client side secure storage
TRANSCRIPT
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Client Side Secure StorageScalability for free
Dominik Gatjens
Computer Science and MediaHochschule der Medien, Stuttgart
27. January 2012
Dominik Gatjens Client Side Secure Storage 1 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Agenda
1 Why Client Side Storage?Sessions are a workaroundSessions scale very badScaling at no cost
2 Where to store?Client Side CapabilitiesTransmission PerformanceClient Side Scaling
3 How to store secure?Encrypt DataSignaturesMessage Authentication Codes
4 ConclusionConclusion
Dominik Gatjens Client Side Secure Storage 2 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Sessions are a workaroundSessions scale very badScaling at no cost
Agenda
1 Why Client Side Storage?Sessions are a workaroundSessions scale very badScaling at no cost
2 Where to store?Client Side CapabilitiesTransmission PerformanceClient Side Scaling
3 How to store secure?Encrypt DataSignaturesMessage Authentication Codes
4 ConclusionConclusion
Dominik Gatjens Client Side Secure Storage 3 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Sessions are a workaroundSessions scale very badScaling at no cost
HTTP is stateless
”HTTP is a stateless protocol. A stateless protocol does notrequire the server to retain information or status about eachuser for the duration of multiple requests.”
– Wikipedia –
Dominik Gatjens Client Side Secure Storage 4 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Sessions are a workaroundSessions scale very badScaling at no cost
HTTP Sessions are a Workaround, arent they?
HTTP is build on a stateless approach
no connection indicatorwhen does a session start? when does it end?⇒ sessions can only be closed by timeout
Every open session consumes memory
Dominik Gatjens Client Side Secure Storage 5 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Sessions are a workaroundSessions scale very badScaling at no cost
Server Side State
Server
Memory
Session A
Session BSession C
Client D
Client C
Client B
Client A
Dominik Gatjens Client Side Secure Storage 6 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Sessions are a workaroundSessions scale very badScaling at no cost
Sessions scale very bad
No simple adding of machines
You have to guarantee that one user always lands on the samemachine
Or you have to implement a complex multi-machine sessionstorage
Dominik Gatjens Client Side Secure Storage 7 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Sessions are a workaroundSessions scale very badScaling at no cost
Scaling at no cost
Build your webserver like a webservice:
The client brings the data
The server application consists of several independet functions
Functions are without side effects
so you get an easy stateless webserver which you can simply upgradethrough adding machines
Dominik Gatjens Client Side Secure Storage 8 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Client Side CapabilitiesTransmission PerformanceClient Side Scaling
Agenda
1 Why Client Side Storage?Sessions are a workaroundSessions scale very badScaling at no cost
2 Where to store?Client Side CapabilitiesTransmission PerformanceClient Side Scaling
3 How to store secure?Encrypt DataSignaturesMessage Authentication Codes
4 ConclusionConclusion
Dominik Gatjens Client Side Secure Storage 9 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Client Side CapabilitiesTransmission PerformanceClient Side Scaling
Client Side Capabilities
Cookies
RFC 2965: min. 20 Cookies a 4kb = 80kb pro DomainFirefox 2,3 and IE7 supports 50 cookies a 4kb = 200kbFlash-Cookies unlimited storage
HTML-Markup e.g.hidden fields
Javascript-RAM
HTML5 Storage
Dominik Gatjens Client Side Secure Storage 10 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Client Side CapabilitiesTransmission PerformanceClient Side Scaling
Transmission Performance
76 ms 82 ms 112 ms
145 ms
209 ms
297 ms
598 ms
935 ms
ms
100 ms
200 ms
300 ms
400 ms
500 ms
600 ms
700 ms
800 ms
900 ms
1000 ms
1 kB 2 kB 8 kB 16 kB 32 kB 128 kB 512 kB 1024 kB
Typical Roundtrip Times
100BaseT 1msWLAN 10msDSL-6000 40msDSL-2000 55msISDN 200ms
Dominik Gatjens Client Side Secure Storage 11 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Client Side CapabilitiesTransmission PerformanceClient Side Scaling
Client Side State
Server
Memory
Client D
Client CSession C
Client BSession B
Client ASession A
Session D
Dominik Gatjens Client Side Secure Storage 12 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Client Side CapabilitiesTransmission PerformanceClient Side Scaling
Client Side State
Server
Client Check integrity
Method
Method
Method
MethodState Data
Dominik Gatjens Client Side Secure Storage 13 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Encrypt DataSignaturesMessage Authentication Codes
Agenda
1 Why Client Side Storage?Sessions are a workaroundSessions scale very badScaling at no cost
2 Where to store?Client Side CapabilitiesTransmission PerformanceClient Side Scaling
3 How to store secure?Encrypt DataSignaturesMessage Authentication Codes
4 ConclusionConclusion
Dominik Gatjens Client Side Secure Storage 14 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Encrypt DataSignaturesMessage Authentication Codes
Encrypt Data
Client can’t manipulate encrypted data without knowledge ofencryption-key
but Client can’t even read encrypted data without encryption-key
Security is the same as the use Encryption-Algorithm and Key
Dominik Gatjens Client Side Secure Storage 15 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Encrypt DataSignaturesMessage Authentication Codes
Signature
Don’t crypt data, just sign them
Most Webserver have SSL-Certificates
Use your private key to sign client-saveed data
Dominik Gatjens Client Side Secure Storage 16 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Encrypt DataSignaturesMessage Authentication Codes
Signature
1000 Samples with DSA
0
1
2
3
4
5
6
7
512 B 1 KB 4 KB 1MB
DSA Sign
DSA Verify
Complexity independentfrom Datasize
Verrification consumes a lotof CPU-Time
Dominik Gatjens Client Side Secure Storage 17 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Encrypt DataSignaturesMessage Authentication Codes
HMAC
HMAC = Keyed-Hash Message Authentication Codea cryptographic secure message authentication
hmac = H(K ⊕ opad,H(K ⊕ ipad, text))
K = Key
B = Blocksize
opad = 0x5C repeatedB times
ipad = 0x36 repeatedB times
Popular cryptographic functions are SHA1 and MD5
Dominik Gatjens Client Side Secure Storage 18 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Encrypt DataSignaturesMessage Authentication Codes
MD5 vs. SHA1
MD5 is faster than SHA1, isn’t it?
Digest Perfomance in MegaBytes per Second 1
Pentium P5 90MHz Power Mac 80MHz SPARC 4 110 MHzMD5 13.1 3.1 5.1SHA1 2.5 1.2 2.0
1Bob Baldwin, RSA Data Security Inc. (1996)Dominik Gatjens Client Side Secure Storage 19 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Encrypt DataSignaturesMessage Authentication Codes
HMAC Perfomance
1000 Samples with HMAC-SHA1 and HMAC-MD5
0
0,02
0,04
0,06
0,08
0,1
0,12
512 B 1 KB 4 KB 1MB
SHA-1
MD5
Dominik Gatjens Client Side Secure Storage 20 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Encrypt DataSignaturesMessage Authentication Codes
HMAC Perfomance
1000 Samples with HMAC-SHA1 and DSA
0
1
2
3
4
5
6
7
8
9
10
512 B 1 KB 4 KB 1MB
HMAC_SHA1
DSA Signatur
Dominik Gatjens Client Side Secure Storage 21 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Conclusion
Agenda
1 Why Client Side Storage?Sessions are a workaroundSessions scale very badScaling at no cost
2 Where to store?Client Side CapabilitiesTransmission PerformanceClient Side Scaling
3 How to store secure?Encrypt DataSignaturesMessage Authentication Codes
4 ConclusionConclusion
Dominik Gatjens Client Side Secure Storage 22 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Conclusion
Conclusion
Don’t store Information in the server session if there is any chancethat you have to scale
Compute HMAC-SHA1 over data that shouldn’t be alterted bythe client
If your Datasize is low use Cookies
If your Datasize is medium use Cookies but be sure they wont betransmitted with every request
If your Datasize is high youse signed HTML5-Storage or flashcookies
Cryptographic Client Side Storage as secure asHTTP-Sessions
Dominik Gatjens Client Side Secure Storage 23 of 24
Why Client Side Storage?Where to store?
How to store secure?Conclusion
Conclusion
The End
Keep your state less
Further questions or discussion? Contact me at:
E-Mail: [email protected]
Xing: http://xing.to/gaetjens
Dominik Gatjens Client Side Secure Storage 24 of 24