Re: [OAUTH-WG] New Version Notification for draft-fett-oauth-dpop-03.txt

[Dave Tonge <dave.tonge@momentumft.co.uk>]

Hi Neil and Torsten

I agree that the risk is about token theft / leakage. My understanding is
that we should assume that at some point access tokens will be leaked,
e.g.Facebook:
https://auth0.com/blog/facebook-access-token-data-breach-early-look/

If access tokens were cryptographically sender-constrained, then
leaked/stolen access tokens would be useless.
I take your point that some of the ways in which an access token would
leak, would also leak the dPOP headers, this is why section 9.1 has the
recommendations around `iat` and `jti`. While this doesn't eliminate the
risk, it does reduce it.

So my perspective is that dPOP allows sender-constrained access tokens in
scenarios where mutual tls / token binding is not possible. This is a good
protection against token leakage / theft.

Dave


On Sun, 24 Nov 2019 at 10:43, Neil Madden <neil.madden@forgerock.com> wrote:

> On 24 Nov 2019, at 07:59, Torsten Lodderstedt <torsten@lodderstedt.net>
> wrote:
>
>
> Hi Neil,
>
> I would like to summarize what I believe to have understood is your
> opinion before commenting:
> 1) audience restricted access tokens is the way to cope with replay
> attempts between RSs
>
>
> It’s one way, but yes that is sufficient.
>
> 2) TLS prevents replay at the same RS
>
> re 1) that works as long as ASs support audience restrictions and the
> audience restriction is the actual resource server URL, otherwise a staged
> RS can obtain access tokens audience restricted for a different RS and
> replay it there
>
>
> Yes, audience restrictions only work if the AS supports it. DPoP only
> works if the AS, client, and *all* RSes all support it, right?
>
> I’m not sure of your second point.. Obviously an audience restriction
> needs to be unambiguous if it is to have any effect.
>
> re 2) it seems you look onto that threat from the inside of a TLS
> connection. Let’s assume the attacker obtains the access tokens at the
> application layer, e.g. through a log file, referrer header, mix-up,
> browser history and then sends it through a new TLS connection to the same
> RS. How does TLS help to detect this replay?
>
>
> These are token leakage/theft not replay -
> https://en.m.wikipedia.org/wiki/Replay_attack
>
> And TLS has done a lot to protect against even these threats. For example,
> leaking credentials in logs was much more of a threat when you had to
> consider all kinds of proxies and middleboxes along the route. TLS has
> completely eliminated that threat, leaving just the logs at the RS itself.
> And the others are largely protected against by not putting access tokens
> in URLs, and things like Referrer-Policy/rel=no-referrer..
>
> Leaking an audience-restricted access token into the logs of the RS itself
> seems a relatively minor threat to worry about. If you’re not managing logs
> securely then you’re probably already leaking all kinds of PII and other
> sensitive data that the access token grants access to.
>
> If the client and RS can’t get these things right then I would question
> whether public key signatures and associated key management is more likely
> to be done right.
>
> With macaroons the complexity is reduced and the AS performs all the
> checks.
>
> With ECDH, although complex, the critical security checks are encoded into
> the key derivation process - leading to the very desirable property that
> security failures become interoperability failures and so are more likely
> to be found and fixed in testing. (See the work done on using implicit
> nonces in TLS for an example of this principle -
> https://blog.cloudflare.com/tls-nonce-nse/)
>
> — Neil
>
>
> Am 24.11.2019 um 08:40 schrieb Neil Madden <neil.madden@forgerock.com>:
>
>
> On 22 Nov 2019, at 13:33, Torsten Lodderstedt <torsten@lodderstedt.net>
> wrote:
>
>
> Hi Neil,
>
>
> On 22. Nov 2019, at 20:50, Neil Madden <neil.madden@forgerock.com> wrote:
>
>
> Hi Torsten,
>
>
> On 22 Nov 2019, at 12:15, Torsten Lodderstedt <torsten@lodderstedt.net>
> wrote:
>
>
> Hi Neil,
>
>
> On 22. Nov 2019, at 18:08, Neil Madden <neil.madden@forgerock.com> wrote:
>
>
> I think the phrase "token replay" is ambiguous. Traditionally it refers to
> an attacker being able to capture a token (or whole requests) in use and
> then replay it against the same RS. This is already protected against by
> the use of normal TLS on the connection between the client and the RS. I
> think instead you are referring to a malicious/compromised RS replaying the
> token to a different RS - which has more of the flavour of a man in the
> middle attack (of the phishing kind).
>
>
> I would argue TLS basically prevents leakage and not replay.
>
>
> It also protects against replay. If you capture TLS-encrypted packets with
> Wireshark you not only cannot decipher them but also cannot replay them
> because they include specific anti-replay measures at the record level in
> the form of unique session keys and record sequence numbers included in the
> MAC calculations. This is essential to the security of TLS.
>
>
> I understand. I was looking onto TLS from an application perspective, that
> might explain differing perception.
>
>
>
> The threats we try to cope with can be found in the Security BCP. There
> are multiple ways access tokens can leak, including referrer headers,
> mix-up, open redirection, browser history, and all sorts of access token
> leakage at the resource server
>
>
> Please have a look at
> https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13#section-4.
>
>
> https://tools.ietf.org/html/draft-ietf-oauth-security-topics-13#section-4.8
> also has an extensive discussion of potential counter measures, including
> audience restricted access tokens and a conclusion to recommend sender
> constrained access tokens over other mechanisms.
>
>
> OK, good - these are threats beyond token replay (at least as I understand
> that term). It would be good to explicitly add them to the DPoP document
> motivation.
>
>
> Note that most of these ways that an access token can leak also apply
> equally to leak of the DPoP JWT, so the protection afforded by DPoP boils
> down to how well the restrictions encoded into the JWT prevent it from
> being reused in this case - e.g., restricting the expiry time, audience,
> scope, linking it to a specific request (htm/htu) etc.
>
>
> Every single one of those restrictions can be equally well encoded as
> caveats on a macaroon access token without any need for public key
> signatures or additional tokens and headers.
>
>
> But if that's the case then there are much simpler defences than those
> proposed in the current draft:
>
>
> 1. Get separate access tokens for each RS with correct audience and
> scopes. The consensus appears to be that this is hard to do in some cases,
> hence the draft.
>
>
> How many deployments do you know that today are able to issue RS-specific
> access tokens?
>
> BTW: how would you identify the RS?
>
>
> I agree that would be an alternative and I’m a great fan of such tokens
> (and used them a lot at Deutsche Telekom) but in my perception this pattern
> needs still to be established in the market. Moreover, they basically
> protect from a rough RS (if the URL is used as audience) replaying the
> token someplace else, but they do not protect from all other kinds of
> leakage/replay (e.g. log files).
>
>
> Many services already do this. For example, Google encodes the intended RS
> into the scopes on GCP (
> https://developers.google.com/identity/protocols/googlescopes). A client
> can do a single authorization flow to authorize all the scopes it needs and
> then use repeated calls to the refresh token endpoint to obtain individual
> access tokens with subsets of the authorized scopes for each endpoint.
>
>
> And that works at google? How does the client indicate the RS it wants to
> use the first access token (that is obtains in the course of the code
> exchange)?
>
>
> It doesn’t. The initial access token would be for all scopes and the
> client simply discards that one (or revokes it if the AS supports revoking
> individual tokens).
>
>
> (I think Brian also mentioned this pattern at OSW, but it might have been
> somebody else).
>
>
> I know the pattern and we used this at Deutsche Telekom, but I don’t know
> any other deployment utilising this pattern. In my observation, most people
> treat access tokens as cookies and use them across RSs. Another reason
> might be that, before resource indicators, there was no interoperable way
> to ask for a token for a certain RS.
>
>
> I don’t know anybody using DPoP either. The point is that you can do this
> kind of thing right now, so DPoP needs to have a stronger justification for
> why this isn’t sufficient.
>
>
> 2. Make the DPoP token be a simple JWT with an "iat" and the origin of the
> RS. This stops the token being reused elsewhere but the client can reuse it
> (replay it) for many requests.
>
> 3. Issue a macaroon-based access token and the client can add a correct
> audience and scope restrictions at the point of use.
>
>
> Why is this needed if the access token is already audience restricted? Or
> do you propose this as alternative?
>
>
> These are all alternatives. Any one of them prevents the specific attack
> of replay by the RS to another RS.
>
>
> And which does for replay with the same RS?
>
>
> TLS.
>
>
> — Neil
>
> _______________________________________________
> OAuth mailing list
> OAuth@ietf.org
> https://www.ietf.org/mailman/listinfo/oauth
>


-- 
Dave Tonge
CTO
[image: Moneyhub Enterprise]
<http://www.google.com/url?q=http%3A%2F%2Fmoneyhubenterprise.com%2F&sa=D&sntz=1&usg=AFQjCNGUnR5opJv5S1uZOVg8aISwPKAv3A>
Moneyhub Financial Technology, 5th Floor, 10 Temple Back, Bristol, BS1 6FL
t: +44 (0)117 280 5120

Moneyhub Enterprise is a trading style of Moneyhub Financial Technology
Limited which is authorised and regulated by the Financial Conduct
Authority ("FCA"). Moneyhub Financial Technology is entered on the
Financial Services Register (FRN 809360) at fca.org.uk/register.
Moneyhub Financial
Technology is registered in England & Wales, company registration number
06909772 .
Moneyhub Financial Technology Limited 2018 ©

DISCLAIMER: This email (including any attachments) is subject to copyright,
and the information in it is confidential. Use of this email or of any
information in it other than by the addressee is unauthorised and unlawful.
Whilst reasonable efforts are made to ensure that any attachments are
virus-free, it is the recipient's sole responsibility to scan all
attachments for viruses. All calls and emails to and from this company may
be monitored and recorded for legitimate purposes relating to this
company's business. Any opinions expressed in this email (or in any
attachments) are those of the author and do not necessarily represent the
opinions of Moneyhub Financial Technology Limited or of any other group
company.