Open Source Security Token for Linux
A more secure login authentication model
Abstract
The project investigates and implements a two-factor authentication system utilizing
the RSA cryptography scheme. The system consists of an FPGA security token and
a PAM module for Linux. Two similar solutions were made, one air-gapped with
a shorter key (version A), whereas the other communicated over USB (version B).
The cryptography module in the FPGA supports no more than 512-bit RSA and is
the greatest area of improvement - since a longer key would provide more security
and still be supported by the rest of the system. Additionally, interesting follow-up
projects could be to explore quantum safe cryptography schemes - especially if to
be used for decades to come. Altogether, the prototype created is a basic, yet fully
functional, two-factor system with no obvious security flaws if deployed correctly.
The project is released as open source under the BSD license.
Degree
Student essay
Collections
View/ Open
Date
2017-08-10Author
Ben Mohammad, Johan
Fredriksson, Adam
Mathiesen, Christoffer
Roxbergh, Elin
Örtenberg, Gustav
Keywords
FPGA, Linux, Open source, OpenSSL, PAM, RSA, Security, Twofactor,
Language
eng