Last month I did a presentation at SDDN in Melbourne on RIA Services and it’s in built authentication and validation features.

The code is posted here:

<Sample Code>

.NET Ria Services Authentication and Validation Demo Code

</Sample Code>

The talk started off by running through the UserDTO object – under Services/DomainObjects. This object is exposed through the UserRegistrationService under /Services.

Next you’ll want to familiarise with the LoginManager in the Silverlight project (under Model/LoginManager.cs).

I then added some custom validation to the UserDTO object.

Next I created a UserValitator.shared.cs file under Services/DomainObjects and applied a metadata attribute to UserDTO to connect the two. .shared.cs files will be automatically made available to Silverlight by RIA Services.

The login stuff is built using the standard ASP.NET membership SQL provider, and the built in RIA Services abilities around this.

Read through LoginManager.cs see how the forms authentication object is created, and how the system uses the AuthenciationDomainContext, which is created on the sever in Services/DomainObjects. AuthenticationDomainService on the server contains the goods to validate a user and also provides a User class, which you can extend.

There is also a UserRegistration context in LoginManager which allows you to create a new user. See UserRegistrationService.cs on the server (under Services/DomainObjects) to see how this works (by using the MembershipHelper class).

See the Web.config to note how the system is configured to use the SQL connection, and in the membership section note that it is configured to use this same SQL connection.
You’ll need to configure your SQL database as well – to create the ASP.NET membership tables… run aspnet_regsql.exe (in C:\Windows\Microsoft.NET\Framework\v2.0.50727) from an elevated prompt to start the wizard.

This should be enough to get you started.

BTW, there is some great doco on this in the .NET RIA Services PDF file…

Enjoy!

There was a peculiar piece in the American Spectator online last week, a “Special Report” by Mark Hyman. The author lists a number of unfortunate circumstances by which harmless passengers, many times military personnel, have been delayed or hassled by TSA and airport security protocols. He blames these anecdotal mishaps on “government bureaucrats armed with ‘rules, policies and procedures’ and employing no commonsense.”

He goes on to question a number of security and procedural policies in government and military institutions, which he thinks are unnecessary and demeaning to the personnel at these institutions. As a primary example, Hyman makes the case that the rules for issuing and renewing CACs (Common Access Cards) are unneeded and absurd.

He is miffed because he did not renew his CAC before it expired and he had to go though a bureaucratic process to straighten this out:

“My CAC had expired days earlier so I contacted an issuing office to get a replacement. A clerk in the ID card office informed me that all appointments had to be made online using the intranet. Yet, my expired CAC prevented me from using the intranet system. In spite of my predicament the clerk told me, “Our policy requires all appointments to be scheduled online. If you are unable to use the intranet, then there is nothing more I can do.” It sounded like the beginning of an Abbott and Costello routine.”

“Rather than fight this particular battle, I decided to renew my CAC at another issuing office. While there, I was asked to produce a picture ID. I showed my state driver’s license. I was then asked for a second form of ID and was told the CAC was not acceptable since it expired five days earlier. A week earlier it would have been valid, but on this day it was deemed worthless. So I showed the clerk my company-issued ID card that looked as though it was made on an office computer and laminated at the local Kinko’s. As a matter of fact, that was exactly how that ID was manufactured. But it was good enough. The clerk accepted the flimsy company ID over the just-expired military CAC.”

Hyman concludes,

“What makes this episode even sadder is that the military CAC is generally not accepted as a valid form of identification for use by visitors to the Pentagon. Visitors must also have a Pentagon-issued ID or another form of identification such as a state driver’s license. The reason, according to a security officer, is that at least one machine that manufactures CACs and several hundred blank CACs are missing and presumed to have been stolen. Security officials do not know which CAC is valid and which is a forgery.”

The latter claim is nonsensical and shows that the security officials Hyman chats with are miss informing him about how his CAC works. This too, expresses a common misconception— that possession of the card is the only thing that verifies identity.

To his point about the pains of standing in line to renew something only to find that you don’t have the right materials: I can empathize with this, but I cannot gather what rules Hyman thinks are silly, and which are reasonable. Is he arguing that he shouldn’t have to have a CAC, or that he should be able to use his expired CAC, by itself, for renewal? And what does this have to do with policy created by top-level military and government officials?

What is clear from reading the piece is that he doesn’t like the rules much because he doesn’t understand why they are in place. He wanted an exception so he could use his expired CAC. Similarly, in another of his examples, he complains that his wife couldn’t renew her own CAC using an expired passport.

There are two fundamental questions that would help Hyman better appreciate these rules: Why are identification badges, such as CAC cards, used? And, how is the true identity of a badge-holder verified? In other words, what is a CAC good for anyways?

The military provides several resources for answering these questions. In fact, had Hyman consulted these, or unofficial resources, anytime before his CAC expired he would have had less of a hassle renewing it.

Identity, and the privileges we associate with it, is an abstract thing that is difficult to verify. The best way for a large institutions to verify a person’s identity is to gather the various artifacts of identity, such as a state driver’s license, for this person and grade the validity of these items and the authority of the institution who gave the item.  The bureaucratic pronouncements on this process (i.e. presidential directives and policies) say that the best way to verify the identity and authorization of millions of people is to create a system of rules that make the procedures repeatable, reliable, and safe. (One such rule may reason that an expired identity artifact should not be considered valid, even if it was valid yesterday.)

Now, the process of using a CAC card is not as simple as it could be. Systems that use badges for the identification of people and the verification of people’s permissions and authority are complex and imperfect, but this is not a problem of bureaucracy. It’s more a matter of improving these systems for most users and reminding users, like Hyman, why they were given a badge to begin with.

A new vulnerability in Server 2008 and Windows 7 has been exposed. Read and prepare to discuss in class. http://bit.ly/1pbn2O

Late last night I received a SCOM alert indicating that a production database server was unavailable. Like any dedicated DBA I quickly remoted into my work computer and attempted to connect to the instance using SSMS. No dice. “Login failed. This user is not associated with a trusted connection” or something like that. I also noticed that Outlook was prompting me for credentials since I left it running at the end of that work day.

I figured there was some sort of network blip that caused the Outlook authentication prompt and was also somehow responsible for the inability to connect to the instance using SSMS. I tried to remote desktop to the database server and noticed a serious delay as it tried to process my credentials. And yes, I was incredibly relieved at this point since the database server was at least up and running.

While waiting for the desktop to appear I started poking around the network and noticed that one of our many DNS servers was unavailable. Our standard practice is to have a backup DNS entry on all servers and workstations. Somehow this guy slipped through the cracks because when I finally got to the desktop and was able to view the network settings, I saw that the only DNS entry on the main network card for this server was, of course, the DNS server that crashed.

Why am I talking about DNS issues on a SQL blog? Besides the fact that it’s good to be well-rounded when it comes to troubleshooting, I learned something last night. Well, maybe I already knew it but never thought about it until this issue arose. During this mini outage I checked the primary application that talks to that instance and it was running smoothly. No funky errors about not being able to connect to the database. No timeouts. It just worked. It turns out that the application uses SQL authentication rather than Windows authentication to connect to the database. For this reason, the application connectivity was unaffected by the DNS server going down.

I verified this by trying to connect to the instance, via SSMS, using SQL authentication. In there like swimwear. So I guess the lesson to be had here is if you rely solely on Windows authentication for your applications to connect to your SQL database, make sure you have A. a backup DNS server and B. an entry for it in your DNS settings on the database server.

Hope this helps someone.

http://blog.plataformatec.com.br/2009/11/understanding-devise-roles/
– Understanding Devise roles

An “Authentication Gap” was discovered in the latest version of SSL/TLS protocol.This could potentially be a huge problem. The gap is not due to some erroneous implementation, it is a property of the protocol.

Here is a list of links to websites where the issue is being followed:

http://www.phonefactor.com/sslgap/

IETF resources

Red Hat

SANS.org

Problem description

You have successfully installed SCOM Agent manually on managed computer. However, managed computer doesn’t appear in the Agent Managed or Pending Management list in the Operations Console.

The following event is logged in the Operations Manager event log on Agent-managed computer:

Event Type:            Error

Event Source:         OpsMgr Connector

Event Category:     None

Event ID: 20057

Description: Failed to initialize security context for target MSOMHSvc/<SCOM Management Server Name> The error returned is 0×80090311(No authority could be contacted for authentication.).  This error can apply to either the Kerberos or the SChannel package.

How to confirm the problem?

To troubleshoot the issue, Microsoft Network Monitor can be used:

• Stop HealthService on managed computer to stop the SCOM Agent (open the Command Prompt and type the net stop HealthService).
• Start Microsoft Network Monitor.
• Click on the New capture tab.
• In the Capture Filter, enter the following filter:

• Click on the Apply button to apply the Capture Filter.
• Click on the Start button to start the new capture.
• Now, quickly start the HealthService to start the SCOM Agent (net start HealthService).
• Wait (usually 10-15 seconds) until event 20057 appears in the Operations Manager event log on the affected computer.
• In Network Monitor, click on the Stop button to stop the capture.
• Now carefully revise capture frames in the Frame Summary window. You should see KerberosV5 and LDAP protocol traffic against the Active Directory Domain Controllers.

NOTE: Above applies in case that you are not using certificate-based authentication.

To resolve this issue, make sure that TCP/UDP 88 port (Kerberos) and TCP/UDP 389 port (LDAP) is open against the Domain Controllers in your Active Directory environment.

These ports are not documented in the TechNet’s article Using a Firewall with Operations Manager 2007.

What happens under the hub?

When SCOM Agent <-> Management Server communication starts, authentication takes place (Kerberos). If you have multi-domain environment, things are bit more complicated. Before the authentication protocols can follow the forest/domain trust path, the service principal name (SPN) of the SCOM Management Server must be resolved (LDAP).

When a managed computer (SCOM Agent) in one domain attempts to access resource computer (SCOM Management Server) in another domain, it contacts the domain controller for a service ticket to the SPN of the resource computer. Once the domain controller queries the global catalog and identifies that the SPN is not in the same domain as the domain controller, the domain controller sends a referral for its parent domain back to the workstation. At that point, the workstation queries the parent domain for the service ticket and follows the referral chain until it gets to the domain where the resource is located.

If you have SCOM Management Server in child domain A of the Active Directory Forest infrastructure and the SCOM Agent in child domain B, make sure that SCOM Agent is able to access all DC’s in the referral chain which are required to get to the domain where SCOM Management Server is located.

For more information about the ports required for the System Center Operations Manager, and the authentication in Operations Manager, refer to the following TechNet articles:

Authentication and Data Encryption for Windows Computers in Operations Manager 2007, available at the: http://technet.microsoft.com/en-us/library/bb735408.aspx

Using a Firewall with Operations Manager 2007, available at the: http://technet.microsoft.com/en-us/library/cc540431.aspx

by Taher Elgamal
Chief Security Officer
Axway

(To read Part 1, click here.)

This is going to continue to be an arms race for a long time.

I don’t think society will actually change. People in important positions don’t even listen to financial experts, let alone IT security experts. And I’m willing to bet money that there is another financial problem that somebody has warned us about, and that nobody is paying attention to, because of the cost. People are hesitant to take action with anything that involves cost. I’m not saying you should spend money on a whim. But there are certainly a collection of experts in every single one of these technical fields that can make a judgment call as to how much risk a system is willing to take and when we must draw the line. And right now, we’re drawing the line so far out that a lot of criminals can gain a great deal of unauthorized access, and the level of fraud online carried out today is indicative of this.

The real issue is a fundamental lack of imagination on the part of the decision makers and CEOs. “Why am I going to spend all this money?” the CEO asks. The CEO waits until a regulation comes up. When the government actually speaks up and sticks a regulation to a certain type of company for something, the CEO puts forth the effort to get there. The problem with mere regulation—and this is how the entire system works—is that it doesn’t solve the real problem. It just makes people compliant. It does not make sure that the wrong people don’t gain unauthorized access, it just makes sure that the right people are acting just a little bit more safely. It’s true, I’ll admit, it is a little bit better to be compliant with all these regulations. But it does not address the real issue.

Finally, consider this:

If the concern over cyber issues is now an integral part of business, if it’s no longer a back office thing, if it’s now front and center, in the middle of everything, then cybersecurity people should be involved in the decision-making process, not just dismissed as back-office techies. That implies more training for the cybersecurity people to both be able to evaluate risk and to understand the particular business needs that the enterprise faces. Are you ready for that?

by Taher Elgamal
Chief Security Officer
Axway

Michael Fitzgerald’s excellent piece for CSOOnline.com, “Organized Cybercrime Revealed,” continues to be pointed to on Twitter more than a month after its publication.

And rightly so. It’s a nice article, full of excellent details and compelling information.

But the thing that puzzles me always about an article like this is why it discusses, as news, something that is completely expected. If you put money in front of a criminal, what do you think they’re going to do with it? We’ve continued to blame criminals for criminal acts, which makes no sense: it’s what they do! When society provides opportunities for criminals to act like criminals, it’s society who is truly at fault.

If you would’ve asked anyone in the security/technical community—any reasonable CSO—at any time in the last fifteen years, “How will the profile of a hacker shift in the future?”, they would’ve told you that the smart hacker who wants to be famous by writing cute little viruses will be replaced by an actual criminal committing an actual crime, because things online aren’t secured very well. Sure, we have some controls and technologies deployed, but there has not been enough support to deploy even simple authentication technologies, and the absence of these technologies gives modern hackers gumption. The entire Web runs on passwords, and these passwords are very easy to guess. And that this is still the paradigm reflects a fundamental ignorance on the part of business people and governments. People who implement systems and run corporations—they don’t want to listen to security guys because security guys are, in their opinion, flat-out paranoid. Why would you want to listen to a paranoid guy tell you that there is a possibility that at some point in the future something bad will happen? But despite the fact that so many bad things are happening, and this “just ignore the paranoid security guy” attitude led to these bad things, we still think this way.

In the second part of this blog entry, I’ll speculate on where this is all going.

I had occasion recently to sit down to talk with Reliable Identities‘ Wes Kussmaul, accomplished entrepreneur, author, and prolific Internet tinkerer.  Wes experienced early success founding the Delphi Internet service.  (Some of the more seasoned among you may remember Delphi as being one of the early online services, along with CompuServe, Prodigy,  and AOL.)

These days, Wes is talking about another frontier – identity authentication.  It is interesting to think that we are as inattentive to establishing and authenticating everyone ’s digital identity as we are focused on proving and authenticating people’s identities in the real world.

Think about this.  Think of the number of real-world transactions you engage in during the course of each day, each week, each year, and how many times you are asked to provide proof of your identity using your birth certificate, driver’s license, social security number, or passport. Each of these pieces of documentation is based on one or another form of face-to-face authentication.  In this way, isn’t nearly every significant real-world interaction based upon some form of face-to-face authentication?

To operate a motor vehicle you need both a driver’s license (which includes a face-to-face authentication) and an automobile registration (and, often, insurance, as well).  To operate on the Internet, you need only a username and password, and the nearest internet cafe.

The “wild, wild west” metaphor may be over-used, but it remains relevant, and many times we never really know with whom we are interacting.  Yes, our access credentials get authenticated every time we log onto a specific website, and OpenID is making this easier for us every day.  However, who are we really interacting with on the internet, and how do we know who we are interacting with?  In the worst case scenarios, there have obviously been too many well-publicized stories of people taking advantage of the veil of secrecy and deception afforded them by the Internet to tragic ends.

Wes Kussmaul has given no little thought to the lack of identity authentication in the digital world, proposing his ideas – among other places – to the International Telecommunications Union, and in at least a couple of books, the most notable of which is Quiet Enjoyment.  (Wes and PKI Press have provided copies of Quiet Enjoyment and another Wes Kussmaul book, Own Your Privacy to me.)

One of Wes’ more compelling ideas for me is around the concept of identity quality.  It is possible, Wes believes, to construct quantitative ways to measure the quality of an identity authentication.

Conceivably, then, this provides a range of identity authenticity which could then be applied to the type and  level of access that a person wanted.  Just as we have seen differentiated levels of service at the airport provided to people who choose to pay for to have their identities authenticated, there could possibly be differentiated levels of access to websites on the Internet based on the quality of an identity authentication.  So, for example, perhaps not everyone gets equal access to a teen chat site where there is the danger of someone impersonating a teenager for malicious purposes.

Some aspects of these ideas are likely to be more challenging, in practice if not in acceptance.  The idea seems to be that people would be issued a certificate of authenticity, attesting to the authenticity of your identity, much as a notary public attests to the authentic correspondence between your identity and your written signature today.  There are, however, qualitative differences between the kind of identity authentication that Wes seems to be proposing and the function of notary public, which raises some questions about scalability, privacy, and the balance between security and convenience.

On the issue of anonymity, Wes is quick to point out that identity authentication and anonymity are not mutually exclusive, and that the intent of identity authentication is not to render anonymity obsolete.

There are, I find, at least a couple of difficulties in this discussion:

1. Inevitably, the discussion gets down to a technical level that some may find challenging – two-factor vs. three-factor vs. x-factor level authentication; Private/Public key infrastructures, and things like SAML; and
2. Definitions (trust, authenticity, access, authorization…): these are words that (a) have both real-world and digital-world meanings, and (b) in either world, have widely varying usage and meaning according to the context.
3. The question about identity authentication too often gets buried or lost, it seems to me, under the weight of focus given to identity theft, a related, but separate issue, and authorization and access – how identity is applied at the application layer.

The type of identity authentication that Wes is talking about, however, is not system- or application-level access authorization, and so is separate and distinct from the sort of credentials authentication that is embodied most often in what is called identity access and management (IAM) solutions.

Quiet Enjoyment is not a book for the timid – its table of contents runs 10 pages.  But it will make you think more deeply about trust, identity, identity authenticity, and many of the issues involved with how we trust the identity in the digital world.  Wes seems to argue that we are at, or nearing, an inflection point, and I am not so sure that he is wrong about that.  Former Secretary of Homeland Security Michael Chertoff was quite compelling, I thought, when he spoke – on more than one occasion, I believe – about identity being a critical asset, and becoming even more so with every passing day.  Wes Kussmaul’s ideas and efforts to address the issue are worthy of greater discussion.

Recommended Reads:

• Wes Kussmaul, Quiet Enjoyment. Waltham, Massachusetts: PKI Press. 2004.
  Available on Amazon.com, or from PKI Press.
• Mark Dixon, “Identity Trend 4: Identity Assurance“, discovering identity blog, October 6, 2009.
• Bruce Schneier, ” Why Technology Won’t Prevent Identity Theft“, Wall Street Journal, January 13, 2009
• Guy Huntington, “Identity Verification“, AuthenticationWorld Blog, July 21, 2009
• Bruce Schneier, “Why Do We Accept Signatures by Fax?“, Wired Magazine, May 29, 2008
• Bruce Schneier, “Real-ID: Costs and Benefits“, http://www.schneier.com/, March/April 2007
• Bob Blakley, “The Limited Liability Persona“, Identity and Privacy Blog, November 17, 2006

Asalam-o-alikum

It is obvious when ever we install xampp or wamp they just install mysql as a config authentication.  Which is somehow a security threat while your server is exposed to internet.

To override these settings of phpmyadmin in xampp follow these steps.

1. Find the privileges link on the home page of your localhost phpmyadmin.
2. Change the password for the root user by changing the privileges of the root user.
3. Now find the following file x:\\xampp\phpmyadmin.config.inc.php
4. In config.inc.php find following variable  $cfg['Servers'][$i]['auth_type'] = ‘config’;
5. Change the config to cookie.
6. now find $cfg['blowfish_secret'] = ‘xampp’;
7. and fill in/ change a blowfish secret what ever you like as the cookie will save by this name.
8. don’t forget to clear the user name and password variable in config.ini.php

This is it now just login to xampp it will prompt you to enter password.

I recently purchased the Motorola Droid from Verizon, and am so far very happy with it.  Other than finding the physical keyboard a bit lacking from being extremely spoiled by the Sidekick’s physical keyboard to which no other physical keyboard could ever hope to live up to, I’ve really had no complaints with the device or the Android 2.0 operating system that runs on it.  I have however, noticed that touch-screen smart-phone unlock screens (not just the Droid’s) are getting progressively less secure.

The problem with smart-phones with touch screens is that they suffer from a similar attack that physical keypad entry systems do; there is a physical remnant that can indicate the digits used in the entry code.  Physical keypads can have their keys worn down over time, so that if a common code is used, it is eventually apparent which keys are more used than others.  Smart-phones with touch screens suffer from a less permanent version of this, being skin oil left on the screen in the form of fingerprints.

A colleague here at work has an iPhone.  His unlock screen uses a number pad, and you enter in a PIN number to unlock it.  As you touch the screen to enter the PIN, your fingers will leave fingerprints on the digits that are contained in the PIN.  Because the digit button locations are static, even with other use of the touch-screen, over time you end up with little clusters of fingerprints on the screen indicating the digits used, which drastically shorten the search time of a brute force attack on the PIN if the user isn’t diligent about wiping down the touch screen periodically.

A friend of mine also has an iPhone, however she uses a different screen locking app, which instead of digits just presents the user with a grid of buttons, and the key to unlocking is to press these buttons in a specific pattern.  This is slightly less secure than the PIN method, as there are no values to the buttons, only their location, which essentially requires that the locations pressed on the screen remain static.  The PIN method could be made more secure in a number of ways, however this method cannot.

The default screen locking method for the Droid is even less secure, as instead of pressing a pattern, it has the same grid of buttons as the last method I described, but has you draw a pattern across the screen linking the buttons in a sequence.  Where before you only divulged the digits contained in the PIN or sequence pattern via individual fingerprints, in this case you leave a nice long smear of skin oil across your screen, not only indicating the button locations used in the sequence, but their order.  At this point you really only have two options to try in your brute force, the sequence starting from one end of the smear or the other.  Guess how long it takes to get that one correct.

Needless to say, I tend to wipe my phone’s touch-screen quite frequently.  Why hasn’t anyone implemented a lock screen that uses a technique like this one?

and we like it!

OAuth is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications, as stated on the OAuth web site.

Why do we like OAuth?

1. It is simple.  Most of the bad security implementations are done by people with good intentions and low skill.  Understanding the issues involved greatly improves the changes of making the right choices.
2. It solves a real hard problem: giving access to your stuff without sharing your identity.
3. Plays well with others.  OAuth has built in support for desktop applications, mobile devices, set-top boxes, and of course websites.

OAuth helps delegating rights to a process acting as you, without losing privacy or compromising security.  And the specification is short and possible to understand.  Replacing shared secrets is a really good idea.  Replacing hardcoded application-based passwords is an even better idea.  Replacing spoofing of user by logging in as root/admin and then emulating the actual user is a great idea.  And all of this may be done by OAuth.

One use case is getting access to your data on your behalf, but on a different site while not giving away your identity from the first site. Another is the TCS eScience Personal Portal (aka Confusa) that will use OAuth to authenticate a command line client tool to a web-based service that issues short-lived certificate. Then they will extend it further using OAuth for web-based delegation of proxy-certificates; collaborating with a Norwegian University.  Some other use cases that people in my neighbourhood has been playing with so far

• Attribute query protocol
• Certificate enrollment in confusa using OAuth

• Virtual Organizations, OAuth and trust models
• Twitter authentication model

Aqui uma dica muito bacana de como utilizar MVC com autenticação.

Veja este link abaixo:

MVC – Basic

“TV Everywhere,” the set of new initiatives to make subscription programming available online exclusively to current pay-TV subscribers, could effect the most far-reaching change in the television industry since the introduction of cable. Like community-antenna TV (CATV), as cable was originally known, TV Everywhere has the potential not only to change the way people access television content but to radically reorder the relationship between programmers and distributors.

Its success is far from assured, however. TV Everywhere faces a number of technical and economic hurdles that will need to be overcome before its full impact can be felt, as I detail in a study released today by GigaOM Pro (subscription required) in connection with this Thursday’s NewTeeVee Live conference.

The technical challenges concern authentication, as NewTeeVee readers are likely aware, but also authorization. Given the large number of cable systems in the U.S., and the multitude of specific programming packages to which a person can subscribe, some method for mapping a user’s cable or satellite subscription package to particular pieces of content hosted on various web sites will be essential.

From a technical perspective, in fact, it’s likely to prove an even knottier problem than the issue of authentication, where at least some specific proposals are already being batted around, because authorization is likely to require a degree of data-sharing on subscribers that will no doubt make some service providers uneasy.

From a business perspective, though, authorization may be more important than the authentication piece, because it will directly affect the bottom lines of both service providers and programmers. As I explain in the report:

[U]nless individual subscription plans can be mapped to specific video assets hosted on multiple sites, TV Everywhere could be ripe for abuse. Why pay your cable provider for a premium programming tier, for instance, if a basic subscription can grant access to online resources containing both basic and premium content?

Economic Hurdles Ahead

Beyond the technical challenges, however, the most vexing questions facing TV Everywhere are economic. Is there a business model to sustain the incremental costs of making the vast library of pay-TV content available for streaming and maintaining the authentication system?

For now, cable MSOs are planning to offer TV Everywhere as a value-added service to their subscribers at no additional cost. That may be fine as long as subscribers are using the same MSO’s broadband service to access content online. But it may be less than fine when subscribers want to access their cable channels outside the home, like on their laptops while traveling or using a wireless handheld device.

Beyond that is TV Everywhere’s potential to shake up the relationship between cable programmers and distributors. With retransmission fees increasingly vital to programmers, it’s hard to imagine they won’t look to hike those costs as cable and satellite providers seek to distribute the content online, adding further heat to what often have been tense negotiations.

Programmers may be compelled to seek higher fees for the additional exploitation rights to comply with talent deals, collective bargaining agreements with the creative guilds, music clearances and other contractual obligations involved in producing TV programming.

The report offers a comprehensive overview of all TV Everywhere trials being conducted by major MVPDs and analyzes the strategic and business-model issues confronting programmers and service providers as they try to respond to the challenges and opportunities presented by digital distribution platforms. It also addresses questions related to audience measurement on digital platforms and potential regulatory developments that will affect how TV Everywhere ultimately evolves.

Paul Sweeting is an analyst for GigaOM Pro and author of the latest report, “TV Everywhere.” Attendees of NewTeeVee Live will receive a free copy of the report via email; others can access it by subscribing to GigaOM Pro directly.

http://blog.plataformatec.com.br/2009/11/devise-authentication-for-lazy-programmers/
– Devise: authentication for lazy programmers

M is for Mutual Authentication:

How “it must be simple” turned into “god that was annoying”.

I spent most of today wrestling with getting a JEE webapp running in Tomcat 6 to enforce mutual authentication by using the rarely used CLIENT-CERT authentication.  If you love spending your days translating poor error messages and frustrations into Google queries as much as I do, read on for some notes I took along the way.  If not, check out this amazing chart over at XKCD.

The mission: lock down a particular action on our web application so that only a single other system could authenticate and invoke it.  Also provide an example client application which can access the webapp.

Back story: I have worked with certificates and various forms of authentication before, but never this combination.  We want a small subset of the application to only be accessed via SSL with both server and client providing trusted certificates for mutual authentication.  The portion of the application will only be accessed by a single other system inside the company intranet.

How it went down:  The following are the basic steps to get everything setup in Tomcat 6 and a fairly standard JEE webapp.

• First we need to know who we are, who they are, and make sure we ONLY trust them and no one else
  • To do this we need a certificate to identify ourselves.  Java’s provided keytool.exe provides an easy way to create a self signed certificate within a keystore.  Keytool can also help us export our public certificate out of our keystore.  This should also be done for the client.
  • Next import the public certificates into a new truststore for the opposite system (A only trusts B and B only trusts A).  Keytool to the rescue again.
  • Note: Java keystore files and certs of in a different format than the PKCS12 files that can be created by OpenSSL
• Next configure a Tomcat to support SSL communication
  • Add a new connector to thees server.xml configuration specifying HTTPS, the SSL protocol, where the webapp’s keystore and truststores are, etc
  • <Connector className=”org.apache.coyote.tomcat4.CoyoteConnector”
    port=”8443″ enableLookups=”true”
    acceptCount=”100″ connectionTimeout=”20000″
    useURIValidationHack=”false” disableUploadTimeout=”true”
    scheme=”https” secure=”true” SSLEnabled=”true”
    keystoreFile=”ourApp.keystore” keystorePass=”changeit”
    truststoreFile=”ourApp.truststore” truststorePass=”changeit”
    clientAuth=”false” sslProtocol=”TLS”
    />
  • Note: clientAuth can have 3 values
    • True – all connections through this connector require client authentication
    • Want – the web app will ask for authentication but not require it
    • False – connections do not require client authentication UNLESS the web app specifies it is required via a security constraint with CLIENT-CERT chosen (this is the one we want)
• Configure a new user with the required security role in the tomcat-users.xml if the in-memory realm is used
  • <role rolename=”secureconn”/>
  • <user username=”CN=TheirApp, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown” password=”null” roles=”secureconn”/>
• Configure out web.xml to use a CLIENT-CERT authentication constraint for our action
  • <security-constraint>
    <web-resource-collection>
    <web-resource-name>Demo App</web-resource-name>
    <url-pattern>/secure/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>secureconn</role-name>
    </auth-constraint>
    </security-constraint><login-config>
    <auth-method>CLIENT-CERT</auth-method>
    <realm-name>Demo App</realm-name>
    </login-config>

    <security-role>
    <role-name>secureconn</role-name>
    </security-role>

• Create a client to hit the application
  • Here we used the Apache Commons HttpClient (3.x b/c of client restrictions)
  • Several pages talk about various ways to add security protocols to HttpClient code but the examples are left lacking and most point to the AuthSSLProtocolSocketFactory class which for some reason is not present int he 3.x binaries but IS present in the 3.x SRC bundles.
  • ** I will include some sample code tomorrow ….
• Test things using Firefo
  • You can add a personal certificate to identify yourself through Firefox’s preferences -> Advanced -> Exncryption
  • Firefox uses PKCS12 certificates which can be created easily from scratch through a few OpenSSL commands or from an existing keystore certificate through one hairy keytool command
  • ** I will include the commands and a couple links tomorrow …..

Hopefully these notes will help someone in the future with getting things setup correctly.  When I started this morning I couldn’t find an end to end example to build on.

Edit: Huge thanks to Matt Todd for helping me with this.  You can check out his blog at: http://emergentdevelopment.blogspot.com/ .

By Melvin Friese and Deepak Pant

Problem Definition

Typical J2EE applications use connection pools to connect the application code running under application server (like WebSphere, WebLogic, JBOSS) to the backend database.

A connection pool is a feature that maintains a shared pool of data source connections on behalf of its clients (EJBs). The connection pool provides a connection to an EJB on request, and returns the connection to the pool when the EJB is finished using it. When it is returned to the pool, the connection is available for other EJBs. Because establishing a connection to a data source can be time-consuming, reusing such connections in a connection pool can improve performance.

Typically all the application users of the J2EE application are connected to the database using the single database user. Such a user is often called the connection pool user.

From a DBA perspective, this single user is performing all database activities. It makes Oracle auditing features unusable, and all the database auditing is handled within the application server because the database is not aware of the “real” end-user, behind the common connection pool user.

Oracle introduced a new feature called “Oracle Proxy Authentication” in Oracle8i, which attempts to kill to two birds with one stone. It allows the application servers to continue to take advantage of connection pool feature while meeting the DBA requirements of who is using the database.

Proxy authentication is the ability to connect as a user through another user. For example proxy authentication enables the application server’s connection pool user to authenticate once to the database using a ‘generic’ account and then establish lightweight session on behalf of actual application users.

It provides best of both worlds as the connection preparation time is optimized by using generic user and by opening proxy session on the connection, DBA’s can know the actual application end user.

Terminology

Database Setup

1. Download and Install Oracle database from following URL: http://www.oracle.com/technology/software/products/database/index.html
2. For the purpose of testing, we used version # 10.2.0.3.0.
3. As part of database installation, install the sample database HR.
4. Execute following DDL SQL statements using popular tools like TOAD or SQL Developer.

• Create Public Synonym for all the tables present in HR schema

CREATE PUBLIC SYNONYM COUNTRIES   FOR HR.COUNTRIES;

CREATE PUBLIC SYNONYM DEPARTMENTS FOR HR.DEPARTMENTS;

CREATE PUBLIC SYNONYM EMPLOYEES   FOR HR.EMPLOYEES;

CREATE PUBLIC SYNONYM JOB_HISTORY FOR HR.JOB_HISTORY;

CREATE PUBLIC SYNONYM JOBS        FOR HR.JOBS;

CREATE PUBLIC SYNONYM LOCATIONS   FOR HR.LOCATIONS;

CREATE PUBLIC SYNONYM REGIONS     FOR HR.REGIONS;

• Create database user that will be in Websphere Application Server’s Connection Pool

CREATE USER conn_pool_user IDENTIFIED BY conn_pool_password;

GRANT CREATE SESSION TO conn_pool_user;

• Create a role so that many users can be assigned to that role

CREATE ROLE APP_USER_ROLE;

• Grant Typical CRUD Permissions To APP_USER_ROLE

GRANT SELECT, INSERT, UPDATE, DELETE ON COUNTRIES      TO APP_USER_ROLE;

GRANT SELECT, INSERT, UPDATE, DELETE ON DEPARTMENTS    TO APP_USER_ROLE;

GRANT SELECT, INSERT, UPDATE, DELETE ON EMPLOYEES      TO APP_USER_ROLE;

GRANT SELECT, INSERT, UPDATE, DELETE ON JOB_HISTORY    TO APP_USER_ROLE;

GRANT SELECT, INSERT, UPDATE, DELETE ON JOBS           TO APP_USER_ROLE;

GRANT SELECT, INSERT, UPDATE, DELETE ON LOCATIONS      TO APP_USER_ROLE;

GRANT SELECT, INSERT, UPDATE, DELETE ON REGIONS        TO APP_USER_ROLE;

• Grant Create Session to the APP_USER_ROLE

GRANT CREATE SESSION TO APP_USER_ROLE;

• Create database user for application users that will make use of the Proxy Authentication

CREATE USER “John.Doe” IDENTIFIED BY “SomePasswordXXX”;

ALTER USER “John.Doe” GRANT CONNECT through conn_pool_user;

GRANT APP_USER_ROLE TO “John.Doe”;

CREATE USER “John.Doe1″ IDENTIFIED BY “SomePasswordYYY”;

ALTER USER “John.Doe1″ GRANT CONNECT through conn_pool_user;

GRANT APP_USER_ROLE TO “John.Doe1″;

Note that the application user’s password should never be known to the users as it is not needed for establishing the proxy user connection.

Java Code

1. Download and configure the Oracle Type 4 JDBC Driver from following URL:http://www.oracle.com/technology/software/tech/java/sqlj_jdbc/index.html
2. For the purpose of testing, we used version # 11.1.0.7.0.
3. Let us assume that the JDBC URL for the database is following:

jdbc:oracle:thin:hr/password@192.168.1.101:1521:orcl

Testing Proxy User Authentication Connection using simple Java class:

private static void prepareProxyConnection() throws Exception {

       OracleConnection pdConn = null;

       try {

              Properties pdProp = new Properties();

              // prepare basic connection and typecast it to OracleConnection

              pdConn = (OracleConnection) DriverManager.getConnection                                                       (JDBC_URL_PROXY, pdProp);

              // prepare first proxy user connection

              openProxySession(pdConn, “John.Doe”);

              // prepare second proxy user connection

              openProxySession(pdConn, ” John.Doe1″);

       }

       catch (Exception ex) {

              ex.printStackTrace();

              throw ex;

       }

       finally {

              // close the main connection object

              if (pdConn != null) {

                     pdConn.close();

              }

       }

}

private static void openProxySession(OracleConnection pdConn, String strProxyUser) throws Exception {

       try {

              // prepare properties for proxy user

              Properties pdProp = new Properties();

              pdProp.put(“PROXY_USER_NAME”, strProxyUser);

              // open proxy session

              pdConn.openProxySession (  OracleConnection.PROXYTYPE_USER_NAME,                                              pdProp);

              // fetch user information

              fetchUserInformation(pdConn);

              // execute SQL statement –

              // this method will do some database work like SELECT etc

              executeSomeSQL(pdConn);

       }

       catch (Exception ex) {

              ex.printStackTrace();

              throw ex;

       }

       finally {

              // close the proxy session object

              if (pdConn != null) {

                     // close the proxy session so that it can be reused

                     pdConn.close(OracleConnection.PROXY_SESSION);

              }

       }

}

1. Following SQL statement will return “John.Doe” or “John.Doe1” as “PROXY_USER” if executed using the proxy user connection object.

SELECT USER,

  SYS_CONTEXT(‘USERENV’,'AUTHENTICATED_IDENTITY’) AS AUTHENTICATED_IDENTITY,

  SYS_CONTEXT(‘USERENV’,'CURRENT_SCHEMA’)         AS CURRENT_SCHEMA,

  SYS_CONTEXT(‘USERENV’,'PROXY_USER’)             AS PROXY_USER,

  SYS_CONTEXT(‘USERENV’,'SESSION_USER’)           AS SESSION_USER

FROM DUAL;

Java Code running under WebSphere Application Server

1. Create a Connection Pool in WebSphere that uses “conn_pool_user” user to establish the database connections using the Oracle Type 4 JDBC driver.
2. Use following function to get the connection from WebSphere connection pool using Oracle Proxy Authentication feature.

private OracleConnection prepareProxySession(String strProxyUser) throws SQLException {

       OracleConnection pdOraConn = null;

       try {

              // get the jdbc connection object from connection pool

              Connection pdConn = getConnectionFromPool();

              // cast the object to native oracle connection object

              OracleConnection pdOraConn = (OracleConnection) WSJdbcUtil

                           .getNativeConnection((WSJdbcConnection) pdConn);

              // prepare properties for proxy user

              Properties pdProp = new Properties();

              pdProp.put(“PROXY_USER_NAME”, strProxyUser);

              // open proxy session using native oracle conn object

              pdOraConn.openProxySession(OracleConnection.PROXYTYPE_USER_NAME,

                           pdProp);

       }

       catch (SQLException ex) {

              m_pdLog.error(“SQLException:”, ex);

              throw ex;

       }

       return pdOraConn;

}

Use following function to close the proxy session connection and return it back to the WebSphere connection pool. The code assumes a member variable (m_pdOraConnection) that holds reference to the connection object.

public void cleanup() throws Exception {

       try {

              // close the proxy session so that any other user can use it

              m_pdOraConnection.close(OracleConnection.PROXY_SESSION);

       }

       finally {

              m_pdOraConnection = null;

       }

}

Special Notes

1. Both connection pool user (conn_pool_user) and application user (John.Doe or John.Doe1) will require create session privilege.
2. The password of connection pool user will be stored in WebSphere as J2C Authentication data, associated to the connection pool.
3. The password of application user (John.Doe or John.Doe1) will not be stored or known to the application. So no application user can use the credentials to connect directly to the database.

The Secure Remote Password Protocol (SRP) is a password-authenticated key agreement protocol. Before, I used digest algorithm (similar to Digest access authentication) to authenticate my users. As I had to add encryption to my message system (not 100% encrytion means only some messages are confidential) I decided to implement SRP as it

• allows to securly authenticate a user
• creates a common key that can be used as an encryption key
• is something new to implement as I like to implement new stuff

Before I start, some helpful extensions I will be using along the way:

namespace System.IO
{
    public static class StreamExtension
    {
        public static void Write(this Stream s, byte[] buffer)
        {
            s.Write(buffer, 0, buffer.Length);
        }

        public static int Read(this Stream s, byte[] buffer)
        {
            return s.Read(buffer, 0, buffer.Length);
        }
    }
}

using System.Runtime.InteropServices;

namespace System.Security
{
    public static class SecureStringExtension
    {
        public static string ConvertToUnsecureString(this SecureString securePassword)
        {
            if (securePassword == null)
                throw new ArgumentNullException("securePassword");

            IntPtr unmanagedString = IntPtr.Zero;
            try
            {
                unmanagedString = Marshal.SecureStringToGlobalAllocUnicode(securePassword);
                return Marshal.PtrToStringUni(unmanagedString);
            }
            finally
            {
                Marshal.ZeroFreeGlobalAllocUnicode(unmanagedString);
            }
        }
    }
}

Implementing SRP involves a lot of BigInteger calculations, such as multiplying and taking the exponent of some large number. The .Net framework does not yet implement such a BigInteger class, so I’m using some classes from Mono. I included Mono.Math.BigInteger, Mono.Math.Prime.ConfidenceFactor and .PrimalityTests, Mono.Math.Prime.Generator.NextPrimeFinder, .PrimeGeneratorBase, and .SequentialSearchPrimeGeneratorBase.

As the protocol description says, it all starts with N and g:
N should be a secure prime, which means that N is calculated by N=2q + 1 where q is also a prime. Finding such an N is easy but takes a lot of time specially if N should be greater than 1024 bits. N and g don’t have to be secure, so you can just define them once.

Here is a N of bit length 2048 encoded as Base64

string N_Base64 = "rGvbQTJKmpvxZt5eE4lYL69ytmUZh+4H/DGSlD21YFCjcynLtKCZ7YGT4HV3Z6E91SMSq0s"
				+ "DMQ3Nf0ip2gT9UOgIOWntt2ewz2CVF5oWOrNmGgX71fqq6CkYqZYvC5O4Vfl5k+yXXuqoDX"
				+ "QK2/T/dHNZ0EHVwz6nHSgeRGsUdzvKl7Q6I/uAFna9IHpDbGSB8dK5B4cXRhpbnTLmiPh3S"
				+ "FRFI7UksNV9Xqd6J3XS7PoDLPvb9S+zeGFgJ5AE5Xrmr4dOcwPOUymczAQce8MI2CpWmPOo"
				+ "0MOCca41+Onb+7aUtcgD2J965DXeI21SX1R1m2XjcvzWjvIPpxEfnkr/cw==";
BigInteger N = new BigInteger(Convert.FromBase64String(N_Base64));

g is just a generator of the multiplicative group. So, it is used in caluclations like g^x where x is very large. Most people would probably choose g=2. But i’m not “most people”, so i set g=3.

As you look further into the description, you’ll see the that there are a lot of variables needed on both sides (server and client side). To make life easier, let’s define a base class for that:

using System;
using System.Collections.Generic;
using System.Linq;
using System.IO;
using System.Text;

using System.Security;
using System.Security.Cryptography;

using Mono.Math;

namespace Esskar.Security.Authen.SRP
{
	public abstract class SRPBase
	{
		// initialize some random number generaror
		private static RandomNumberGenerator s_rng = RandomNumberGenerator.Create();

		/// <param name="N">N is a safe prime. Must be large enough so that computing discrete logarithms modulo N is infeasible</param>
        /// <param name="g">g is a generator of the multiplicative group</param>
		public SRPBase(BigInteger N, BigInteger g)
		{
			if (N == null)
				throw new ArgumentNullException("N");
			if (g == null)
				throw new ArgumentNullException("g");
			this.N = N;
			this.g = g;
		}

		/// <summary>
        /// N is a safe prime. Must be large enough so that computing discrete logarithms modulo N is infeasible
        /// </summary>
		public BigInteger N { get; private set; }

		/// <summary>
        /// g is a generator of the multiplicative group
        /// </summary>
		public BigInteger g { get; private set; }
	}
}

The next parameter that will be defined is k. k is a parameter derived by both sides; for example, k = H(N, g), where H() is a hash function; e.g., SHA-256. This goes into our SRPBase class:

namespace Esskar.Security.Authen.SRP
{
	public abstract class SRPBase
	{
		private BigInteger m_k;

		/// <summary>
        /// k is a parameter derived by both sides; for example, k = H(N, g).
        /// </summary>
		public BigInteger k
		{
			get
			{
				if (m_k == null)
				{
					byte[] both = SRPHelper.JoinArrays(this.N.GetBytes(), this.g.GetBytes());
					byte[] hash = SRPHelper.ShaInstance.ComputeHash(both);
					m_k = new BigInteger(hash);
				}
				return m_k;
			}
		}
	}
}

s, the small salt, is calculated on the server side and send to the client. So s has to be a getter/setter property.
We also extend our constructor to be able to pass s as a parameter, and define I and p (Username and Password of the user to authenticate).

namespace Esskar.Security.Authen.SRP
{
	public abstract class SRPBase
	{
		private BigInteger m_s;

		/// <param name="userName">I is an identifying username.</param>
        /// <param name="password">p is the user's password.</param>
		/// <param name="N">N is a safe prime. Must be large enough so that computing discrete logarithms modulo N is infeasible</param>
        /// <param name="g">g is a generator of the multiplicative group</param>
		public SRPBase(string userName, SecureString password, BigInteger N, BigInteger g)
			: this(userName, password, null, N, g) { }

		/// <param name="userName">I is an identifying username.</param>
        /// <param name="password">p is the user's password.</param>
		/// <param name="s">s is a small salt.</param>
		/// <param name="N">N is a safe prime. Must be large enough so that computing discrete logarithms modulo N is infeasible</param>
        /// <param name="g">g is a generator of the multiplicative group</param>
		public SRPBase(string userName, SecureString password, byte[] s, BigInteger N, BigInteger g)
		{
			if (N == null)
				throw new ArgumentNullException("N");
			if (g == null)
				throw new ArgumentNullException("g");
			if (string.IsNullOrEmpty(userName))
                throw new ArgumentNullException("userName");
            if (password == null)
                throw new ArgumentNullException("password");
			this.UserName = userName;
            this.Password = password.Copy();
			this.s = s;
			this.N = N;
			this.g = g;
		}

		/// <summary>
        /// I, is an identifying username.
        /// </summary>
        public string UserName { get; private set; }

        private SecureString Password { get; set; }

		public byte[] s
        {
            get
            {
				// not set yet, generate some random data
                if (m_s == null)
                {
                    m_s = new byte[16];
                    lock (s_rng) { s_rng.GetNonZeroBytes(m_s); }
                }
                return m_s;
            }
            set { m_s = value; }
        }
	}
}

Now we have everything to calculate x = H(s, p), and the host password verifier v = g^x. Hint: If you do not want to store the password on the server side as clear text, you can store only v and s only. If you plan to change g, you better off to store g along as well.

namespace Esskar.Security.Authen.SRP
{
	public abstract class SRPBase
	{
		private BigInteger m_x, m_v;

		/// <summary>
        /// x = H(s, p)
        /// </summary>
        public BigInteger x
        {
            get
            {
                if (m_x == null)
                {
                    byte[] innerBytes = Encoding.UTF8.GetBytes(this.UserName + ":" + this.Password.ConvertToUnsecureString());
                    byte[] bytes = SRPHelper.JoinArrays(this.s, innerBytes);
                    byte[] hash = SRPHelper.ShaInstance.ComputeHash(bytes);
                    m_x = new BigInteger(hash);
                }
                return m_x;
            }
        }

		/// <summary>
        /// v is the host's password verifier, v = g^x, x = H(s,p).
        /// </summary>
        public BigInteger v
        {
            get
            {
                if (m_v == null)
                    m_v = this.g.ModPow(this.x, this.N);
                return m_v;
            }
        }
	}
}

Let’s go on. A and B are both calculated. A is calculated on the client side as A = g^a, and B is calculated on the server side as B = kv + g^b. But values are exchanged; so at some time, both sides contain A and B, so we make some stub implementation for both properties and at them to our constructors.

namespace Esskar.Security.Authen.SRP
{
	public abstract class SRPBase
	{
		private byte[] m_K;

		/// <param name="userName">I is an identifying username.</param>
        /// <param name="password">p is the user's password.</param>
        /// <param name="A">A = g^a, calculated by the client, send to the server</param>
        /// <param name="B">B = kv + g^b, calculated by the server, send to the client</param>
        /// <param name="N">N is a safe prime. Must be large enough so that computing discrete logarithms modulo N is infeasible</param>
        /// <param name="g">g is a generator of the multiplicative group</param>
        public SRPBase(string userName, SecureString password, BigInteger A, BigInteger B, BigInteger N, BigInteger g)
            : this(userName, password, null, A, B, N, g) { }

        /// <summary>
        ///
        /// </summary>
        /// <param name="userName">I is an identifying username.</param>
        /// <param name="password">p is the user's password.</param>
        /// <param name="s">s is a small salt.</param>
        /// <param name="A">A = g^a, calculated by the client, send to the server</param>
        /// <param name="B">B = kv + g^b, calculated by the server, send to the client</param>
        /// <param name="N">N is a safe prime. Must be large enough so that computing discrete logarithms modulo N is infeasible</param>
        /// <param name="g">g is a generator of the multiplicative group</param>
        public SRPBase(string userName, SecureString password, byte[] s, BigInteger A, BigInteger B, BigInteger N, BigInteger g)
        {
            if (N == null)
                throw new ArgumentNullException("N");
            if (g == null)
                throw new ArgumentNullException("g");
            if (string.IsNullOrEmpty(userName))
                throw new ArgumentNullException("userName");
            if (password == null)
                throw new ArgumentNullException("password");

            this.N = N;
            this.g = g;
            this.A = A;
            this.B = B;
            this.s = s;
            this.UserName = userName;
            this.Password = password.Copy();
        }

		/// <summary>
        /// Carol calculates A = g^a and sends it to Steve
        /// </summary>
        public virtual BigInteger A
        {
            get; set;
        }

        /// <summary>
        /// Steve calculates B = kv + g^b and sends it to Carol
        /// </summary>
        public virtual BigInteger B
        {
            get; set;
        }

		/// <summary>
        /// Secret
        /// </summary>
        public abstract BigInteger S { get; }

		/// <summary>
        /// Strong Session Key
        /// </summary>
        public byte[] K
        {
            get
            {
                if (m_K == null)
                    m_K = SRPHelper.ShaInstance.ComputeHash(this.S.GetBytes());
                return m_K;
            }
        }
	}
}

As you noticed, we added two more properties: the abstract getter property S as well as K. S is the secret that is calculated on both sides and must never be exchanged. The client calculates S as S=(B – kg^x)^(a + ux), and the client defines S=(Av^u)^b. a and b are both random numbers, generated on client and server and also get never exchanged. Funny is, that S on both sides are equal. Well, it’s not funny it’s pure math and it took me some time to convince myself that both equations for S are equivalent. K is just K=H(S). K can later be used as an encryption key.

To finish up our SRPBase class, we are now able to define M1 and M2. M1 is first send to the server. The server itself calculates M1 with the information it collected and compares the received M1 with it’s own M1. If both are equal, the server has proof that the client knows the right username + password combination. It then sends M2 to the client. Client does the same thing now. It calculates its own M2, compares and verifies. We go in detail later.

namespace Esskar.Security.Authen.SRP
{
	public abstract class SRPBase
	{
		/// <summary>
        /// M1, Carol sends M1 to Steve
        /// M1 = H(H(N) XOR H(g) | H(I) | s | A | B | K)
        /// </summary>
        public virtual byte[] M1
        {
            get
            {
                byte[] hg = SRPHelper.ShaInstance.ComputeHash(this.g.GetBytes());
                byte[] hN = SRPHelper.ShaInstance.ComputeHash(this.N.GetBytes());

                byte[] gNXorBytes = SRPHelper.XorArrays(hN, hg);
                byte[] userNameBytes = Encoding.UTF8.GetBytes(this.UserName);
                byte[] hUserNameBytes = SRPHelper.ShaInstance.ComputeHash(userNameBytes);

                using (MemoryStream ms = new MemoryStream())
                {
                    ms.Write(gNXorBytes);
                    ms.Write(hUserNameBytes);
                    ms.Write(this.s);
                    ms.Write(this.A.GetBytes());
                    ms.Write(this.B.GetBytes());
                    ms.Write(this.K);

                    return SRPHelper.ShaInstance.ComputeHash(ms.ToArray());
                }
            }
        }

        /// <summary>
        /// M2, Steve sends M2 to Carol
        /// M2 = H(A | M1 | K).
        /// </summary>
        public byte[] M2
        {
            get
            {
                using (MemoryStream ms = new MemoryStream())
                {
                    ms.Write(this.A.GetBytes());
                    ms.Write(this.M1);
                    ms.Write(this.K);

                    return SRPHelper.ShaInstance.ComputeHash(ms.ToArray());
                }
            }
        }
	}
}

Now, we define our client side, class SRPRequest:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security;
using System.Text;

using Mono.Math;

namespace Esskar.Security.Authen.SRP
{
    public class SRPRequest : SRPBase
    {
        private BigInteger m_a, m_S;

        /// <summary>
        /// SRP Request, constructed on the client side
        /// </summary>
        /// <param name="userName">I is an identifying username.</param>
        /// <param name="password">p is the user's password.</param>
        /// <param name="N">N is a safe prime. Must be large enough so that computing discrete logarithms modulo N is infeasible</param>
        /// <param name="g">g is a generator of the multiplicative group</param>
        public SRPRequest(string userName, SecureString password, BigInteger N, BigInteger g)
            : base(userName, password, null, null, N, g) { }

        /// <summary>
        /// a is random
        /// </summary>
        private BigInteger a
        {
            get
            {
                if(m_a == null)
                    m_a = BigInteger.GenerateRandom(1024);
                return m_a;
            }
        }

        /// <summary>
        /// A = g^a
        /// </summary>
        public override BigInteger A
        {
            get
            {
                if (base.A == null)
                    base.A = this.g.ModPow(this.a, this.N);
                return base.A;
            }
        }

        /// <summary>
        /// Secret calculated on the client, (B - kg^x)^(a + ux)
        /// </summary>
        public override BigInteger S
        {
            get
            {
                if (m_S == null)
                    m_S = (this.B + (this.N - ((this.k * this.g.ModPow(this.x, this.N)) % this.N))).ModPow(this.a + this.u * this.x, this.N);
                return m_S;
            }
        }
    }
}

and our ServerSide, class SRPReply

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security;
using System.Security.Cryptography;
using System.Text;

using Mono.Math;

namespace Esskar.Security.Authen.SRP
{
    public class SRPReply : SRPBase
    {
        private BigInteger m_b;

        /// <summary>
        /// SRP Reply, constructed on the server side
        /// </summary>
        /// <param name="userName">I is an identifying username.</param>
        /// <param name="password">p is the user's password.</param>
        /// <param name="A">A = g^a, calculated by the client, send to the server</param>
        /// <param name="N">N is a safe prime. Must be large enough so that computing discrete logarithms modulo N is infeasible</param>
        /// <param name="g">g is a generator of the multiplicative group</param>
        public SRPReply(string userName, SecureString password, BigInteger A, BigInteger N, BigInteger g)
            : base(userName, password, A, null, N, g) { }

        /// <summary>
        /// random number
        /// </summary>
        private BigInteger b
        {
            get
            {
                if (m_b == null)
                    m_b = BigInteger.GenerateRandom(1024);
                return m_b;
            }
        }

        /// <summary>
        /// B = kv + g^b
        /// </summary>
        public override BigInteger B
        {
            get
            {
                if (base.B == null)
                    base.B = (this.k * this.v + this.g.ModPow(this.b, this.N)) % this.N;
                return base.B;
            }
        }

        /// <summary>
        /// Secret calculated on the server: (Av^u)^b
        /// </summary>
        public override BigInteger S
        {
            get  { return (this.A * this.v.ModPow(this.u, this.N)).ModPow(this.b, this.N); }
        }
    }
}

Nice. We now have everything to authenticate our users.
Here a little test. (Note that this test does not send any data, it just verifies that our client and server calculate the right things).

public static class SRPTester
{
	private static string N_Base64 = "rGvbQTJKmpvxZt5eE4lYL69ytmUZh+4H/DGSlD21YFCjcynLtKCZ7YGT4HV3Z6E91SMSq0s"
								   + "DMQ3Nf0ip2gT9UOgIOWntt2ewz2CVF5oWOrNmGgX71fqq6CkYqZYvC5O4Vfl5k+yXXuqoDX"
								   + "QK2/T/dHNZ0EHVwz6nHSgeRGsUdzvKl7Q6I/uAFna9IHpDbGSB8dK5B4cXRhpbnTLmiPh3S"
								   + "FRFI7UksNV9Xqd6J3XS7PoDLPvb9S+zeGFgJ5AE5Xrmr4dOcwPOUymczAQce8MI2CpWmPOo"
								   + "0MOCca41+Onb+7aUtcgD2J965DXeI21SX1R1m2XjcvzWjvIPpxEfnkr/cw==";

	private static Mono.Math.BigInteger g = new Mono.Math.BigInteger(3);

	public static SRPRequest ClientRequest(string userName, SecureString password)
	{
		return new SRPRequest(userName, password, new BigInteger(Convert.FromBase64String(N_Base64)), g);
	}

	public static SRPReply ServerReply(string userName, SecureString password, BigInteger A)
	{
		return new SRPReply(userName, password, A, new BigInteger(Convert.FromBase64String(N_Base64)), g);
	}

	static void Main(string[] args)
	{
		string userName = "foo";
		SecureString password = new SecureString();

		SRPRequest srpRequest = SRPTester.ClientRequest(userName, password);

		// We generated the request, and have to send A to the server. Somehow.
		// The server takes A to initialize it's reply

		SRPReply srpReply = SRPTester.ServerReply(userName, password, srpRequest.A);
		if ((srpRequest.A % srpReply.N) == 0) // safeguard 1
			throw new Exception("A mod N is zero.");                            

		// The server sends now s and B to the client, the client adds them to its object
		if ((srpReply.B % srpRequest.N) == 0) // safeguard 2
			throw new Exception("B mod N is zero.");

		srpRequest.B = srpReply.B;
		srpRequest.s = srpReply.s;
		if (srpRequest.u == 0) // safeguard 3
			throw new Exception("u is zero.");

		// now, the client sends M1 to the server and it verifies that its M1 is equal to the M1 of the client

		if (!SRPHelper.Equals<byte>(srpRequest.M1, srpReply.M1))
			throw new Exception("M1 not equal M1.");

		// if everything looks good, the server sends now its M2 to the client and the client verifies M2

		if (!SRPHelper.Equals<byte>(srpRequest.M2, srpReply.M2))
			throw new Exception("M2 not equal M2.");
	}
}

To make this post complete, here is the code of the SRPHelper class:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;

namespace Esskar.Security.Authen.SRP
{
    /// <summary>
    /// Some useful functions used frequently
    /// </summary>
    public static class SRPHelper
    {
        /// <summary>
        /// Sha256 Instance used to compute hashes
        /// </summary>
        public static SHA256 ShaInstance = SHA256.Create();        

        /// <summary>
        /// Joins two byte arrays to one single byte array by concating them
        /// </summary>
        /// <param name="b1">first byte array</param>
        /// <param name="b2">second byte array</param>
        /// <returns></returns>
        public static byte[] JoinArrays(byte[] b1, byte[] b2)
        {
            byte[] ba = new byte[b1.Length + b2.Length];
            Buffer.BlockCopy(b1, 0, ba, 0, b1.Length);
            Buffer.BlockCopy(b2, 0, ba, b1.Length, b2.Length);
            return ba;
        }

        /// <summary>
        /// XORs the elements of two arrays and returns the resulting array
        /// </summary>
        /// <param name="array1"></param>
        /// <param name="array2"></param>
        /// <returns></returns>
        public static byte[] XorArrays(byte[] b1, byte[] b2)
        {
            if (b1 == null)
                throw new ArgumentNullException("b1");
            if (b2 == null)
                throw new ArgumentNullException("b2");
            if (b1.Length == 0)
                throw new ArgumentOutOfRangeException("b1 can not be zero length.");
            if (b1.Length != b2.Length)
                throw new ArgumentOutOfRangeException("b1.Length != b2.Length");

            byte[] ba = new byte[b1.Length];
            for (int i = 0; i < b1.Length; i++)
                ba[i] = (byte)(b1[i] ^ b2[i]);
            return ba;
        }

        /// <summary>
        /// Checks if the elements of two arrays are equal
        /// </summary>
        public static bool Equals<T>(IList<T> a, IList<T> b) where T : IComparable<T>
        {
            if (a == null)
                throw new ArgumentNullException("a");
            if (b == null)
                throw new ArgumentNullException("b");
            bool retval = a.Count == b.Count;
            if (retval)
            {
                for (int i = 0; retval && i < a.Count; i++)
                    retval = a[i].CompareTo(b[i]) == 0;
            }
            return retval;
        }
    }
}

I have a few new reviews of papers on cryptography in my updated page. For those interested in the security of NMAC and HMAC or affiliation hiding key exchanges, I recommend reading the reviews. They include links to relevant papers.