Upload
sendwithus
View
29
Download
1
Embed Size (px)
DESCRIPTION
Citation preview
Practical Cryptography
• A brief introduction to one-way cryptography: cryptographic hashing and hash-based message authentication code (HMAC).
• Diving deep: HMAC in our API keys to protect our infrastructure
• Questions
Agenda
• A cryptographic hash function: a one way cryptographic function that is practically impossible to invert.
• H(“This is my input, called a message”) -> Ro0CUfOqk6cXEKf3d
Cryptography intro: hashes
H(“This is my input, called a message”) -> Ro0CUfOqk6cXEKf3d
---
‣ it is infeasible to generate a message that has a given hash
‣ it is infeasible to modify a message without changing the hash
‣ The hash cannot be used to reconstruct any part of the message
Cryptography intro: properties of a good hash
• Computing a hash before sending and after receiving a large message ensures the message was unchanged.
‣ Software or other large file download pages online may have a hash of the file in question.
Hashes on their own: integrity
Hashes on their own: integrity
• Using cryptographic hashes to determine equality without ever needing to store the original message is a powerful, commonly used tool.
• Every site you create an account on stores a hash of your password, not the password itself.
‣ When you try and log in, the hash of your attempt is compared against the stored hash
Hashes on their own: integrity
• Hashes give you integrity and let you know if a message was unintentionally changed, but not where the message came from, as anyone can create a hash. This matters.
• By using a carefully guarded secret key and an HMAC algorithm, only the holder(s) of the key can validate a supplied hash produced with that key as good. This is called ‘authenticity’
Adding Authenticity:Hashed based Message Authentication Code(HMAC)
• Integrity+Authenticity: I know this message came from me originally (in our case, we don’t share the secret key with anyone), and is unchanged.
Adding authenticity:Hashed based Message Authentication Code(HMAC)
• Standard API authentication without using any cryptography:
• API access consists of:
• UserId
• Id of some user database object
• Secret Key
• Long random string of characters
Diving deep: HMAC as infrastructure protectionTraditional API access
• Why Might this be a problem?
• We need to hit the database before we know if you are a valid user
• We need to hit the database before we know if you have
permission to use this resource
• Traditional API access is incredibly sensitive to brute force attempts
and DOS attacks
Diving deep: HMAC as infrastructure protectionTraditional API access
• Goal:
• Authentication without hitting the database.
• How?
• API authentication using keys with HMAC
Diving deep: HMAC as infrastructure protection
• What do we want?
• TokenId
• Expiry
• Roles
• JWT: JSON Web Token
Diving deep: Adding Encryption With JWT
Token: {
“t” : 7849334 , “x” : ”2014-09-20 13:00:00” , ”r” : [ “send” , ”redeem” ]
}
Diving deep: Adding Encryption With JWT
• Header:• { "typ" : "JWT" , "alg" : "HS256" }
• Payload:• { “u” : ”U784K9334” ,
“x” : ”2014-09-20 13:00:00” , ”r” : [ “send” , ”redeem” ] }
Diving deep: Adding Encryption With JWT
Base64 encode the header and the payload
• Header:• eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
• Payload:• eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogI
mh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ
Diving deep: Adding Encryption With JWT
Create a signature using HMAC and our secret key
• Header:• eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
• Payload:• eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogI
mh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ• Signature:
• H( k, header + payload )
Diving deep: Adding Encryption With JWT
Create a signature using HMAC and our secret key
• Header:• eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9
• Payload:• eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogI
mh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ• Signature:
• dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
Diving deep: Adding Encryption With JWT
Concat the header and payload and signature
Token: • eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9·eyJpc3MiOiJqb2UiLA
0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ·dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk
Diving deep: Adding Encryption With JWT
What can we do with our signed token that cannot be done with traditional api user ids and keys?
• Validate a user
• Validate a user’s roles
• Check the token expiry
• Ensure that the token has not been modified
All without hitting the database.
Diving deep: Adding Encryption With JWTAdding it all up
http://knd.am/XwTqwrfWv3j
We use a similar practice on our gift URL shortlinks
http://knd.am/ XwTqwrfWv 3j
S( k, “XwTqwrfWv” ) = ”3j”
We use a similar practice on our gift URL shortlinks
Questions