end end to end file encr encryp yption i in n the the web
play

End End-to-end File Encr Encryp yption i in n the the Web Br - PowerPoint PPT Presentation

May 01, 2023 •256 likes •770 views

End End-to-end File Encr Encryp yption i in n the the Web Br eb Browser er A Ca Case e Study dy Thomas Konrad, SBA Research Vue.js Meetup Vienna, Feb 11, 2020 SBA Research gGmbH, 2020 Classification: Public 1 ~ $ whoami Thomas

  1. End End-to-end File Encr Encryp yption i in n the the Web Br eb Browser er – A Ca Case e Study dy Thomas Konrad, SBA Research Vue.js Meetup Vienna, Feb 11, 2020 SBA Research gGmbH, 2020 Classification: Public 1

  2. ~ $ whoami Thomas Konrad ~ $ id uid=123 gid=1(Vienna, Austria) gid=2(SBA Research) gid=3(Software Security) gid=4(Penetration Testing) gid=5(Secure Development Lifecycle) gid=6(Security Training) gid=7(sec4dev Conference & Bootcamp) SBA Research gGmbH, 2020 Classification: Public 2

  3. Wha What t we’d e’d like t e to o do SBA Research gGmbH, 2020 Classification: Public 3

  4. Wh Why y al all th the e Fuzz? zz? Beecozz Sucurity! • No, seriously • To lower the attack o surface significantly! File read access on the o server gets worthless to attackers Maybe better o deployment options SBA Research gGmbH, 2020 Classification: Public 4

  5. I a I admi mit: I d : I didn’t i n’t inven nvent t th this. s. Firefox Send • End-to-end encrypted file sharing • Basic concepts in this talk are • taken from there https://send.firefox.com • https://github.com/mozilla/send • Good stuff! • SBA Research gGmbH, 2020 Classification: Public 5

  6. Req equiremen rements ts Ensure confidentiality, integrity, and authenticity Encrypt the file in the browser Support big files (> 10 GB) Support old browsers as well as possible Securely distribute keys SBA Research gGmbH, 2020 Classification: Public 6

  7. Ensure nsure Conf nfiden enti tial ality ty, Int Integri egrity ty, an and Authenti uthentici city ty First things first: Randomness . 1110 1101 0001 1101 0000 0000 0000 0000 “There is no such thing as a random number – there are only methods to produce random numbers.” – John von Neumann (1961) SBA Research gGmbH, 2020 Classification: Public 7

  8. Gener Generate e Secu ecure re Rand ndom B om Byt ytes es in th the e Browser ser https://gist.github.com/thomaskonrad/cfe4c9f6fd26f4382df1f8de3a2b97e8 GitHub Gist - Random Number Generator in TypeScript: public static generateRandomBytes ( length: number ): Uint8Array { return crypto.getRandomValues( new Uint8Array (length) ); } SBA Research gGmbH, 2020 Classification: Public 8

  9. Ensure nsure Conf nfiden enti tial ality ty, Int Integri egrity ty, an and Authenti uthentici city ty Let’s take as an example AES in CBC mode. What do you think we can guarantee with it? Confidentiality Integrity Authenticity SBA Research gGmbH, 2020 Classification: Public 9

  10. CBC (an (and other thers) s) Do N o Not Gu ot Guar aran antee ee Int Integri egrity ty • The ciphertext can be manipulated, and decryption will not fail. • Solution Authenticated Encryption with Associated Data o (AEAD) Examples: AES-GCM, ChaCha20-Poly1305 o SBA Research gGmbH, 2020 Classification: Public 10

  11. Req equiremen rements ts Ensure confidentiality, integrity, and authenticity Encrypt the file in the browser Support big files (> 10 GB) Support old browsers as well as possible Securely distribute keys SBA Research gGmbH, 2020 Classification: Public 11

  12. Symme ymmetric tric AEAD AEAD Enc Encryp yption tion in in the the Brow owse ser r 1/2 https://gist.github.com/thomaskonrad/c8ed4d73bb200ecc9ecdf5b85e2eb7f0 GitHub Gist - Authenticated Secret Key Cryptography (AEAD) in TypeScript: export default class AEAD { public static readonly KEY_LENGTH_IN_BYTES = 16; public static readonly IV_LENGTH_IN_BYTES = 16; public static readonly TAG_LENGTH_IN_BYTES = 16; private static readonly ALGORITHM = 'AES-GCM'; private readonly secretKey: CryptoKey; private readonly tagLengthInBytes: number; public constructor(secretKey: CryptoKey, tagLengthInBytes = AEAD. TAG_LENGTH_IN_BYTES ) { this.secretKey = secretKey; this.tagLengthInBytes = tagLengthInBytes; } public static async getCryptoKeyFromRawKey (rawKey: Uint8Array): Promise<CryptoKey> { return await crypto .subtle.importKey( 'raw', rawKey, { name: this. ALGORITHM , }, true, ['encrypt', 'decrypt'], ); } SBA Research gGmbH, 2020 Classification: Public 12

  13. Symme ymmetric tric AEAD AEAD Enc Encryp yption tion in in the the Brow owse ser r 2/2 https://gist.github.com/thomaskonrad/c8ed4d73bb200ecc9ecdf5b85e2eb7f0 GitHub Gist - Authenticated Secret Key Cryptography (AEAD) in TypeScript: public async encrypt(iv: Uint8Array, data: Uint8Array): Promise<ArrayBuffer> { return await crypto .subtle.encrypt({ name: AuthenticatedSecretKeyCryptography. ALGORITHM , iv, tagLength: this.tagLengthInBytes * 8, }, this.secretKey, data, ); } public async decrypt(iv: Uint8Array, data: Uint8Array): Promise<ArrayBuffer> { return await crypto .subtle.decrypt({ name: AuthenticatedSecretKeyCryptography. ALGORITHM , iv, tagLength: this.tagLengthInBytes * 8, }, this.secretKey, data, ); } } SBA Research gGmbH, 2020 Classification: Public 13

  14. Req equiremen rements ts Ensure confidentiality, integrity, and authenticity Encrypt the file in the browser Support big files (> 10 GB) Support old browsers as well as possible Securely distribute keys SBA Research gGmbH, 2020 Classification: Public 14

  15. Upload ad: C : Chu hunk a nk and nd Encr Encryp ypt SBA Research gGmbH, 2020 Classification: Public 15

  16. Upload load: : Splitting litting a a Fil File using using the the Fil FileRead ader r API API https://gist.github.com/thomaskonrad/8ced18322ebfcba47d7e8765176eeefb GitHub Gist - Split files into chunks of a given size using the FileReader API: <template> <input type="file" @change="files = $event .target.files"/> </template> // ... const readChunk = () => { const r = new FileReader (); const blob = file.slice(offset, chunkSize + offset); r.onload = readEventHandler; r.readAsArrayBuffer(blob); }; SBA Research gGmbH, 2020 Classification: Public 16

  17. Upload load: : Splitting litting a a Fil File using using the the Fil FileRead ader r API API https://gist.github.com/thomaskonrad/8ced18322ebfcba47d7e8765176eeefb GitHub Gist - Split files into chunks of a given size using the FileReader API: const readEventHandler = async (evt: any) => { if (evt.target.error == null) { const sequenceNumber = (offset / chunkSize); offset += evt.target.result.byteLength; let data = new Uint8Array (evt.target.result); data = await encrypt(data, sequenceNumber); await upload(data, sequenceNumber); } // Error handling, termination, read next chunk. }; SBA Research gGmbH, 2020 Classification: Public 17

  18. Upload load: : Cre Creating ating the the Enc Encryp yption tion Transf ansforme ormer const encrypt = async (chunk: Uint8Array, chunkIndex: number) => { return await this.keyChain.encrypt( chunk, file.nonce, // A random, 12-byte nonce! 'fileContents’, chunkIndex // This will be part of the nonce. ); }; SBA Research gGmbH, 2020 Classification: Public 18

  19. Fi FileR eRead eader er API: I: Brow owser ser Sup uppor ort SBA Research gGmbH, 2020 Classification: Public 19

  20. Dow ownl nloa oad: D : Dow ownl nload ad a as s Blob? async blobDownload(file: File) { const response = await this.$http.get( `/api/v1/files/${file.id}`, { responseType: 'blob' }, ); const cleartext = await this.keyChain.getDecryptedResponseData( response.data, file.nonce, file.totalClearTextSizeInBytes, ); await saveFile(cleartext, file.name, file.mimeType); } SBA Research gGmbH, 2020 Classification: Public 20

  21. Dow ownl nloa oad: : Crea reati ting ng a a ”S ”Save ave as” D s” Dialog https://gist.github.com/thomaskonrad/37772256a86d9f5b0472b3c2440cffee GitHub Gist: Downloading an Array Buffer via a "Save as" Dialog in the Browser: export default async function saveFile(plaintext: ArrayBuffer, fileName: string, fileType: string) { return new Promise ((resolve, reject) => { const dataView = new DataView (plaintext); const blob = new Blob ([dataView], { type: fileType }); const downloadUrl = URL .createObjectURL(blob); const a = document .createElement('a'); a.href = downloadUrl; a.download = fileName; document .body.appendChild(a); a.click(); URL .revokeObjectURL(downloadUrl); setTimeout(resolve, 100); }); } SBA Research gGmbH, 2020 Classification: Public 21

  22. Dow ownl nloa oad: : Dow ownsi nsides es of th f this s Approa oach • A 10 GB file will use 20 GB+ of memory • Using this approach, we cannot stream the data • Enter Service Workers ! SBA Research gGmbH, 2020 Classification: Public 22

  23. Ser ervi vice ce Worker ers: s: A Quick P k Pri rimer mer • A piece of JavaScript code that runs in the background of your website • It acts as a proxy server between your site and the server • It runs in a worker context and has no DOM access SBA Research gGmbH, 2020 Classification: Public 23

  24. Ser ervi vice ce Worker ers: s: A Quick P k Pri rimer mer • Service Worker use cases Intercepting and modifying requests o Caching resources o Convert images o Can make your app work even if no network is o available (Progressive Web Apps, PWA) SBA Research gGmbH, 2020 Classification: Public 24

  25. Ser ervi vice ce Worker ers: s: A Quick P k Pri rimer mer SBA Research gGmbH, 2020 Classification: Public 25

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Using Fully y Homomorphic Encryp yption for St Statistical Analysi sis s of Categori rical,

Using Fully y Homomorphic Encryp yption for St Statistical Analysi sis s of Categori rical,

Using Fully y Homomorphic Encryp yption for St Statistical Analysi sis s of Categori rical, , Or Ordinal and and Num Numeric ical al Data Wen-jie Lu 1 , Shohei Kawasaki 1 , Jun Sakuma 1,2,3 1. University of Tsukuba, Japan 2. JST

540 views • 30 slides
Cr Cryp yptography: His History an and Sim imple le Enc Encryp yption Me Methods an and

Cr Cryp yptography: His History an and Sim imple le Enc Encryp yption Me Methods an and

Cr Cryp yptography: His History an and Sim imple le Enc Encryp yption Me Methods an and Pr Preliminaries 1 Cryp Cr yptography The word cryptography comes from the Greek words (hidden or secret) and

670 views • 37 slides
Blockchains Focus is on abstraction they provide (Take CS 485/585 for how they work)

Blockchains Focus is on abstraction they provide (Take CS 485/585 for how they work)

Cryptographic Primitives Used in Blockchains Focus is on abstraction they provide (Take CS 485/585 for how they work) Public-key, Private-key cryptography Bu But t first st, , sy symm mmetric etric en encr crypt yption ion

545 views • 38 slides
Lecture 3 Encryption Suggested Readings: Chs 3 &amp; 4 in KPS (recommended) Ch 3 in

Lecture 3 Encryption Suggested Readings: Chs 3 &amp; 4 in KPS (recommended) Ch 3 in

Lecture 3 Encryption Suggested Readings: Chs 3 &amp; 4 in KPS (recommended) Ch 3 in Stinson (optional) 1 Encryp Enc yption n Princ ncipl ples A cryptosystem has (at least) five ingredients: Plaintext Secret Key

945 views • 70 slides
Exploi'ng Leakage in Searchable Encryp'on and Machine

Exploi'ng Leakage in Searchable Encryp'on and Machine

Exploi'ng Leakage in Searchable Encryp'on and Machine Learning Tom Ristenpart Covering joint work with : David Cash, Paul Grubbs, Jason Perry

875 views • 56 slides
Symmetric Key Encryp.on 9/9/2009 598MAN Applied Cryptography 1 Outline Recall:

Symmetric Key Encryp.on 9/9/2009 598MAN Applied Cryptography 1 Outline Recall:

Symmetric Key Encryp.on 9/9/2009 598MAN Applied Cryptography 1 Outline Recall: defini.ons of encryp.on Perfect secrecy CPA security CCA security Today Prac.cal construc.ons 9/9/2009 598MAN Applied Cryptography

490 views • 28 slides
New Encryp+on Primi+ves for Uncertain Times Thomas Ristenpart

New Encryp+on Primi+ves for Uncertain Times Thomas Ristenpart

New Encryp+on Primi+ves for Uncertain Times Thomas Ristenpart University of Wisconsin Covering joint work with: Sco@ Coull, Kevin Dyer, Ari Juels,

751 views • 54 slides
Modifying an Enciphering Scheme a3er Deployment Paul Grubbs, Thomas Ristenpart, Yuval Yarom

Modifying an Enciphering Scheme a3er Deployment Paul Grubbs, Thomas Ristenpart, Yuval Yarom

Modifying an Enciphering Scheme a3er Deployment Paul Grubbs, Thomas Ristenpart, Yuval Yarom Format-Preserving Encryp&lt;on (FPE) Encryp&lt;on service Client E(CCN) CCN E(CCN) E(CCN) E(CCN) Format-Preserving Encryp&lt;on (FPE)

246 views • 24 slides
ENCR - the European Network of Cancer Registries Collecting, monitoring and improving cancer data

ENCR - the European Network of Cancer Registries Collecting, monitoring and improving cancer data

ENCR - the European Network of Cancer Registries Collecting, monitoring and improving cancer data Otto Visser EMA, 29-11-2019 Classified as internal/staff &amp; contractors by the European Medicines Agency The Network and its structure

406 views • 18 slides
Week 10: File Management What is a file? Elements of file management File

Week 10: File Management What is a file? Elements of file management File

CPSC 410 / 611 : Operating Systems Week 10: File Management What is a file? Elements of file management File organization Directories File allocation UNIX file system Reading: Silberschatz, Chapter 10, 11

498 views • 13 slides
Enc Encryp ypted Sear ed Search h Seny Kamara Brown University 2 3 4 Q: Why is this

Enc Encryp ypted Sear ed Search h Seny Kamara Brown University 2 3 4 Q: Why is this

Enc Encryp ypted Sear ed Search h Seny Kamara Brown University 2 3 4 Q: Why is this happening? 5 Big Data Industry and Governments want more data NaDonal security Machine learning Business analyDcs NLP

431 views • 30 slides
What if... There is no file with the name given to the File constructor: new File

What if... There is no file with the name given to the File constructor: new File

What if... There is no file with the name given to the File constructor: new File (IDontExist.txt); Throws FileNotFoundException 1 Handling Exceptions Call that throws the exception try { File f = new File (file.txt);

804 views • 8 slides
File Management What is a file? Elements of file management File organization

File Management What is a file? Elements of file management File organization

CPSC 410 / 611 : Operating Systems File Management File Management What is a file? Elements of file management File organization Directories File allocation What is a File? A file is a collection of data elements, grouped

817 views • 38 slides
CPSC 410/611: File Management What is a file? Elements of file management File

CPSC 410/611: File Management What is a file? Elements of file management File

CPSC 410 / 611 : Operating Systems CPSC 410/611: File Management What is a file? Elements of file management File organization Directories File allocation UNIX file system Reading: Silberschatz, Chapter 10, 11

186 views • 14 slides
File Systems: Semantics &amp; Structure What is a File a file is a named collection of

File Systems: Semantics &amp; Structure What is a File a file is a named collection of

5/15/2017 File Systems: Semantics &amp; Structure What is a File a file is a named collection of information 11A. File Semantics primary roles of file system: 11B. Namespace Semantics to store and retrieve data 11C. File

352 views • 16 slides
File Systems: Semantics &amp; Structure What is a File a file is a named collection of

File Systems: Semantics &amp; Structure What is a File a file is a named collection of

5/16/2018 File Systems: Semantics &amp; Structure What is a File a file is a named collection of information 11A. File Semantics primary roles of file system: 11B. Namespace Semantics to store and retrieve data 11C. File

373 views • 13 slides
Web Security 1 last time: command injection placing user input in more complicated language SQL

Web Security 1 last time: command injection placing user input in more complicated language SQL

Web Security 1 last time: command injection placing user input in more complicated language SQL shell commands input accidentally treated as commands in language instead of single value (e.g. argument/string constant) defenses: better APIs:

630 views • 50 slides
Announcements Class cancelled on Wednesday Web Security CS642:

Announcements Class cancelled on Wednesday Web Security CS642:

Announcements Class cancelled on Wednesday Web Security CS642: Computer Security Professor Ristenpart h=p://www.cs.wisc.edu/~rist/ rist at cs dot wisc dot

516 views • 36 slides
IT350: Web &amp; Internet Programming JavaScript Dynamic HTML CGI / PHP Set 12: CGI

IT350: Web &amp; Internet Programming JavaScript Dynamic HTML CGI / PHP Set 12: CGI

Things well learn and do HTML5 basics, tables, forms Cascading Style Sheets IT350: Web &amp; Internet Programming JavaScript Dynamic HTML CGI / PHP Set 12: CGI and PHP 1 Outline The Three-Tier Architecture

362 views • 18 slides
Uses and Abuses of Server-Side Requests Giancarlo Pellegrino 1 , Onur Catakoglu 2 , Davide

Uses and Abuses of Server-Side Requests Giancarlo Pellegrino 1 , Onur Catakoglu 2 , Davide

Uses and Abuses of Server-Side Requests Giancarlo Pellegrino 1 , Onur Catakoglu 2 , Davide Balzarotti 2 , and Christian Rossow 1 giancarlo.pellegrino@cispa.saarland 19th International Symposium on Research in Attacks, Intrusions and Defenses

564 views • 38 slides
Analyzing Facebook Privacy Settings: User Expectations vs. Reality Yabing Liu Krishna Gummadi

Analyzing Facebook Privacy Settings: User Expectations vs. Reality Yabing Liu Krishna Gummadi

Analyzing Facebook Privacy Settings: User Expectations vs. Reality Yabing Liu Krishna Gummadi Balachander Krishnamurthy Alan Mislove Northeastern University MPI-SWS AT&amp;T LabsResearch November 2, 2011, IMC11

501 views • 24 slides
Pivot: Finding Funding &amp; Collaborating Opportunities for International Postdocs Min-Lin

Pivot: Finding Funding &amp; Collaborating Opportunities for International Postdocs Min-Lin

Pivot: Finding Funding &amp; Collaborating Opportunities for International Postdocs Min-Lin Fang, MLS Research and Education Librarian Min-lin.fang@ucsf.edu Learning Objectives By the end of the training, participants will be able to:

588 views • 30 slides
Contracts 7 January 2019 OSU CSE 1 Contract Details Contracts in the APIs for OSU CSE

Contracts 7 January 2019 OSU CSE 1 Contract Details Contracts in the APIs for OSU CSE

Contracts 7 January 2019 OSU CSE 1 Contract Details Contracts in the APIs for OSU CSE components include these important features: Parameter modes Two stipulations: Parameter names in requires and ensures clauses always

408 views • 25 slides
Tales Of The Kubernetes Ingress Networking: Deployment Patterns For External Load Balancers 1

Tales Of The Kubernetes Ingress Networking: Deployment Patterns For External Load Balancers 1

Tales Of The Kubernetes Ingress Networking: Deployment Patterns For External Load Balancers 1 How To Access The Slides? Slides (HTML): https://containous.github.io/slides/webinar-cncf-jan-2020 Slides (PDF):

1.02k views • 49 slides

More recommend