Re: [OAUTH-WG] DPoP symmetric key idea

David Waite <> Thu, 21 November 2019 10:49 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D0F4412088B for <>; Thu, 21 Nov 2019 02:49:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.106
X-Spam-Status: No, score=-1.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RDNS_NONE=0.793, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id MP6LUHv1OH_Q for <>; Thu, 21 Nov 2019 02:49:31 -0800 (PST)
Received: from (unknown []) by (Postfix) with ESMTP id 9139D1200C1 for <>; Thu, 21 Nov 2019 02:49:31 -0800 (PST)
Received: from [IPv6:2601:282:202:b210:1d66:7b80:6a0a:19de] (unknown [IPv6:2601:282:202:b210:1d66:7b80:6a0a:19de]) by (Postfix) with ESMTPSA id E26C63158C; Thu, 21 Nov 2019 10:49:36 +0000 (UTC)
From: David Waite <>
Message-Id: <>
Content-Type: multipart/alternative; boundary="Apple-Mail=_B757334F-5D94-40A0-BE1A-8D687FF63E4D"
Mime-Version: 1.0 (Mac OS X Mail 13.0 \(3608.\))
Date: Thu, 21 Nov 2019 03:49:30 -0700
In-Reply-To: <>
To: Dick Hardt <>
References: <>
X-Mailer: Apple Mail (2.3608.
Archived-At: <>
Subject: Re: [OAUTH-WG] DPoP symmetric key idea
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 21 Nov 2019 10:49:33 -0000

There seems two prevailing approaches:

1. The AS generates a symmetric key and encrypts it to a specific audience as part of/associated with the access token (KDC-type model).
2. The client attempts asymmetric use, and the resource server negotiates a symmetric key specific to it.

The first model has advantages in terms of potentially eliminating all API-level symmetric crypto and of simplifying/optimizing the first client/resource interaction. 

The second model has an advantage of being an extension of the asymmetric model, leaving the AS out of a non-authorization requirement of the resource server, and amortizes the cost of the crypto over the lifetime of the authorization (since the negotiated key can be reused with the next access token). The audience target for the token is no longer restricted by the shared secret, since you can negotiate a separate symmetric key per resource server. The first access of a resource does however have an extra round-trip.

The first model has a single shared secret between the AS and RS, which would need to be somehow negotiated.  The private key in the second model can create issues where a resource server is actually a distributed system like a CDN - draft-ietf-tls-subcerts is an effort to try to make that more robust in the TLS space. The second model's protocol may wind up using a ’service ticket’ style sharing of a symmetric key so that each RS node does not have to do their own challenge and key derivation on first communication, and to lighten the need for caching.

Both systems wind up adding complexity around key rotation. The first model can report an issue with key rotation by using a 401 to trigger a refresh of the access token - the AS would know in this case the RS has a new symmetric key and take that into account with the new access token. The second model would trigger a renegotiation on the RS itself.

Finally, it is worth considering that some secure elements (such as on iOS devices) do not expose support for symmetric keys, and SubtleCrypto in browsers will likely require any symmetric key to be imported such that the key itself exists in the Javascript sandbox unencrypted, at least for some period of time. Use of symmetric keys thus increases the risk of exfiltration, so the time between refreshes (or the access token lifetime in environments without refresh tokens) may be reduced in consideration. Under this reduced lifetime, amortization of asymmetric crypto may have less of an effect.


> On Nov 21, 2019, at 3:07 AM, Dick Hardt <> wrote:
> One take away I had from the meeting today, and form the mail list, is the concern of doing asymmetric crypto on API calls. How about if we use the Client's public key to encrypt a symmetric key and pass that back to the Client in the token request response?
> EG: 
> In response to the token request, the AS additionally returns a derived symmetric key (SK) encrypted in a JWE using the Client's public key from the DPoP Proof. 
> The SK = hash( salt, R )
> R and the salt version V are included in the access token
> The AS and the RS share salts with versions.
> The Client decrypts the JWE and now has a symmetric key to sign a Symmetric DPoP Proof.
> The RS take R and V to calculate SK, and verify the signature of the Symmetric DPoP
> Here is an updated flow:
> +--------+                                          +---------------+
> |        |--(A)-- Token Request ------------------->|               |
> | Client |        (DPoP Proof)                      | Authorization |
> |        |                                          |     Server    |
> |        |<-(B)-- DPoP-bound Access Token ----------|               |
> |        |        (token_type=DPoP)                 +---------------+
> |        |        PoP Refresh Token for public clients
> |        |        Symmetric Key JWE
> Client decrypts DPoP Symmetric Key
> |        |
> |        |                                          +---------------+
> |        |--(C)-- DPoP-bound Access Token --------->|               |
> |        |        (Symmetric DPoP Proof)             |    Resource   |
> |        |                                          |     Server    |
> |        |<-(D)-- Protected Resource ---------------|               |
> |        |                                          +---------------+
> +--------+
> _______________________________________________
> OAuth mailing list