From user-return-18774-apmail-couchdb-user-archive=couchdb.apache.org@couchdb.apache.org Wed Nov 9 22:42:16 2011 Return-Path: X-Original-To: apmail-couchdb-user-archive@www.apache.org Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 4AEFB70DE for ; Wed, 9 Nov 2011 22:42:16 +0000 (UTC) Received: (qmail 63189 invoked by uid 500); 9 Nov 2011 22:42:14 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 63146 invoked by uid 500); 9 Nov 2011 22:42:14 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 63138 invoked by uid 99); 9 Nov 2011 22:42:14 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 09 Nov 2011 22:42:14 +0000 X-ASF-Spam-Status: No, hits=-0.1 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_MED,SPF_PASS,URIBL_DBL_REDIR X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: local policy) Received: from [128.18.84.114] (HELO mailgate-internal4.sri.com) (128.18.84.114) by apache.org (qpsmtpd/0.29) with SMTP; Wed, 09 Nov 2011 22:42:04 +0000 Received: from brightmail-internal2.sri.com (128.18.84.122) by mailgate-internal4.sri.com with SMTP; 9 Nov 2011 22:41:41 -0000 X-AuditID: 8012547a-b7ccaae000000cc8-cb-4ebb01a5c0d6 Received: from mars.esd.sri.com (mars.esd.sri.com [128.18.26.200]) by brightmail-internal2.sri.com (Symantec Brightmail Gateway) with SMTP id 30.FC.03272.5A10BBE4; Wed, 9 Nov 2011 14:41:41 -0800 (PST) MIME-version: 1.0 Received: from [192.12.16.233] by mars.esd.sri.com (Sun Java(tm) System Messaging Server 6.3-8.05 (built Sep 1 2009; 64bit)) with ESMTPSA id <0LUF00DXP0DCVP60@mars.esd.sri.com> for user@couchdb.apache.org; Wed, 09 Nov 2011 14:41:36 -0800 (PST) From: Jim Klo Content-type: multipart/signed; boundary=Apple-Mail-34--1026082183; protocol="application/pkcs7-signature"; micalg=sha1 Subject: Re: Handling encryption keys in a disconnected environment Date: Wed, 09 Nov 2011 14:41:41 -0800 In-reply-to: To: user@couchdb.apache.org References: Message-id: X-Mailer: Apple Mail (2.1084) X-Brightmail-Tracker: AAAAAA== X-Virus-Checked: Checked by ClamAV on apache.org --Apple-Mail-34--1026082183 Content-Type: multipart/alternative; boundary=Apple-Mail-33--1026082214 --Apple-Mail-33--1026082214 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=windows-1252 While not specifically CouchDB related, currently there just is not a = good way to deal with this natively in the browser, unless you're using = x509 certificates that can be stored in the local device keystore. You = should NEVER transmit a private key across the internet. Exposing any = kind of private key material into the web client is just not a good = idea. I'd suggest using the tag to generate a client = certificate which the public portion could be countersigned by the = remote certificate. If there is a way for the local client app to = verify the counter-signature. You could then operate only with this = client cert when disconnected. There's an example of this sort of = workflow here for generating and installing a ert like this here: = http://goo.gl/PrxTr=20 If you can generate the keys locally and distribute the public key to = the remote service... which countersigns and and sends the certificate = back to be installed on the client. You should theoretically be able to = store everything encrypted locally with the same private key which never = left the client. The trick is going to be using the private key to = decrypt the local data when disconnected, AFAIK this is typically = handled by the browser not by the web app. I'd also advise against using any JS-crypto solution, as the algorithms = can be compromised via a XSS scripting attack unless your client can = sandbox and secure the algorithms somehow. There is actually a W3C Web Cryptography working group that is in the = process of being chartered this month to work out this very issue: = http://www.w3.org/wiki/IdentityCharter Jim Klo Senior Software Engineer Center for Software Engineering SRI International On Nov 9, 2011, at 1:13 PM, Jens Alfke wrote: >=20 > On Nov 9, 2011, at 9:58 AM, Jay Zamboni wrote: >=20 > we want the client application to be able to decrypt data > even when it cannot connect to the server. This seems to force us to = store > the decryption key on the client with the encrypted data. Storing the = key > locally seriously weakens our security so we would want to at least = encrypt > the stored key with the users password(+salt). >=20 > Is this a pure web-app or will it have native components? iOS has APIs = for storing secrets like keys in a secure encrypted =93keychain=94. I=92m = sure Android has a similar feature. (Even if you=92re going to use a = wrapper like PhoneGap to package your app for mobile devices, then = that=92s likely to have JavaScript bindings for those APIs.) >=20 > Encrypt key using session id and store in couch > As the user goes from page to page we would use the session id to load = the > encryption key. When the user logs out or the session times out, the > session id should not exist anywhere. >=20 > I don=92t know the implementation details of how CouchDB tracks = sessions, but if it stores the currently active session IDs on disk, = then this won=92t be secure, as an attacker can look at the server=92s = files and locate both the session key and the server key that was = encrypted with it. >=20 > =97Jens --Apple-Mail-33--1026082214 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=windows-1252 http://goo.gl/PrxTr 

<= /div>
If you can generate the keys locally and distribute the public = key to the remote service... which countersigns and and sends the = certificate back to be installed on the client.  You should = theoretically be able to store everything encrypted locally with the = same private key which never left the client.  The trick is going = to be using the private key to decrypt the local data when disconnected, = AFAIK this is typically handled by the browser not by the web = app.

I'd also advise against using any = JS-crypto solution, as the algorithms can be compromised via a XSS = scripting attack unless your client can sandbox and secure the = algorithms somehow.

There is actually a W3C Web = Cryptography working group that is in the process of being chartered = this month to work out this very issue: http://www.w3.org/wiki/Ide= ntityCharter

Jim Klo
Senior Software Engineer
Center for Software Engineering
SRI = International




On Nov 9, 2011, at 1:13 PM, Jens Alfke wrote:


On = Nov 9, 2011, at 9:58 AM, Jay Zamboni wrote:

we want the client = application to be able to decrypt data
even when it cannot connect to = the server.  This seems to force us to store
the decryption key = on the client with the encrypted data.  Storing the key
locally = seriously weakens our security so we would want to at least = encrypt
the stored key with the users password(+salt).

Is this = a pure web-app or will it have native components? iOS has APIs for = storing secrets like keys in a secure encrypted =93keychain=94. I=92m = sure Android has a similar feature. (Even if you=92re going to use a = wrapper like PhoneGap to package your app for mobile devices, then = that=92s likely to have JavaScript bindings for those APIs.)

=           Encrypt key = using session id and store in couch
As the user goes from page to = page we would use the session id to load the
encryption key. =  When the user logs out or the session times out, the
session id = should not exist anywhere.

I don=92t know the implementation = details of how CouchDB tracks sessions, but if it stores the currently = active session IDs on disk, then this won=92t be secure, as an attacker = can look at the server=92s files and locate both the session key and the = server key that was encrypted with = it.

=97Jens

= --Apple-Mail-33--1026082214-- --Apple-Mail-34--1026082183 Content-Disposition: attachment; filename=smime.p7s Content-Type: application/pkcs7-signature; name=smime.p7s Content-Transfer-Encoding: base64 MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJ/zCCBO0w ggRWoAMCAQICEBZ7jcIF++u6rxPdCkJYyG0wDQYJKoZIhvcNAQEFBQAwgdgxCzAJBgNVBAYTAlVT MRowGAYDVQQKExFTUkkgSW50ZXJuYXRpb25hbDEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0 d29yazE7MDkGA1UECxMyVGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9y cGEgKGMpMDIxMDAuBgNVBAsTJ0NsYXNzIDIgT25TaXRlIEluZGl2aWR1YWwgU3Vic2NyaWJlciBD QTEdMBsGA1UEAxMUU1JJIEludGVybmF0aW9uYWwgQ0EwHhcNMTEwMTE3MDAwMDAwWhcNMTIwMTE3 MjM1OTU5WjCBwjEaMBgGA1UEChQRU1JJIEludGVybmF0aW9uYWwxKDAmBgNVBAsUH0luZm9ybWF0 aW9uIFRlY2hub2xvZ3kgU2VydmljZXMxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3Np dG9yeS9DUFMgSW5jb3JwLiBieSBSZWYuLExJQUIuTFREKGMpOTkxEjAQBgNVBAMTCUphbWVzIEts bzEeMBwGCSqGSIb3DQEJARYPamltLmtsb0BzcmkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A MIIBCgKCAQEA7X0QQ3Ag7/cRBwEgKfDEaOgXLwvnLhzmgY1bon3wSEK/ezUhlPhw8X/O4krsRp9v GKHAS5Z29ix+6B+PHJI3aptqCfaCT3ffu6MWFIyAhNaFNdvRBy8MhsD5lvjRffA7oysddhLWJ9AV madJBXjf0Fl+qoS/q0MbjsZSrQHeizYcv91SxcsWovgM6XoY87v0o7tHzUBWEr6jEOrvz50XKB8m pytqWAR8zLkp0NmsdgNk/PX6yXA3T4rPS690WOV3EDGK8pum2DIG7B319/lVeFQPdKdjNGpSivVt GXtT1W/KtpzW8Olmkn1sprupVOZXsKLU/MFXYPoFdR4pXoYViwIDAQABo4IBRjCCAUIwCQYDVR0T BAIwADCBrAYDVR0gBIGkMIGhMIGeBgtghkgBhvhFAQcXAjCBjjAoBggrBgEFBQcCARYcaHR0cHM6 Ly93d3cudmVyaXNpZ24uY29tL0NQUzBiBggrBgEFBQcCAjBWMBUWDlZlcmlTaWduLCBJbmMuMAMC AQEaPVZlcmlTaWduJ3MgQ1BTIGluY29ycC4gYnkgcmVmZXJlbmNlIGxpYWIuIGx0ZC4gKGMpOTcg VmVyaVNpZ24wCwYDVR0PBAQDAgWgMBEGCWCGSAGG+EIBAQQEAwIHgDBmBgNVHR8EXzBdMFugWaBX hlVodHRwOi8vb25zaXRlY3JsLnZlcmlzaWduLmNvbS9TUklJbnRlcm5hdGlvbmFsSW5mb3JtYXRp b25UZWNobm9sb2d5U2VydmljZXMvTGF0ZXN0Q1JMMA0GCSqGSIb3DQEBBQUAA4GBACf3MlYS4ssw EUnHTKP+v6xeJSPicFWwgYzS0iBOsuCpgUTTOSxPSPBwFNxY/plPMikXkK6rTGiIQUFXK59uqPV+ /1xXFpqvvt9/c0CqQDr8EfbbycaFyN8FaXQNV0gaqXDr/m4X2GZovm85T3osCKWzIijQzmr9xrQK 5yjpnTt3MIIFCjCCBHOgAwIBAgIQdRD9LNvKRXBSboyDbAKnbDANBgkqhkiG9w0BAQUFADCBwTEL MAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTwwOgYDVQQLEzNDbGFzcyAyIFB1 YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzIxOjA4BgNVBAsTMShjKSAx OTk4IFZlcmlTaWduLCBJbmMuIC0gRm9yIGF1dGhvcml6ZWQgdXNlIG9ubHkxHzAdBgNVBAsTFlZl cmlTaWduIFRydXN0IE5ldHdvcmswHhcNMDIwOTIzMDAwMDAwWhcNMTIwOTIyMjM1OTU5WjCB2DEL MAkGA1UEBhMCVVMxGjAYBgNVBAoTEVNSSSBJbnRlcm5hdGlvbmFsMR8wHQYDVQQLExZWZXJpU2ln biBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cudmVy aXNpZ24uY29tL3JwYSAoYykwMjEwMC4GA1UECxMnQ2xhc3MgMiBPblNpdGUgSW5kaXZpZHVhbCBT dWJzY3JpYmVyIENBMR0wGwYDVQQDExRTUkkgSW50ZXJuYXRpb25hbCBDQTCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAzvnUwmuZmBSSAFVb0qoC0hhUL1a6f+AIHw5UpxW5oRTjsDtUzsCa+6Yg GvKUlisrnI/tPZFrupvHVNQjRj05fhHiABFinwlnCA7J80x3gZlBMwHrgoKYribJ1GTVmc1R0FmA B4KYzBeZjJZiNpqLEsEb0ORdzJYb2/UZazjL/fkCAwEAAaOCAegwggHkMBIGA1UdEwEB/wQIMAYB Af8CAQAwRAYDVR0gBD0wOzA5BgtghkgBhvhFAQcXAjAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3 dy52ZXJpc2lnbi5jb20vcnBhMDQGA1UdHwQtMCswKaAnoCWGI2h0dHA6Ly9jcmwudmVyaXNpZ24u Y29tL3BjYTItZzIuY3JsMAsGA1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAQYwKAYDVR0RBCEw H6QdMBsxGTAXBgNVBAMTEFByaXZhdGVMYWJlbDItODIwHQYDVR0OBBYEFC1OfgnwbUVBEaxx2j87 9iZKf2RkMIHoBgNVHSMEgeAwgd2hgcekgcQwgcExCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJp U2lnbiwgSW5jLjE8MDoGA1UECxMzQ2xhc3MgMiBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZpY2F0aW9u IEF1dGhvcml0eSAtIEcyMTowOAYDVQQLEzEoYykgMTk5OCBWZXJpU2lnbiwgSW5jLiAtIEZvciBh dXRob3JpemVkIHVzZSBvbmx5MR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrghEAuS9g zIifoXpGCbhbcGyKrzANBgkqhkiG9w0BAQUFAAOBgQAowFJw4GZ/4dbI1ncxPAvPGrV/aIB5Z8mZ e9tmn/CH+OcKSVI02h/Q5qbUD+P2hWMW3hBaQeCUG/YMWDgUXXEQKSeZYVGLpGdxkSAzV8VOQLIG JX3/1Lo4oo067Z8qZ0NLf6IH2SzZDEcDuFHGuc5Z0OM3Cghvwo6OX1oO37MiszGCBHswggR3AgEB MIHtMIHYMQswCQYDVQQGEwJVUzEaMBgGA1UEChMRU1JJIEludGVybmF0aW9uYWwxHzAdBgNVBAsT FlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOzA5BgNVBAsTMlRlcm1zIG9mIHVzZSBhdCBodHRwczov L3d3dy52ZXJpc2lnbi5jb20vcnBhIChjKTAyMTAwLgYDVQQLEydDbGFzcyAyIE9uU2l0ZSBJbmRp dmlkdWFsIFN1YnNjcmliZXIgQ0ExHTAbBgNVBAMTFFNSSSBJbnRlcm5hdGlvbmFsIENBAhAWe43C Bfvruq8T3QpCWMhtMAkGBSsOAwIaBQCgggJiMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJ KoZIhvcNAQkFMQ8XDTExMTEwOTIyNDE0MVowIwYJKoZIhvcNAQkEMRYEFK3RuKGhlJyaPsyyrTJ7 T/RbjPP1MIH+BgkrBgEEAYI3EAQxgfAwge0wgdgxCzAJBgNVBAYTAlVTMRowGAYDVQQKExFTUkkg SW50ZXJuYXRpb25hbDEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE7MDkGA1UECxMy VGVybXMgb2YgdXNlIGF0IGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEgKGMpMDIxMDAuBgNV BAsTJ0NsYXNzIDIgT25TaXRlIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQTEdMBsGA1UEAxMUU1JJ IEludGVybmF0aW9uYWwgQ0ECEBZ7jcIF++u6rxPdCkJYyG0wggEABgsqhkiG9w0BCRACCzGB8KCB 7TCB2DELMAkGA1UEBhMCVVMxGjAYBgNVBAoTEVNSSSBJbnRlcm5hdGlvbmFsMR8wHQYDVQQLExZW ZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93 d3cudmVyaXNpZ24uY29tL3JwYSAoYykwMjEwMC4GA1UECxMnQ2xhc3MgMiBPblNpdGUgSW5kaXZp ZHVhbCBTdWJzY3JpYmVyIENBMR0wGwYDVQQDExRTUkkgSW50ZXJuYXRpb25hbCBDQQIQFnuNwgX7 67qvE90KQljIbTANBgkqhkiG9w0BAQEFAASCAQBSemHuLIRE6FvJThuuVmpWBXuSkv+9VNQsKtap tqStZ+pbxpu8nFYoTFRWiVY6cmn0sSeDvYpj3xRQldjR7xq/MQxd+UCgQHWpzXXuSQbb8S9d771z Ts5e9OTxqfwDHjmSuRvwfJbTkSfB0x8qmERHuUogLqfAJDNo3+wJZG8SNbzYp5mOUsecDsZ1li+h dhzpD2Gr9DygeKeDzOfcXOoXgEfgRWE+2bHiKn+/Ir2PPOwF+Ieq1Ph2uqE0leakW4UMjvfLZQGI MkLxEeGXgpzT03Tl9TttE4MV1my/u5Z4FtmbrH+jpUGBlMcub7VrmkrpreCahrn6gA+6RBmkSHR0 AAAAAAAA --Apple-Mail-34--1026082183--