It’s all about the cookie – Jonas Magazinius

Från OWASP Göteborgs senaste träff, OWASP Göteborg ledaren Jonas Magazinius hoppar in i sista minuten som ersättare för en talare som fått förhinder. Jonas presenterar ett ECC baserat protokoll för lösenordsauthenticering där lösenordet aldrig landar på servern 🙂

It’s all about the cookie,

it’s all about the crumb

Most common pin code?

● Founder and CEO – Assured Security
– From web to embedded
– In collaboration with Cure53
● PhD in application security
– “Securing the mashed up web”
– Integrating 3rd-party code without leaking information
● Post-Doc Researcher
– Privacy preserving biometric authentication
– CSP vs. Browser Extension
– Decentralized Client-side SSO
● Co-leader OWASP Gothenburg chapter


Client-side password verification
● Encountered during pentests
● SRP (Secure Remote Password) protocol
– Company XXX
● User profile sent as AES encrypted blob
● File encryption made easy
● Encryption keys generated on the fly

● Password based key derivation (PBKD)
● Crypto details
– ECC curve25519
● Small keys: ejxea7dQYPI/dQaCUyD8yHleQsebKEFuR9PQdrf8­5Pjd
– Scrypt
● Memory intensive hash function
● Pros:
– Keys are generated, never stored
– Can’t be deleted (but can be forgotten)
– Very hard to brute force
● Cons:
– Forget your password – loose your keys

Could this be used for authentication?

Challenge – Response

Challenges / Goals
● Client-side password verification
– No more sending passwords around!
● Authentication service
– One password to rule them all!
● Password reset
– I’m forgetful!
● Single sign-on
– I’m lazy!

Client-side password verification
● Don’t send passwords – verify locally
– Decentralised verification
● How to store credentials?
– Don’t
● How to verify?
– Generate keys on the fly
– Sign challenge from server
– Respond with public key and signature

Decentralised authentication service
Authenticate to multiple web sites with the
same credentials
– Verified locally
● How to implement?
– Optimally as a browser extension
– Secondarily as a web page containing only the
necessary JavaScript functionality
– Servers send identification, such as URL requesting

Password reset
● If password is lost – reset but keep the keys
– The output from Hash will be different
– The input to KeyGen must stay the same
● How to make different passwords generate the
same key?
– Introduce random value η such that α = h⊕η
– Input to KeyGen is α
– New password gives hash h’, calculate η’ = h⊕η⊕h’
– Now η’⊕h’ = η⊕h = α

Single sign-on
● Only enter password once (per day/week/month)
● How to prove we knew the password?
– Create session keys
– Sign with master key
● How to ensure session keys time out?
– Add a timestamp to signature
– Abort if current time is greater than timestamp

Here, take a cookie…
Passwords gets
you cookies
But cookies gets
you sessions



Fyll i dina uppgifter nedan eller klicka på en ikon för att logga in: Logo

Du kommenterar med ditt Logga ut /  Ändra )


Du kommenterar med ditt Google+-konto. Logga ut /  Ändra )


Du kommenterar med ditt Twitter-konto. Logga ut /  Ändra )


Du kommenterar med ditt Facebook-konto. Logga ut /  Ändra )


Ansluter till %s