1 IETF OAuth Proof-of-Possession Hannes Tschofenig.

Slides:



Advertisements
Similar presentations
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Advertisements

April 23, XKMS Requirements Update Frederick Hirsch, Mike Just April 23, 2002 Goals Requirements Summary –General, Security Last Call Issues –For.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
IETF OAuth Proof-of-Possession
Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Internet Engineering Task Force Provisioning of Symmetric Keys Working Group Hannes Tschofenig.
Cryptography and Network Security Chapter 17
Proposed Documents for JOSE: JSON Web Signature (JWS) JSON Web Encryption (JWE) JSON Web Key (JWK) Mike Jones Standards Architect – Microsoft IETF 82 –
ACE – Design Considerations Corinna Schmitt IETF ACE WG meeting July 23,
Chapter 8 Web Security.
OAuth/UMA for ACE 24 th March 2015 draft-maler-ace-oauth-uma-00.txt Eve Maler, Erik Wahlström, Samuel Erdtman, Hannes Tschofenig.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
OAuth 2.0 Security IETF OAuth WG Conference Call, 14th December 2012.
Diameter End-to-End Security: Keyed Message Digests, Digital Signatures, and Encryption draft-korhonen-dime-e2e-security-00 Jouni Korhonen, Hannes Tschofenig.
OAuth Security Hannes Tschofenig Derek Atkins. State-of-the-Art Design Team work late 2012/early 2013 Results documented in Appendix 3 (Requirements)
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.
SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21,
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.
Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.
(Preliminary) Gap Analysis Hannes Tschofenig. Goal of this Presentation The IETF has developed a number of security technologies that are applicable to.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.
IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig.
Hannes Tschofenig, Blaine Cook. 6/4/2016 IETF #77, SAAG 2 The Problem.
SAML for SIP Hannes Tschofenig, Jon Peterson, James Polk, Douglas Sicker, Marcus Tegnander.
Web Authorization Protocol (oauth) IETF 90, Toronto Chairs: Hannes Tschofenig, Derek Atkins Responsible AD: Kathleen Moriarty Mailing List:
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
Web Services Security INFOSYS 290, Section 3 Web Services: Concepts, Design and Implementation Adam Blum
Security Hannes Tschofenig. Goal for this Meeting Use the next 2 hours to determine what the security consideration section of the OAuth draft(s) should.
Transport Layer Security (TLS) Extensions: Extension Definitions draft-ietf-tls-rfc4366-bis-00.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
OpenID Connect: An Overview Pat Patterson Developer Evangelist Architect
IETF Provisioning of Symmetric Keys (keyprov) WG Update WG Chairs: Phillip Hallam-Baker Hannes Tschofenig Presentation by Mingliang Pei 05/05/2008.
Web Authorization Protocol WG Hannes Tschofenig, Derek Atkins.
Bootstrapping Key Infrastructures
Building Secure Microservices
CAPWAP Threat Analysis
Dr. Michael B. Jones Identity Standards Architect at Microsoft
OAuth WG Conference Call, 11th Jan. 2013
Phil Hunt, Hannes Tschofenig
Chairs: Derek Atkins and Hannes Tschofenig
OAuth Assertion Documents
OAuth2 SCIM Client Registration & Software Statement Exchange
Agenda OAuth WG IETF 87 July, 2013.
BY: SHIVI AGRAWAL ( ) CSE-(6)C
CDS Hooks HL7 WGM Jan 2018 CDS Working Group Tuesday, January 30, 2018
OpenID Connect Working Group
PLUG-N-HARVEST ID: H2020-EU
RFC PASSporT Construction 6.2 Verifier Behavior
The Secure Sockets Layer (SSL) Protocol
OAuth Design Team Call 11th February 2013.
Transport Layer Security (TLS)
OpenID Enhanced Authentication Profile (EAP) Working Group
Rifaat Shekh-Yusef IETF105, OAuth WG, Montreal, Canada 26 July 2019
JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens-02
OpenID Enhanced Authentication Profile (EAP) Working Group
Presentation transcript:

1 IETF OAuth Proof-of-Possession Hannes Tschofenig

2 Status  Finished various specifications, including  OAuth Core: RFC 6749  Bearer Tokens: RFC 6750  Security Threats: RFC 6819  Discussion about an enhancement to Bearer Token security (now called “Proof-of-Possession”) since the early days of the working group.  Design Team work late 2012/early 2013, which lead to requirements, use cases, and solution strawman proposals:  Symmetric Key Solution: draft-ietf-oauth-v2-http-mac-05  Asymmetric Key Solution: draft-tschofenig-oauth-hotk-03  These two documents have now been replaced by others specs.

3 JSON Web Token (JWT)  Standardized version of an access token (and ID Token).  Uses JSON-based encoding + JWE/JWS for encryption/signature + claims.  Described in  WGLC finished  Proof-of-Possession Token extends JWT and embeds either a  Public key (or a fingerprint of it), or  Symmetric key (encrypted)

4 PoP Token: Asymmetric Key Example { "iss":"xas.xboxlive.com", "aud":" "exp":" ", "nbf":" ", "cnf":{ "jwk":{ "kty":"EC", "use":"sig", "crv":"P-256", "x":"18wHLeIgW9wVN6VD1Txgpqy2LszYkMf6J8njVAibvhM", "y":"-V4dS4UaLMgP_4fY4j8ir7cl1TXlFdAgcx55o7TkcSA" } Binds a public key to the access token [Keyed message digest/digital signature omitted.] [Header omitted.]

5 PoP Token: Symmetric Key Example { "alg":"RSA1_5", "enc":"A128CBC-HS256", "cty":"jwk+json" } { "iss": " "sub": " ", "aud": "s6BhdRkqt3", "nonce": "n-0S6_WzA2Mj", "exp": , "iat": , "cnf":{ "jwk": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJB MTI4Q0JDLUhTMjU2IiwiY3R5IjoiandrK... (remainder of JWE omitted for brevity)" } { "kty":"oct", "alg":"HS256", "k":"ZoRSOrFzN_FzUA5XKM YoVHyzff5oRJxl-IXRtztJ6uE" } Binds a symmetric key to the access token

6 I Client Authorization Server Resource Server II III Architecture Relevant document: /

7 I Client Authorization Server Resource Server II III Variants: Key Distribution at Access Token Issuance Key Distribution at Client Registration AS Client Interaction Relevant specifications:

8 Client Authorization Server Resource Server AS Client Interaction Example: Symmetric Key Request access token. I support PoP tokens

9 Client Authorization Server Resource Server AS Client Interaction Example: Symmetric Key AS creates PoP-enabled access token

10 Client Authorization Server Resource Server AS Client Interaction Example: Symmetric Key AS sends access token to Client & symmetric key

11 AS Client Interaction  AS needs to bind a key to the access token.  Key can be an fresh and unique symmetric key, or  (ephemeral) public key  This requires two extensions:  New elements within the JWT to include the (encrypted symmetric key) or the public key. JWT is also integrity protected.  Mechanism for conveying ephemeral key from AS to client and for client to provide directives to AS.  Details: draft-bradley-oauth-pop-key-distribution-00  Transport symmetric key from AS to client.  Transport (ephemeral) asymmetric key from AS to client.  Transport public key from client to AS.  Algorithm indication

12 Dynamic Client Registration  Attempt to simplify developer interaction with AS when they deploy client applications.  Today, developers need to register various parameters (manually), such as  Authentication mechanism & client authentication credentials  Redirect URIs  Grant types  Meta data (client name, client logo, scopes, contact information, etc.)  Also allows meta-data, including public keys, to be uploaded to AS.  Two documents:  draft-ietf-oauth-dyn-reg  draft-ietf-oauth-dyn-reg-metadata  WGLC in progress.

13 I Client Authorization Server Resource Server II III Building Blocks: a)Proof of possession of PoP key b)Message integrity (+ Channel Binding) c)RS-to-client authentication Client RS Interaction Relevant specification :

14 Client Authorization Server Resource Server AS Client Interaction Example: Symmetric Key AS sends access token to Client & Authenticator Authenticator = Keyed Message Digest Computed Over Request.

15 Client Authorization Server Resource Server AS Client Interaction Example: Symmetric Key RS “unwraps” access token and obtains symmetric key. RS verifies authenticator. Shared Long Term Key

16 Channel Binding  Channel bindings bind the application layer security to the underlying channel security mechanism.  Various approaches for providing channel bindings:  PoP public key use in TLS (as described in HOTK draft)  tls-unique: TLS Finish message  tls-server-end-point: hash of the TLS server's certificate:  Currently, no channel bindings described in  Be aware: Recently, new attacks have been identified with TLS-based channel bindings, see

17 ` I Client Authorization Server Resource Server II III Variants: a) Token introspection b) Out-of-band RS AS Interaction [optional] Relevant specification:

18 Next Steps  Good time to review through the PoP specification bundle is now  Provide feedback  Ask questions  Re-chartering to include documents in the milestone list.  Implementation activities to see what works and what doesn’t.  Various open issues to resolve.  Planning to schedule OAuth WG conference calls

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.