algorithms exist– Most common is RSA, invented by Rivest,

Shamir and Adelman in 1977– Initially patented (expired in 2000)– Also subject to US export legislation, despite

being simple enough to put on a T-Shirt!


RSA algorithm (simplified a bit)

• Say have public key n = pq, p and q are prime.• Private key d, 3d = 1 (mod [[p-1][q-1]])• Encrypt message M (< n) as C = (M^3) mod n• Decrypt message M = (C^d) mod n• For example, n = 5 x 3 = 15, M=12

– d = 3– C = 12^3 mod 15 = 3– M’ = 3^3 mod 15 = 12 !!

• However, if I don’t know p and q, I can’t get d.• If n=pq is very big, I can’t easily find prime

numbers such that p q = n


Encrypting with public key

• I can generate public and private keys• I publish my public key• You can turn a message into a number and

encrypt it• Only I, who also know the private key, can

decrypt it• This solves one of the ancient problems of

cryptography, going back to Greeks etc– how to first get the encryption “secret” from

the recipient to the sender in a secure way


Simple application: secret emails

• Internet email is pretty insecure• Anyone who can listen on the network can

see what’s in the emails as they go past• But using public and private keys, people

can encrypt a message and include it in an email

• Keys and messages are base64-encoded blobs of text like this:-----BEGIN RSA PRIVATE KEY-----MIIBPAIBAAJBAOd5Zstqe+PGkfg4T8e3tDAr3ykv79ErTvERwFlO64/6IA5KkpMKFizFR3hZmnC8lrS+5DItxdGkUo7y03mMMUsCAwEAAQJBAKQv0qA62cHJGcTtfHl3bpI0rEg0vnCpvYb1RnCSsDggo4Banb7/ak2a/QrvfWoyt4Y60PE/6ypGvgiy6eqMd+ECIQD8+88SCzXjDoNHxfjceTdeS2ZcA2xHdoL9179guWUM0wIhAOo78FEVh45/DagJRqXWNo81Sp1fk5LaIkmVXx2akh6pAiEAj2PCeH22K14cdt/1MDHceivOdrTR+Kdpk6tno9ExP1UCIQChLwHeKjyP+CpDma596/y7a2afCOgaQ/UYQaukSXuHkQIgZQFJimvH4ZZjErleQ+KsmyI2NuTk2/EDQxbnpyN35+g=-----END RSA PRIVATE KEY-----


Signing emails

• This technology doesn’t only allow us to encrypt messages– I can use my private key to generate a digital

“signature”– Using my public key, you can verify that only

I could have generated it– This gives both simple signing (you can verify

the source) and non-repudiation (you can prove the same key signed a group of messages and I can’t deny it)

• Signature is another block of text at the end of the original message in plaintext


Proving it’s MY public key

• However, other people still have to verify it really is MY public key they are using– What if I can’t physically give you the key?

• Certificate Authorities (CAs) / Trusted 3rd Parties resolve this

• They sign other people’s public keys, along with a unique name -> “a certificate”– You still have to get the CA public key somehow

• So: I can get my public key signed, put it on my webpage and you can verify it’s really mine– it’s hasn’t been replaced by a hacker, say


Certificate Authority namespaces

• CA needs to have some unique naming for individuals

• Could use Name + Postal Address, or Email Address.

• In practice, use an X500 hierarchy:– /C=UK/O=eScience/OU=Manchester/L=HEP/CN=Andrew

McNab

• We use the UK HEP CA and now also the general e-Science CA at RAL– We are now directly responsible for names

under /C=UK/O=eScience/OU=Manchester/L=HEP/…

– New CA requires us to check some photo ID


Connecting with a key

• ssh uses RSA and similar algorithms• Server generates a key pair to identify itself• Users can generate key pairs to use instead

of passwords– At CERN, SLAC etc, put your public key in

~/.ssh/authorized_keys

• When you connect, ssh checks if server key pair is the same as last time– but, the first time, it has to take it on trust– would be better to use a signed certificate,

rather than just a public key


Connecting with a certificate

• You’re probably familiar with https websites– eg for credit card orders from Easyjet

• These use RSA etc to secure the connection• Hosts have certificates rather than just

public keys– in cert name have …/CN=www.easyjet.com

• So web browser can verify you’re really giving your credit card number to Easyjet

• Also, if you put a user certificate into the browser, webserver can verify who you are


GridSite

• GridSite system has user authentification– Written here and used for www.gridpp.ac.uk

• Maintains lists of users in different groups• Each directory has a list of groups who can

modify its webpages • Tools on website allow you to upload files,

edit pages• Group admins can modify the membership

of their group too• Devolves the work of maintaining the site

down to each subgroup


Other services using certificates

• Globus’s grid services use the same idea:– GridFTP for bulk file transfers– GRAM for job submission– GSI-ssh: normal ssh modified to use server

and user certificates rather than just key pairs

• Since both Globus and https use the same, X509 format certificates, Grid/Web can be integrated

• Only need to get 1 user certificate, both for purely Grid and https Web sites.


Globus Delegation

• In normal https, I can prove who I am to the website, but that’s it– Globus extended this idea with delegation

• When I contact a remote host, it also makes a new, temporary key pair with my name– I agree to sign the public key, like a CA does

• My programs on the host can then contact other hosts with the “proxy” = chain of certs

• A 2nd remote host can check I authorised all this, by checking the chain of certs one by one– no need to take 1st host’s word for it!


“Single sign-on”

• Delegation allows you to just sign on once• Do grid-proxy-init command once each day

– locally delegates proxy as /tmp/x509up_uXX

• Each Globus program looks for this when connecting:– globus-job-run for job submission– globus-url-copy for file copying– gsi-ssh for getting a remote command line

• EU DataGrid programs built with this do too:– dg-job-submit – dg-job-get-output


Delegation in jobs

• As the Grid becomes more complex, delegation becomes vital

• User at Site A submits a job– Job goes to Resource Broker at Site B– RB sends job to Site C which has spare CPUs– Job running at C reads data catalog at Site D– Job at C reads closest data replica from Site E– Job finishes hours later and sends output to

file server back at Site A

• Delegation means not having to take other sites’ “word for it” - which wouldn’t scale up


Passports vs Visas

• Globus uses grid-mapfile - lists mapping of certificate name to local unix user ID– if you’re “on the list” then you are in

• This is equivalent to a Passport + a Ban / Invitation List

• New systems being built with a Visa model– when I make my initial proxy, I also include

a signed statement from my organisation– this “attribute cert” proves my membership– since I can’t forge the Atlas signature, each

site doesn’t need the list of “all Atlas Users”


Grid Access Control Lists

• Our GACL format provides a way of writing ACLs using Grid credentials– user certificate names, group certificates

etc

• GridSite uses this format already• Other projects (eg EDG Storage Element)

taking it up• Now part of the authorisation work in

Global Grid Forum (GGF)– GGF: world wide standards body for Grids– I co-chair the Authorisation Working Group


SlashGrid: Grid filesystems

• Almost all EDG sites use Manchester’s pool accounts system– get a temporary Unix UID when you run a job

• SlashGrid adds to this by controlling disk access and file ownership– use GACL access control lists to say who owns

each directory– enforced at kernel level so all programs see it

• Unix ID doesn’t matter: Grid ID does• Also provides a remote filesystem using https

– Like AFS, but Grid credentials and web servers


Extending HTTPS - G-HTTPS

• Normal HTTPS is already very Grid-like• Work now underway to add more Grid features

– need to avoid breaking existing HTTPS– our G-HTTPS proposal designed to do this

• Delegation from client to server– so get all the benefits discussed already

• Servers can return the ACL along with the file– so if I cache a copy locally, I know who I can

share the copy with

• Relevant EDG groups involved; taking it to GGF


fileGridSite

• fileGridSite is a cut down version of GridSite– just does plain text/binary files– group/webpage management features removed

• A testbed for new HTTPS extensions• Made possible by Mike Jones’ mod_ssl-GSI

– this makes web servers understand Globus delegated proxies

• G-HTTPS lets the server get a delegated proxy itself

• fileGridSite aims to offer the same functions as a GridFTP server, but with HTTP/HTTPS


Summary

• Public key cryptography provides privacy and authentification

• Certificate Authority infrastructure makes it scalable

• Lots of Web and now Grid tools have been built to use it

• Delegation makes Grids practical• New tools for group membership, and

disk/web access control being developed– much of it here at Manchester

• All this feeding into new Grid-wide standards

Documents

Andrew McNabGrid Certs, Manchester HEP, 8 Nov 2002Slide 1 What can you do with a Grid Certificate? Andrew McNab High Energy Physics University of Manchester