HTML5离线身份验证 [英] HTML5 offline authentication

问题描述

我正在寻求关于如何最好地控制主要使用离线的HTML5应用程序的访问权的建议/批评。

该应用程序使用IndexedDB的组合，本地和会话存储以存储数据，以便可以脱机使用。数据/页面通过HTTPS提供。

目的是最大限度地降低平板电脑/ PC丢失/被盗时数据被查看的风险。

目前，如果用户能够成功向服务器进行身份验证，应用程序将使用Stanford Javascript Crypto库加密用户/密码，然后将其保存到本地存储。如果应用程序随后脱机，则用户必须对本地存储中的加密用户/密码进行本地身份验证。

此外，会话中存储未加密的用户/密码存储，如果用户能够成功验证服务器。这是为了使应用程序可以定期尝试重新建立与服务器的联系并无缝地重新进行身份验证，而无需用户重新输入其凭据。

我知道有关客户端加密错误的一些帖子/讨论，请参阅 http://www.matasano。 com / articles / javascript-cryptography / 和 http：// rdist.root.org/2010/11/29/final-post-on-javascript-crypto/ 和.nczonline.net / blog / 2010/04/13 /朝向更安全 - 客户端 - 数据存储/ +其他。但是我不确定这些参数在这种情况下是如何适用的。

我正在寻找批评这种方法，因为需要离线存储数据。如果有更好的方法请详细说明。

谢谢

解决方案

身份验证与安全存储

我将从一个重大的设计问题开始：你好像处理这个问题，好像它是关于身份验证，其中（可能是恶意的）用户需要向您的申请证明她确实是有效的用户。但实际上您遇到了存储问题，因为如果计算设备被盗，整个运行时环境（包含您的应用程序正在使用的所有敏感信息）都在攻击者的手中。在javascript应用程序的情况下，离线数据和代码的分析比一些仅二进制代码的情况更加舒适。

例如，如果我想要攻击您的应用程序我首先会查看会话存储（cookies？只需使用浏览器界面查找它们），看看我是否可以在那里找到用户名和密码。如果不是，我会遵循用于解密本地存储中的密码的代码（可能使用javascript调试器）。您描述应用程序的方式似乎函数可以在没有用户提供的密钥的情况下解密它。也许我可以通过将 if（authenticateUser（））更改为 if if（true）。

所以你真正要做的就是用一个根本没有存储在客户端的密钥来加密所有敏感的本地数据。例如，每次访问您的应用程序时都要求用户提供解密密钥，使用该密钥解密本地存储的数据（并加密您存储的每个新数据），并且在一段时间不活动后将密钥丢弃。或者，您可以在每次访问应用程序时对服务器进行身份验证，并从那里检索解密密钥，并在一段时间不活动后将其丢弃。

此处指出javascript环境的选择确实妨碍了你的原因，因为你不能强迫运行时环境在你希望它消失时丢弃解密密钥。即使是C应用程序也很困难，因为你必须小心翼翼地将RAM交换到硬盘上。根据您的应用程序使用的信息的敏感程度，可能足以要求用户在完成后关闭浏览器并假设攻击者没有足够的动力在浏览器的交换RAM中查找密钥。 / p>

本地保存登录数据

因为它是您使用的最敏感信息，所以您永远不应该存储用户客户端上的登录信息。而是对服务器进行一次身份验证，并从中检索身份验证令牌以供将来进行交互。这基本上与会话cookie相同，并且在一段时间后过期（如果它根本没有过期，那么它与密码一样好）。

I am looking for advice/criticism on how best to control access to an HTML5 application that is used predominantly offline.

The application uses a combination of IndexedDB, local and session storage to store data so that it can be used offline. The data/pages are served via HTTPS.

The aim is to minimise the risk of the data being viewed if the tablet/PC was lost/stolen.

Currently the application uses the Stanford Javascript Crypto library to encrypt the user/password and then save it to local storage if the user is able to successfully authenticate to the server. If the application then goes offline a user must authenticate 'locally' against the encrypted user/password in local storage.

In addition an unencrypted user/password is stored in the session storage if the user is able to successfully authenticate to the server. This is used so that the application can periodically attempt to re-establish contact with the server and 'seemlessly' re-authenticate without requiring the user to re-enter their credentials.

I am aware of a number of posts/discussions about the fallibility of client side encryption refer http://www.matasano.com/articles/javascript-cryptography/ and http://rdist.root.org/2010/11/29/final-post-on-javascript-crypto/ and .nczonline.net/blog/2010/04/13/towards-more-secure-client-side-data-storage/ + others. However I am unsure how these arguments apply in this scenario.

I am looking for criticism of the approach given the need of storing data offline. If there is a better approach please elaborate.

Thanks

解决方案

Authentication vs. secure storage

I'll start with the big design issue: You seem to work with the problem as if it is about authentication, where the (potentially malign) user needs to prove to your application that she really is valid user. But actually you are facing a storage problem, because the whole runtime environment, containing all the sensitive information your application is working with, is in the hand of the attacker if the computing device is stolen. In the case of a javascript application the analysis of the offline data and code is even more comfortable than in the case of some binary only code.

For example if I would want to attack your application I would first look into the session storage (cookies? Simply use the browser interface to look them up) and see if I can find the username and password there. If not I would follow the code that is used to decrypt the password in the local storage (probably using a javascript debugger). The way you have described your application it seems like the functions can decrypt it without a key supplied by the user. Maybe I can just comment out the local authentication of the user by changing something like if(authenticateUser()) to if(true).

So what you really have to do is encrypt all sensitive, local data with a key that is not stored on the client side at all. For example ask the user for a decryption key every time he accesses your application, use that key to decrypt the locally stored data (and encrypt every new data you store) and throw the key away after a certain time of inactivity. Or you can authenticate the user against the server every time he accesses your application and retrieve the decryption key from there and throw it away after a certain time of inactivity.

At this point the choice of a javascript environment really hampers your cause as you cannot force the runtime environment to throw away the decryption key when you want it gone. It is difficult enough with C applications even, as you have to carefully work around swapping the RAM out onto the HDD. Depending on how sensitive the information your application works with is it might be enough to ask the user to close the browser after she is finished and assume that an attacker is not motivated enough to look for the key in swapped out RAM of the browser.

Locally saving the login data

As it is the most sensitive information you work with you should never store the user login information on the client. Instead authenticate against the server once and retrieve an authentication token from it for future interactions. This would be basically identical to a session cookie and expires after some time (if it does not expire at all it is as good as the password).

这篇关于HTML5离线身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！