Don't Loose Sleep - Secure Your Rest - php[tek] 2017
0 likes336 views
The document discusses the evolution of API security and the implementation of JavaScript Object Signing and Encryption (JOSE) to enhance authentication and data integrity. It highlights the improvements brought by JOSE, such as decoupling authentication and validation, reducing code complexity, and enabling better unit testing. Challenges with legacy implementations and the necessity for algorithm support in various programming languages are also addressed.
![@adam_englander
JWT Creation Example
$jwt = (new JWTCreator(new Signer(['RS512'])))->sign(
[
'iat' => time(),
'exp' => time() + 5,
'jti' => 'abc123',
],
['alg' => 'RS512'],
JWKFactory::createFromKeyFile(
'./private.key'
)
);](https://image.slidesharecdn.com/dontloosesleep-secureyourrest-170524214928/85/Don-t-Loose-Sleep-Secure-Your-Rest-php-tek-2017-45-320.jpg)
![@adam_englander
JWT Validation Example
$checkerManager = new CheckerManager();
$checkerManager->addClaimChecker(new IssuedAtChecker());
$jwtLoader = new JWTLoader(
$checkerManager,
new Verifier(['RS512'])
);
$keySet = new JWKSet();
$keySet->addKey(JWKFactory::createFromKeyFile(
'./public.key'
));
$jws = $jwtLoader->load($jwt, $keySet);
$jwtLoader->verify($jws, $keySet);](https://image.slidesharecdn.com/dontloosesleep-secureyourrest-170524214928/85/Don-t-Loose-Sleep-Secure-Your-Rest-php-tek-2017-46-320.jpg)
![@adam_englander
JWE Encryption Example
$encrypted = JWEFactory::createJWEToCompactJSON(
"Hello World!",
JWKFactory::createFromKeyFile(
'./public.key'
),
[
'enc' => 'A256CBC-HS512',
'alg' => 'RSA-OAEP-256',
'zip' => 'DEF',
]
);](https://image.slidesharecdn.com/dontloosesleep-secureyourrest-170524214928/85/Don-t-Loose-Sleep-Secure-Your-Rest-php-tek-2017-49-320.jpg)
![@adam_englander
JWE Decryption Example
$decrypted = (new Loader)->loadAndDecryptUsingKey(
$encrypted,
JWKFactory::createFromKeyFile(
'./private.key'
),
['RSA-OAEP-256'], // Acceptable algs
['A256CBC-HS512'] // Acceptable encs
);](https://image.slidesharecdn.com/dontloosesleep-secureyourrest-170524214928/85/Don-t-Loose-Sleep-Secure-Your-Rest-php-tek-2017-50-320.jpg)
Don't Loose Sleep - Secure Your Rest - php[tek] 2017
- 1. @adam_englander Don’t Lose Sleep Secure Your REST Adam Englander, iovation
- 2. @adam_englander A Little Background About Me And APIs
- 3. @adam_englander This is what I looked like when I started working on APIs It was so long ago that SOAP was the new hotness.
- 4. @adam_englander Over The Years • 2001 — Global Authentication Service API • 2008 — Loan Application Ping Tree • 2010 — Loan Management System API • 2012 — Advertising Network API • 2013 — Real Time Loan Risk Assessment API • 2015 — Decentralized Multi-Factor Authorization API
- 5. @adam_englander Some Were More Secure Than Others
- 6. @adam_englander Auth and Crypto Was Messy • Auth as part of the message added complexity • Auth outside of the message lost context • Every implementation was specialized • Crypto was non-standard and static • Non-experts had to write a lot of code
- 7. @adam_englander My current product, LaunchKey, suffered as well.
- 8. @adam_englander We Identified Gaps • Authentication was part of the request • Signature was incomplete on request and absent on response • Key rotation was difficult if not impossible • Algorithms were pinned to lowest common denominator • To much crypto knowledge required without SDK
- 9. @adam_englander JOSE To The Rescue! Javascript Object Signing and Encryption (JOSE)
- 10. @adam_englander Why JOSE? • Authentication, authorization, encryption, and data integrity validation are not tied to the protocol • OAuth, OpenID, and FIDO adopting the standard gave it credibility, stability, and longevity as an IETF working group
- 11. @adam_englander What Changed? • JWT with custom claims used to validate entire request and critical portions of the response • JWE to encrypt request and response • JWA for future proofing cryptography • JWK for credential rotation • Removed password entirely
- 12. @adam_englander How Did We Do It?
- 13. @adam_englander A Whole Lot of JOSE • JSON Web Token (JWT) • JSON Web Signature (JWS) • JSON Web Encryption (JWE) • JSON Web Algorithm (JWA) • JSON Web Key (KWK)
- 14. @adam_englander JSON Web Signature (JWS) JWS is comprised of three segments: 1. Header provides key information, signature algorithm, and optionally content metadata 2. Payload is the data to be signed 3. Signature of the header and payload
- 15. @adam_englander JSON Web Token (JWT) • JWT is actually a JSON Web Signature (JWS) package with standardized payload in the form of Claims. • Provides for credentials, nonce, timestamp, and duration • Private claims can be added for extensibility
- 16. @adam_englander JSON Web Encryption (JWE) JSON Web Encryption contains five segments: 1. Header provides key management mode, key information, key encryption algorithm, content encryption algorithm, and optionally content metadata 2. Content Encryption Key (CEK) may contain generated symmetric keys used for encryption and HMAC that are encrypted using asymmetric key encryption
- 17. @adam_englander JSON Web Encryption (JWE) 3. Initialization Vector for encrypting the payload 4. Encrypted payload 5. Authentication tag is an HMAC of the header, IV, and encrypted payload
- 18. @adam_englander JSON Web Algorithm • Standardized format for expressing encryption and signature algorithms. • Used by JWE/JWS with “enc” and “alg” keys in the header.
- 19. @adam_englander JSON Web Key • Standardized format for expressing keys used for JWE and JWS. • Provides for key identification. • Used by JWE/JWS with number of keys in the header which are determined by the key type.
- 20. @adam_englander The Good — Decoupling • Authentication, authorization, validation, encryption and decryption was moved to middleware • Controllers handled only HTTP/JSON which greatly reduced code complexity • Better unit testing across the board • Reduced development times for new functionality
- 21. @adam_englander The Good — OSS Libraries • We can test our API without requiring our own client SDK • Client SDKs are less complex • OSS contributions are actually possible • Documentation complexity was reduced
- 22. @adam_englander The Good — Uniformity Across APIs • All APIs will be migrated to JOSE • Different key implementations are possible • Shared knowledge across vastly different teams • Federated authentication is attainable
- 23. @adam_englander The Good — Hierarchical Auth • JWT inclusion of issuer, subject, and audience allows for a parent to provide credentials for action on a sibling with proper context. • JWK allows for easy identification of credentials used
- 24. @adam_englander The Bad • Some languages have minimal support for algorithms and strengths • Some languages have no support for JWE. We had to write our own minimal Objective-C implementation • Some good documentation but a good working knowledge requires reading RFCs
- 25. @adam_englander How We Use JOSE JOSE Solved Every Problem We Had
- 26. @adam_englander Request Example Representation POST /service/v3/auths HTTP/1.1 Content-Type: application/jose Content-Length: 112 Authorization: IOV-JWT eyJhb.VuYyI6IkEy.OKOaw eyJhbGciO.Ppd6dIAkG.71lYoW6jA.t-4rRH6GsoXt0.1DGC4k
- 27. @adam_englander JWT Header Example { "kid": "09:f7:e0:2f:12:90:be:21:1d:a7:07:a2:66:f1:53:b3", "alg": "RS256", "typ": "JWT", "cty": "JWT" }
- 28. @adam_englander Key Rotation • Key ID id provided in request and response • Current and specific public keys are available via endpoint • https://api.launchkey.com/public/v3/public-key/ 09:f7:e0:2f:12:90:be:21:1d:a7:07:a2:66:f1:53:b3 • https://api.launchkey.com/public/v3/public-key
- 29. @adam_englander Key Rotation { "kid": "09:f7:e0:2f:12:90:be:21:1d:a7:07:a2:66:f1:53:b3", "alg": "RS256", "typ": "JWT", "cty": "JWT" } /v3/public-key/09:f7:e0:2f:12:90:be:21:1d:a7:07:a2:66:f1:53:b3
- 30. @adam_englander Request Authorization • Single use JSON Web Token (JWT) in Authorization header as Authorization scheme IOV-JWT • RSA key signature • Hierarchical ACL: Org -> Dir -> Service • Token ID as nonce • Private claims: request
- 31. @adam_englander Private Request Claims • Method • Path • Body hash • Body hash algorithm • Query parameters
- 32. @adam_englander JWT Request Claims Example { "iss": "dir:fd57bffe-7391-47c4-94d0-a0ad4b6bc979", "sub": "svc:d2083969-b5aa-4753-909d-472ce2517fd1", "aud": "lka", "iat": 1234567890, "nbf": 1234567890, "exp": 1234567895, "jti": "bec95e07-cee2-4c77-b080-56a8b24b2e54", "request": { "meth": "POST", "path": "/service/v3/auths", "func": "S256", "hash": "66a045b452102c59d840ec097d59d9467e13a3f34f6494e539ffd32c1bb35f18" } }
- 33. @adam_englander Hierarchical Credentials … "iss": "dir:fd57bffe-7391-47c4-94d0-a0ad4b6bc979", "sub": "svc:d2083969-b5aa-4753-909d-472ce2517fd1", "aud": "lka", …
- 34. @adam_englander Timestamp and Duration … "iat": 1487244120, "nbf": 1487244120, "exp": 1487244125, … JWT hash stored until expiration to prevent replay attacks.
- 36. @adam_englander Request Validation POST /service/v3/auths HTTP/1.1 … "request": { "meth": "POST", "path": "/service/v3/auths", "func": "S256", "hash": "66a045b452102c59d840e…" } …
- 37. @adam_englander Response Authorization • Single use JSON Web Token (JWT) in custom header X-IOV-JWT • RSA key signature • Hierarchical credentials • Token ID nonce is echoed • Private claims: response
- 38. @adam_englander Private Response Claims • Status Code • Cache-Control Header • Location Header • Body hash • Body hash algorithm
- 39. @adam_englander Response Example Representation HTTP/1.1 201 Created Content-Type: application/jose Content-Length: 112 Cache-Control: no-cache Location: /directory/v3/users/518f5d3e-7cdf-4ef1-… X-IOV-JWT: eyJhb.VuYyI6IkEy.OKOaw eyJhbGciO.Ppd6dIAkG.71lYoW6jA.t-4rRH6GsoXt0.1DGC4k
- 40. @adam_englander JWT Response Claims Example { "iss": "lka", "sub": "svc:d2083969-b5aa-4753-909d-472ce2517fd1", "aud": "dir:fd57bffe-7391-47c4-94d0-a0ad4b6bc979", "iat": 1234567891, "nbf": 1234567891, "exp": 1234567896, "jti": "bec95e07-cee2-4c77-b080-56a8b24b2e54", "response": { "status": 201, "cache": "no-cache", "location": "/directory/v3/users/518f5d3e-7cdf-4ef1-…", "func": "S256", "hash": "66a045b452102c59d840ec097d59d9467e13a3f34f6494e539ffd32c1bb35f18" } }
- 41. @adam_englander Hierarchical Credentials … "iss": "lka", "sub": "svc:d2083969-b5aa-4753-909d-472ce2517fd1", "aud": "dir:fd57bffe-7391-47c4-94d0-a0ad4b6bc979", …
- 42. @adam_englander Timestamp and Duration … "iat": 1487244121, "nbf": 1487244121, "exp": 1487244126, …
- 43. @adam_englander Nonce … "jti": "bec95e07-cee2-4c77-b080-56a8b24b2e54", … Nonce is echoed in JTI to allow for detection of Man In The Middle attacks
- 44. @adam_englander Response Validation HTTP/1.1 201 Created Cache-Control: no-cache Location: /directory/v3/users/518f5d3e-7c… … "response": { "status": 201, "cache": "no-cache", "location": "/directory/v3/users/518f5d3e-7c…", "func": "S256", "hash": “66a045b452102c59d840ec097d59d9467e13…” } …
- 45. @adam_englander JWT Creation Example $jwt = (new JWTCreator(new Signer(['RS512'])))->sign( [ 'iat' => time(), 'exp' => time() + 5, 'jti' => 'abc123', ], ['alg' => 'RS512'], JWKFactory::createFromKeyFile( './private.key' ) );
- 46. @adam_englander JWT Validation Example $checkerManager = new CheckerManager(); $checkerManager->addClaimChecker(new IssuedAtChecker()); $jwtLoader = new JWTLoader( $checkerManager, new Verifier(['RS512']) ); $keySet = new JWKSet(); $keySet->addKey(JWKFactory::createFromKeyFile( './public.key' )); $jws = $jwtLoader->load($jwt, $keySet); $jwtLoader->verify($jws, $keySet);
- 47. @adam_englander Encrypted Data with JWE • JWK provides for key rotation • Combination of RSA and AES encryption is always used • Algorithms and modes are always the same • Key size is variable in allowed range • Response uses same AES key size as request
- 48. @adam_englander JWE Header Example { "kid": "09:f7:e0:2f:12:90:be:21:1d:a7:07:a2:66:f1:53:b3", "alg": “RSA-OAEP-256", "enc": "A256CBC-HS512", "cty": “application/json" }
- 49. @adam_englander JWE Encryption Example $encrypted = JWEFactory::createJWEToCompactJSON( "Hello World!", JWKFactory::createFromKeyFile( './public.key' ), [ 'enc' => 'A256CBC-HS512', 'alg' => 'RSA-OAEP-256', 'zip' => 'DEF', ] );
- 50. @adam_englander JWE Decryption Example $decrypted = (new Loader)->loadAndDecryptUsingKey( $encrypted, JWKFactory::createFromKeyFile( './private.key' ), ['RSA-OAEP-256'], // Acceptable algs ['A256CBC-HS512'] // Acceptable encs );
- 51. @adam_englander Conclusion • JOSE has made our secure API more secure • JOSE has made our API easier to use • JOSE has made our code less complex • JOSE has homogenized auth and crypto across multiple platforms regardless of language
- 52. @adam_englander Resources • https://github.com/Spomky-Labs/jose • https://tools.ietf.org/wg/jose/ • https://jwt.io/
- 54. @adam_englander Please Rate This Talk https://joind.in/talk/4fea6
- 55. @adam_englander If You Want To Follow Up • @adam_englander • adam.englander@iovation.com • https://www.iovation.com/blog/author/aenglander