Storing Cryptographic Keys in Persistent Browser Storage
Presenta�on at ICMC 2017
Francisco Corella [email protected] Karen Lewison [email protected]
May 19, 2017 1 Key storage in web clients
• Use of cryptography in web apps has been hindered by the problem of where to store cryptographic keys on the client side – Keys have been stored in smart cards, Infocards, TPMs, files accessed by Java applets, etc. – But these solu�ons are not generally available to all web users • New web technologies may enable generally available key storage solu�ons • In this talk we focus as an example on keys in cryptographic creden�als used for authen�ca�on or iden�fica�on
May 19, 2017 2 New web technologies
• These new web technologies are available to JavaScript (JS) code embedded in web pages through APIs: – Web Storage API • Provides “HTML5 localStorage” – IndexedDB API – Web Cryptography API – Service Worker API – Web Authen�ca�on API
May 19, 2017 3 Web Authen�ca�on API
• Based on FIDO U2F specifica�on, taken over by the W3C – Will be available later this year in Chrome, Firefox, Edge • Allows JS code to store a cryptographic creden�al in an “authen�cator” – Cryptographic module in secure storage (e.g. USB dongle, TPM, Secure Element or TEE) – Provides a signed a�esta�on of security • But the cryptographic creden�al is an uncer�fied key pair – Only usable for two-party authen�ca�on – No support for creden�al issued by a third party • Very complex
May 19, 2017 4 Web Storage API
• Available in all browsers • Provides persistent storage for JS strings as proper�es of the localStorage object • Data protected by the same origin policy of the browser • Very simple
May 19, 2017 5 IndexedDB API
• Available in all desktop browsers • Provides persistent storage of JS objects indexed by keys in databases managed by the indexedDB object • Data protected by the same origin policy of the browser • Complex asynchronous interface – “IndexedDB API is powerful, but may seem too complicated for simple cases” – MDN
May 19, 2017 6 Web cryptography API
• Available in most desktop and mobile browsers • Provides RSA and ECDSA (with NIST curves P-256, P-384 and P-256) – Plus ECDH, AES (including AES-GCM), HMAC, SHA (SHA-1, SHA-256, SHA-384 and SHA-512), HKDF, PBKDF2 – Does not provide DSA • Key pair genera�on produces two CryptoKey objects and private key can be made non-extractable from its CryptoKey object – CryptoKey object is not persistent by itself – It cannot be encoded as a string for storage in localStorage – But it can be stored in indexedDB
May 19, 2017 7 Service Worker API
• Allows the front-end of a web app to work “offline” like a na�ve app, without accessing the back-end • Available in Chrome, Firefox and Opera, under development in Edge, under considera�on for Safari • JS front-end registers a service worker with the browser and configures it to intercept certain requests to the backend and respond to them by genera�ng a web page that is rendered by the browser • The generated web page may include JS code, which can be used to present a cryptographic creden�al
May 19, 2017 8 Four solu�ons Using localStorage Using the IndexedDB and for storing Web Cryptography APIs third party cryptographic Any cryptographic creden�al (any Creden�al must be RSA or ECDSA creden�als in cer�fied key pair, anonymous cer�fied key pair; private key not the browser creden�als, rich creden�als, etc.) extractable from CryptoKey object Solu�on 1 Solu�on 2
No TTP
Details in slide 19 Solu�on 3 Solu�on 4
TTP
TTP = Trusted 3rd party
May 19, 2017 9 Solu�on 1 – Issuance
Creden�al issuer
Internet
Browser
Creden�al Web page
issuance
page JavaScript
localStorage
May 19, 2017 10 Solu�on 1 – Issuance
Creden�al issuer
Internet
Issuance Browser protocol Web page
JavaScript
localStorage
May 19, 2017 11 Solu�on 1 – Issuance
Creden�al issuer
Internet
Browser
Web page
JavaScript
localStorage
Creden�al
May 19, 2017 12 Solu�on 1 – Issuance
Creden�al issuer
Internet
Browser
Service Web page worker
JS front-end registers JavaScript SW with browser
localStorage
Creden�al
May 19, 2017 13 Solu�on 1 – Presenta�on
Creden�al Creden�al issuer verifier
Internet Request that requires Browser iden�fica�on
Service Web page worker
localStorage
Creden�al
May 19, 2017 14 Solu�on 1 – Presenta�on
Issuer backend Creden�al Creden�al doesn’t see issuer verifier request Internet
Browser Request Redirected redirected request Service Web page to issuer intercepted by worker service worker JavaScript
localStorage
Creden�al
May 19, 2017 15 Solu�on 1 – Presenta�on
Creden�al verifier
Internet
Browser
Service Web page Consent request worker page generated by service JavaScript worker
localStorage
Creden�al
May 19, 2017 16 Solu�on 1 – Presenta�on
Creden�al verifier
Internet
Browser
Service Web page worker
JavaScript
localStorage
Creden�al
May 19, 2017 17 Solu�on 1 – Presenta�on
Creden�al verifier
Internet
Browser Credential presenta�on Service Web page worker
JavaScript
localStorage
Creden�al
May 19, 2017 18 Four solu�ons Using localStorage Using the IndexedDB and for storing Web Cryptography APIs third party cryptographic Any cryptographic creden�al (any Creden�al must be RSA or ECDSA creden�als in cer�fied key pair, rich creden�als, cer�fied key pair; private key not the browser anonymous creden�als, etc.) extractable from CryptoKey object Solu�on 1 Solu�on 2 Issuance protocol: issuer FE Issuer FE runs issuance protocol generates key pair, issuer BE No TTP with issuer BE cer�fies public key. Issuer SW Issuer SW presents creden�al presents creden�al but cannot extract private key Solu�on 3 Solu�on 4 Issuance protocol: TTP FE TTP FE runs issuance protocol with generates key pair, issuer BE TTP issuer BE cer�fies public key. TTP SW TTP SW presents creden�al presents creden�al but cannot extract private key
TTP = Trusted 3rd party, FE = Front-end, BE = Back-end; SW = service worker
May 19, 2017 19 A�ack by A�ack by Malicious SECURITY Physical issuer at issuer a�er JS from 3rd Malware POSTURES capture issuance issuance party Solu�on 1: LS Capture Capture Secure Capture Capture
Solu�on 2: IDB/CK Capture Use Secure Capture Capture
Solu�ons 3 and 4: TTP Secure Secure Capture/Use/Secure: Secure Capture Capture refers to whether the SC/preloaded creden�al Capture Secure Secure Secure Secure cryptographic creden�al can SC/on-card key pair gen Capture be used by the adversary on Secure Secure Secure Secure SC/TTP firmware Secure the subject’s machine, or Secure Secure Secure Secure TP HW on device Secure captured for use elsewhere Secure Secure Secure Secure
TEE Secure Secure Secure Secure Capture
JS = Javascript; IDB = indexedDB; CK = CryptoKey object; LS = localStorage; SC = Smartcard TTP = Trusted third party; TP HW = Tamper-proof hardware, e.g. TPM, Secure Element TEE = Trusted execu�on environment
May 19, 2017 20 A�ack by A�ack by Malicious SECURITY Physical issuer at issuer a�er JS from 3rd Malware POSTURES capture issuance issuance party Solu�on 1: LS Capture Capture Secure Capture Capture
Solu�on 2: IDB/CK Capture Use Secure Capture Capture
Solu�ons 3 and 4: TTP Secure Secure Secure Capture Capture
SC/preloaded creden�al Capture Secure Secure Secure Secure
SC/on-card key pair gen Capture Secure Secure Secure Secure
SC/TTP firmware Secure Secure Secure Secure Secure
TP HW on device Secure Secure Secure Secure Secure
TEE Secure Secure Secure Secure Capture
JS = Javascript; IDB = indexedDB; CK = CryptoKey object; LS = localStorage; SC = Smartcard TTP = Trusted third party; TP HW = Tamper-proof hardware, e.g. TPM, Secure Element TEE = Trusted execu�on environment
May 19, 2017 21 A�ack by A�ack by Malicious SECURITY Physical issuer at issuer a�er JS from 3rd Malware POSTURES capture issuance issuance party Solu�on 1: LS Capture Capture Secure Capture Capture
Solu�on 2: IDB/CK Capture Use Secure Capture Capture
Solu�ons 3 and 4: TTP Secure Secure Secure Capture Capture
SC/preloaded creden�al Capture Secure Secure Secure Secure
SC/on-card key pair gen Capture Secure Secure Secure Secure
SC/TTP firmware Secure Secure Secure Secure Secure
TP HW on device Secure Secure Secure Secure Secure
TEE Secure Secure Secure Secure Capture
Storage in browser is secure if: (i) trusted issuer; (ii) no malware on subject’s device; and (iii) no physical capture of subject’s device
May 19, 2017 22 A�ack by A�ack by Malicious SECURITY Physical issuer at issuer a�er JS from 3rd Malware POSTURES capture issuance issuance party Solu�on 1: LS Capture Capture Secure Capture Capture
Solu�on 2: IDB/CK Capture Use Secure Capture Capture
Solu�ons 3 and 4: TTP Secure Secure Secure Capture Capture
SC/preloaded creden�al Capture Secure Secure Secure Secure
SC/on-card key pair gen Capture Secure Secure Secure Secure
SC/TTP firmware Secure Secure Secure Secure Secure
TP HW on device Secure Secure Secure Secure Secure
TEE Secure Secure Secure Secure Capture
Storage in browser not secure against malware or physical capture
May 19, 2017 23 A�ack by A�ack by Malicious SECURITY Physical issuer at issuer a�er JS from 3rd Malware POSTURES capture issuance issuance party Solu�on 1: LS Capture Capture Secure Capture Capture
Solu�on 2: IDB/CK Capture Use Secure Capture Capture
Solu�ons 3 and 4: TTP Secure Secure Secure Capture Capture
SC/preloaded creden�al Capture Secure Secure Secure Secure
SC/on-card key pair gen Capture Secure Secure Secure Secure
SC/TTP firmware Secure Secure Secure Secure Secure
TP HW on device Secure Secure Secure Secure Secure
TEE Secure Secure Secure Secure Capture
Storage-in-browser solu�ons have different security postures w.r.t. a�ack by issuer a�er issuance, e.g. a�ack by an issuer insider a�er issuance
May 19, 2017 24 A�ack by A�ack by Malicious SECURITY Physical issuer at issuer a�er JS from 3rd Malware POSTURES capture issuance issuance party Solu�on 1: LS Capture Capture Secure Capture Capture
Solu�on 2: IDB/CK Capture Use Secure Capture Capture
Solu�ons 3 and 4: TTP Secure Secure Secure Capture Capture
SC/preloaded creden�al Capture Secure Secure Secure Secure
SC/on-card key pair gen Capture Secure Secure Secure Secure
SC/TTP firmware Secure Secure Secure Secure Secure
TP HW on device Secure Secure Secure Secure Secure
TEE Secure Secure Secure Secure Capture localStorage controlled by trusted third party is more secure than smartcard assuming no malware or physical capture, even with on-card key pair genera�on, if the card is provided by the issuer. Must use TTP firmware on SC to match LS controlled by TTP
May 19, 2017 25 A�ack by A�ack by Malicious SECURITY Physical issuer at issuer a�er JS from 3rd Malware POSTURES capture issuance issuance party Solu�on 1: LS Capture Capture Secure Capture Capture
Solu�on 2: IDB/CK Capture Use Secure Capture Capture
Solu�ons 3 and 4: TTP Secure Secure Secure Capture Capture
SC/preloaded creden�al Capture Secure Secure Secure Secure
SC/on-card key pair gen Capture Secure Secure Secure Secure
SC/TTP manufacturer Secure Secure Secure Secure Secure
TP HW on device Secure Secure Secure Secure Secure
TEE Secure Secure Secure Secure Capture
Tamper-proof hardware on device (TPM, Secure Element) or TEE are good solu�ons; but web applica�ons cannot use them today
May 19, 2017 26 Poten�al applica�ons
• Remote iden�ty proofing, recurring authen�ca�on and privilege escala�on using a cryptographic creden�al such as: – Tradi�onal public key cer�ficate and associated private key – Anonymous creden�al (e.g. Idemix) – Rich creden�al • End-to-end encryp�on for web mail • Cryptographically secured online payments
May 19, 2017 27 Thank you for your a�en�on!
For more informa�on: pomcor.com pomcor.com/blog/
Francisco Corella [email protected] Karen Lewison [email protected]
Any ques�ons?
May 19, 2017 28