Dr. Michael B. Jones Identity Standards Architect at Microsoft

Slides:



Advertisements
Similar presentations
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Advertisements

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Prabath Siriwardena | Johann Nallathamby.
Draft-popov-token-binding-00 Andrei Popov, Microsoft Corp.
1 IETF OAuth Proof-of-Possession Hannes Tschofenig.
December 19, 2006 Solving Web Single Sign-on with Standards and Open Source Solutions Trey Drake AssetWorld 2007 Albuquerque, New Mexico November 2007.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
OpenID Connect Update and Discussion Mountain View Summit – September 12, 2011 Mike Jones – Microsoft John Bradley – Independent Nat Sakimura – Nomura.
The Design and Implementation of an OpenID-Enabled PKI Kevin Bauer University of Colorado Supervisor: Dhiva Muruganantham.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
SAML-based Delegation in Shibboleth Scott Cantor Internet2/The Ohio State University.
SASL-SAML update Klaas Wierenga Kitten WG 9-Nov-2010.
Secure Socket Layer (SSL)
SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21,
Observations from the OAuth Feature Survey Mike Jones March 14, 2013 IETF 86.
THE DEVIL IS IN THE (IMPLEMENTATION) DETAILS: AN EMPIRICAL ANALYSIS OF OAUTH SSO SYSTEMS SAN-TSAI SUN & KONSTANTIN BEZNOSOV PRESENTED BY: NAZISH KHAN COMPSCI.
Securing Angular Apps Brian Noyes
Esri UC 2014 | Demo Theater | Using ArcGIS Online App Logins in Node.js James Tedrick.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
Secure Mobile Development with NetIQ Access Manager
OpenID Connect Working Group May 10, 2016 Mike Jones Identity Standards Architect – Microsoft.
Redmond Protocols Plugfest 2016 Ron Starr, Paul Bartos, Hagit Galatzer, Stephen Guty New and Modified Windows Protocol Documents.
Apr 1, 2003Mårten Trolin1 Previous lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
Web Authorization Protocol WG Hannes Tschofenig, Derek Atkins.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
Identities Exposed How Design Flaws in Authentication Solutions May Compromise Your Privacy.
Identity Standards Architect, Microsoft
Access Policy - Federation March 23, 2016
NodeJS Security Using PassportJS and HelmetJS:
Managing State Chapter 13.
Federation made simple
OAuth WG Conference Call, 11th Jan. 2013
Phil Hunt, Hannes Tschofenig
Cryptography and Network Security
SAML New Features and Standardization Status
Secure Sockets Layer (SSL)
UNIT.4 IP Security.
CSCE 715: Network Systems Security
Chairs: Derek Atkins and Hannes Tschofenig
What is REST API ? A REST (Representational State Transfer) Server simply provides access to resources and the REST client accesses and presents the.
Introduction How to combine and use services in different security domains? How to take into account privacy aspects? How to enable single sign on (SSO)
COMP3220 Web Infrastructure COMP6218 Web Architecture
Addressing the Beast: Single Sign-On II
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
CSE 4095 Transport Layer Security TLS
OpenID Connect: News, Overview, Certification, and Action Items
OpenID Enhanced Authentication Profile (EAP) Working Group
Chapter 14: Representing Identity
OpenID Connect Working Group
What Does Logout Mean? Michael B. Jones, Identity Standards Architect, Microsoft Brock Allen, Software Security Consultant, Solliance OAuth Security Workshop,
OpenID Connect Working Group
The main cause for that are the famous phishing attacks, in which the attacker directs users to a fake web page identical to another one and steals the.
Token-based Authentication
Transport Layer Security (TLS)
Advanced Computer Networks
Electronic Payment Security Technologies
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
Cryptography and Network Security
D Guidance 26-Jun: Would like to see a refresh of this title slide
Cross Site Request Forgery (CSRF)
Web Authorization Protocol (OAuth)
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
Presentation transcript:

Token Binding Standards and Applications: Securing what were previously bearer tokens Dr. Michael B. Jones Identity Standards Architect at Microsoft Brian Campbell Distinguished Engineer at Ping Identity May 10, 2017

The Problem With Bearer Tokens One truth and a lie

Token Binding Solution Token Binding enables data structures to be cryptographically bound to a particular TLS channel Making them no longer bearer tokens Prevents them from being used in unintended ways Data structures that can be Token Bound include: Browser cookies, ID Tokens, access tokens, refresh tokens, authorization codes Presentation will discuss: Token Binding mechanisms Kinds of threats they mitigate Current deployment status

IETF Token Binding Specifications

Hello! Do you like my extension?

Do you support Token Binding? TLS Handshake Key Parameters: (0) rsa2048_pkcs1.5 rsa2048_pss ecdsap256 Also need extenstions: Extended Master Secret Renegotiation Indication Client Server ClientHello ... token_binding [24] token_binding_version [1,0] key_parameters_list [2,0] ServerHello ... token_binding [24] token_binding_version [1,0] key_parameters_list [2]

Token Binding over HTTPS HTTP Request Client GET /stuff HTTP/1.1 Host: example.com Sec-Token-Binding: AIkAAgBBQLgtRpWFPN66kxhxGrtaKrzcMtHw7HV8 yMk_-MdRXJXbDMYxZCWnCASRRrmHHHL5wmpP3bhYt0ChRDbsMapfh_QAQ N1He3Ftj4Wa_S_fzZVns4saLfj6aBoMSQW6rLs19IIvHze7LrGjKyCfPT KXjajebxp-TLPFZCc0JTqTY5_0MBAAAA Server Encoded Token Binding Message (1 or more) Token Bindings Type (provided / referred) Token Binding ID (key type and public key) Signature over type, key type, and EKM (TLS Exported Keying Material) Extensions Proves possession of the private key on the TLS connection Keys are long-lived and span TLS connections

Browser cookies low hanging fruit secure HttpOnly

Binding Cookies Server associates Token Binding ID with cookie & checks on subsequent use Augments existing authentication and session mechanisms Transparent to users Deployment can be phased in

What about federation? Relying Party (RP) Identity Provider (IDP) There’s an HTTP response header for that! Tells the browser that it should reveal the Token Binding ID used between itself and the RP (referred) in addition to the one used between itself and the IDP (provided). Relying Party (RP) Identity Provider (IDP) GET / HTTP/1.1 Host: idp.example.com Sec-Token-Binding: ARIAAgBBQB-XOPf5ePlf7ikATiAFEGOS503 lPmRfkyymzdWwHCxl0njjxC3D0E_OVfBNqrIQxzIfkF7tWby2Zfya E6XpwTsAQBYqhFX78vMOgDX_Fd_b2dlHyHlMmkIz8iMVBY_reM98O UaJFz5IB7PG9nZ11j58LoG5QhmQoI9NXYktKZRXxrYAAAECAEFAdU FTnfQADkn1uDbQnvJEk6oQs38L92gv-KO-qlYadLoDIKe2h53hSiK wIP98iRj_unedkNkAMyg9e2mY4Gp7WwBAeDUOwaSXNz1e6gKohwN4 SAZ5eNyx45Mh8VI4woL1BipLoqrJRoK6dxFkWgHRMuBROcLGUj5Pi OoxybQH_Tom3gAA HTTP/1.1 302 Found Location: https://idp.example.com Include-Referred-Token-Binding-ID: true Browser Token bindings for both TLS connections conveyed

Token Binding for OpenID Connect Utilizes the Include-Referred-Token-Binding-ID header Binds the ID Token to the Token Binding ID the browser uses between itself and the Relying Party Uses token binding hash “tbh” member of the confirmation claim “cnf”

“Demo” Showing a bound: ID Token SSO Session Cookie Relying Party (RP) http://httpbin.org/ Showing a bound: ID Token SSO Session Cookie Relying Party (RP) https://rp.example.io:3000 Identity Provider (IDP) https://idp.example.com Browser

Unauthenticated access request to RP is redirected for SSO

Authentication request to the IDP

ID Token delivered to RP

Authenticated access to RP © 2015 Brian Campbell

“Demo” Finished

OAuth Token Binding Access tokens with referred Token Binding ID Refresh tokens with provided Token Binding ID Authorization codes via PKCE Native app clients Web server clients

The Landscape Three IETF Token Binding specs soon to be RFCs Drafts supported in: Edge, IE, and Chrome (others?) On Google servers since January .NET Framework 4.6 (for server side) Open Source OpenSSL (https://github.com/google/token_bind) Apache (https://github.com/zmartzone/mod_token_binding) NGINX (https://github.com/google/ngx_token_binding) Java (Brian Campbell has mods he plans to submit…) OpenID Connect Token Bound Authentication spec maturing Online Token Binding demo available OAuth 2.0 Token Binding spec also maturing Brian working on spec for TLS terminating reverse proxies

Privacy Considerations Token Binding is not a supercookie or new tracking mechanism Client generates a unique key pair per effective top-level domain + 1 (eTLD+1) E.g., example.com, www.example.com, and etc.example.com share binding but not example.org or example.co.uk Same scoping rules and privacy implications as cookies

Where can I participate & learn more? Online Token Binding Demo https://www.ietf.org/mail-archive/web/unbearable/current/msg01332.html IETF Token Binding mailing list https://www.ietf.org/mailman/listinfo/unbearable IETF OAuth mailing list https://www.ietf.org/mailman/listinfo/oauth OpenID Enhanced Authentication Profile (EAP) mailing list http://lists.openid.net/mailman/listinfo/openid-specs-eap My blog http://self-issued.info/ E-mail me mbj@microsoft.com