![]() Maintaining a server-side session state is a common pattern in web applications. Maintaining client-side session state vs. When decoded, it's just a simple text value. Sample JWT token: 1m_2VRlu1biCWoDYv_XYb2DV30ax9v4arZVhdEzfs JWT tokens also have an expiry time, making them useful for access control, similar to using X.509 certificates. JWT's strength is basically that the claims can be signed by a trusted party attesting to the session data but it is not designed for concealing secrets. However, beware not to put any sensitive data in JWT claims as the JWT are only encoded with base64. So any changes can be cryptographically detected. JWT has a built-in mechanism to sign the claims (key-value pair with user or session data) using public-key cryptography. Here's a reference to Go's Nacl/secretbox package and Python's Nacl library.Īnother alternative for tamperproof session data is using JWT. The cool thing about secretbox is that the nonce used during encryption can also be used as a CSRF token, binding both the session value and CSRF token into one single authenticated session without the hassle of maintaining a different state for CSRF. Nacl/secretbox supports authenticated encryption, making it suitable for concealing and tamperproofing session data. ![]() The two solutions I would recommend here are Nacl/secret box and JWT. Either maintain a server-side state and check the integrity of session values in each request, or use cryptographic signatures to ensure the data integrity. There are two possible ways to make the session value tamperproof. Otherwise, users may be able to modify the content of session data to bypass security control or claim as another user. When session data is used for access control, it is important that the data remains tamperproof. ![]() Making session data tamper proof - Nacl/secretbox vs JWT Here's a link to Go's crypto random package, Python's secret random library.īonus reading: This classic example and this ( excellent video) of breaking PHP's built-in session ID by Samy Kamkar demonstrates the importance of entropy in session ID. Because PRNG iterates on a deterministic sequence using the initial seed value (at worst, it can be hard coded), they do not produce true random values i.e., there's a possibility for someone to predict the "random" number. But developers who are self-implementing session management understand that CRNG should be used instead of pseudo-random number generators (PRNG). Most modern web application frameworks assign high-entropy session IDs for authenticated sessions. So using cryptographic random number generators (CRNG) with at least 128 bits of entropy should be an ideal base for creating session ID. It's okay to attach these values to the session ID, but without additional high-entropy random value, it may be possible to predict the input strings of the hash and crack the session ID. It's a common technique to create a session ID by hashing strings, including time of authentication, remote user IP, etc. Session ID, usually a token or key that binds user session, should be of high entropy so that it is not easily guessable, unique so that it is not readily assigned to different users simultaneously, and of a good length to make brute force impractical. In this blog post, I will explain some of the best practices to address these security issues. There are certain factors that affect the security of session ID, including protection from guessability (cryptographically secure random), protection from replay (unique per session), and protection from theft (transport only using TLS and preventing client-side access). If the session ID generation or storage process is insecure, an attacker can guess/steal the session ID nulling the whole point of secure authentication. ![]() There is no standard directive on securing and managing the session. Encrypted protocols such as TLS and SSH also utilize session ID to maintain a pool of client connections.īut in the context of HTTP, the user session is also attached to identity and used for access control. Session management is not unique to the HTTP protocol. This is where HTTP cookies come in, as a storage medium to persist session state on the client side, usually in a web browser. Since a session state is required throughout an active session, we need a storage system for persistence. A session state can be a simple random identifier value of a session or a set of claims identifying the client and server participating in an active session. So for tracking usage or maintaining authenticated sessions, web applications need to maintain some form of state. Whether it's password or passwordless authentication, multi-factor authentication, or any of the other identity verification shenanigans, in the end, our identity is deduced to a single session cookie! We can't deny the security importance of session cookies in web application access control.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |