使用HMAC-SHA1进行API认证 - 如何安全地存储客户端密码? [英] Using HMAC-SHA1 for API authentication - how to store the client password securely?
问题描述
在使用 S3风格身份验证的RESTful API中,API客户端使用HMAC-SHA1用秘密密钥对请求进行签名,所以秘密密钥永远不会通过电线传输。
然后,服务器通过使用该客户端的密钥对客户端进行身份验证,重复签名过程本身,并将结果与客户端发送的签名进行比较。
In a RESTful API that uses S3-style authentication, the API client signs the request with his secret key using HMAC-SHA1, so the secret key is never transmitted over the wire. The server then authenticates the client by using that client's secret key to repeat the signature process itself and compare the result to the signature transmitted by the client.
是好的和好的,但这意味着服务器需要访问客户端的共享秘密的明文。面对所有的建议,那里就是将数据库中的用户密码存储在清晰的内部。只能存储密码的盐渍哈希不是我可以告诉的 - 因为那时我无法验证客户端的签名。
This is all nice and good but it means the the server requires access to the plaintext of the client's shared secret. That flies in the face of all the advice out there against storing user passwords in the clear inside your database. Storing only the salted hash of the password is not an option as far as I can tell - because then I can't verify the client's signature.
我应该强调我的API是RESTful的,因此应该是无状态的:我宁愿在其他API调用之前避免登录步骤。
I should stress that my API is RESTful and thus should be stateless: I'd rather avoid a login step prior to other API calls.
一个可选解决方案是使用一些对称加密所有用户密码关键算法。然而,服务器将不得不将密钥存储在易于访问的 之类的位置。里面的源代码。这不仅仅是一个最好的解决办法(就像他的答案中提到的@Rook,它违反了CWE-257)。
One optional solution is to encrypt all user passwords using some symmetric key algorithm. However, the server would have to store the key to that encryption somewhere easily accessible, e.g. inside the source code. This is better than nothing but not an optimal solution (as @Rook mentioned in his answer, it violates CWE-257).
解决方案的另一个方向可能是不对称签名,但我无法弄清楚如何将其应用于HMAC,并且找不到任何关于该主题的文章。
Another direction for a solution could be something around asymmetric signatures, but I can't figure out how to apply that to the HMAC, and can't find any articles on the subject.
我在这里缺少一些明显的东西?许多有尊重的提供者已经实施了这种认证方案 - 它们不能全部违反常见的安全原则,可以吗?
如果没有,有没有可以分享的最佳做法?
Am I missing something obvious here? Many respectable providers have implemented this kind of authentication scheme - they can't all be violating common security principles, can they? If not, are there any best practices that you can share?
推荐答案
这是对称密钥的缺点挑战 - 反应风格认证 - 你不把秘密放在电线上,但你必须在两端存储秘密。 (HMAC是对称密钥系统)。
This is the downside of symmetric-key challenge-response style authentication - you don't put the secret on the wire, but you have to store the secret at both ends. (HMACs are symmetric key systems).
注意,这不是密码,它是一个共享密钥。这里有一个根本的区别 - 密码通常由用户选择,而共享密钥是随机生成的,并提供给用户(在这种情况下,它们通常称为API密钥)。
Note though that it's not a password - it's a shared secret. There's a fundamental difference here - a password is generally chosen by the user, whereas a shared secret is generated randomly and provided to the user (they're often called "API keys", in this context).
以可逆格式存储密码是不好的,因为如果您的数据库遭到入侵,则攻击者已经获得了可能(也许已经被)在其他地方使用的密码。另一方面,存储共享的秘密并不是一个问题 - 这是您的服务特有的秘密,所有的攻击者都能够登录到您的服务。
Storing passwords in a reversible format is bad, because if your database is compromised, then the attackers have obtained passwords that might (and probably have been) used elsewhere. Storing a shared secret, on the other hand, is not such a problem - the secret it's specific to your service, so all the attackers have gained is the ability to log in to your service.
另一方面,它可能具有不必在服务器端存储秘密的非对称系统。基本思想是服务器知道客户端的公钥和当前的消息序列号。当发送API请求时,客户端递增消息序列号,并通过序列号和API请求参数计算签名,服务器可以使用公钥进行验证。如果服务器包含一条消息序列号,则会拒绝该消息,以防止重播攻击。
On the other hand, it is possible to have an asymmetric system that doesn't have to store a secret at the server side. The basic idea is that the server knows the client's public key and current message sequence number. When sending an API request, the client increments the message sequence number and calculates a signature over the sequence number and the API request parameters, which the server can verify using the public key. The server rejects a message if it contains an old message sequence number, to prevent replay attacks.
这篇关于使用HMAC-SHA1进行API认证 - 如何安全地存储客户端密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
