FTN8.3: FutoIn Security Concept - Master Secret Authentication
Version: 0.4DV
Date: 2018-05-18
Copyright: 2014-2018 FutoIn Project (http://futoin.org)
Authors: Andrey Galkin

CHANGES

1. Intro

This sub-specification of FTN8 covers more secure Master Secret Authentication with dynamically updated shared secrets.

Service is assumed to be a B2B software or equal - high number of unattended requests.

2. Concept

2.1. Overall idea

  1. Strong symmetric master key is assumed under "Secret".
  2. Use approach to exchange keys based on temporary asymmetric key generated by Service.
  3. Ensure asymmetric key authenticity based transport security and/or existing shared Secret signing.
  4. Ensure temporary key and new Secret quality by AuthService.
  5. Use one of supported key derivation strategies:
  6. Secret exchange interval solely depends on Invoker, but AuthService may deactivate too old or too used keys (defined by configuration).

2.2. Secure Master Secret exchange

  1. Service makes initial call:
  2. AuthService processes the request:
  3. Service processes response:
  4. Service gradually starts using the new Secret.
  5. Both the new Secret and the previous Secret are active.

Goals met:

2.3 "sec" field structured format

Schema: futoin-sec-master-mac

{
    "title" : "FutoIn 'sec' field - Master MAC",
    "type" : "object",
    "additionalProperties" : false,
    "required" : [ "msid", "algo", "kds", "sig" ],
    "properties" : {
        "msid" : {
            "type" : "string",
            "description" : "Unique Master Secret ID"
        },
        "algo" : {
            "type" : "string",
            "description" : "MAC algo name as defined in FTN8"
        },
        "kds" : {
            "type" : "string",
            "description" : "Key Derivation Strategy"
        },
        "prm" : {
            "type" : "string",
            "description" : "KDS parameter, if applicable"
        },
        "sig" : {
            "type" : "string",
            "description" : "Base64 encoded MAC"
        }
    }
}

2.4 "sec" field string format

    "-mmac:{msid}:{algo}:{dks}:{prm}:{sig}"

2.5. Master MAC response "sec" field

Response must be authenticated by the same Secret and the same hash algorithm as used for request signing. Only signature has to be sent.

2.6. Master MAC security level

ExceptionalOps security level must be assigned.

2.7. Optional Master Secret Scope

User/Service is in control of its own privacy vs. simplicity. There is an optional, scope parameter for new Master Secret generation.

Peer Service must not be able to get derived key for particular Master Secret directly. It must be possible only if invoking Service signs any message with particular derived key - implicit approval to provide Derived Key to particular Service.

Only Master Secret with empty or matching scope must be accepted for new Secret exchange to mitigate unauthorized access with Master Secret recovered from scoped derived key. So, Master Secret with empty scope is seen as "main".

There are various options:

  1. Use one global Master Secret with high risk of its recovery through derived key.
  2. Use several Master Secrets per peer service vendor.
  3. Use a separate Master Secret per each peer.

2.8. Events

3. Interface

3.1. Message authentication

Provide Master Secret based authentication to Executor.

It is designed the way when MAC secret is always kept inside AuthService to minimize risk of exposure.

{
    "iface" : "futoin.auth.master",
    "version" : "{ver}",
    "ftn3rev" : "1.9",
    "imports" : [
        "futoin.ping:1.0",
        "futoin.auth.types:{ver}"
    ],
    "types" : {
        "KDSParam" : {
            "type" : "string",
            "regex" : "^[a-zA-Z0-9._/+-]{1,32}$"
        },
        "MACSecField" : {
            "type" : "map",
            "fields" : {
                "msid" : "MasterSecretID",
                "algo" : "MACAlgo",
                "kds" : "KeyDerivationStrategy",
                "prm" : {
                    "type" : "KDSParam",
                    "optional" : true
                },
                "sig" : "MACValue"
            }
        },
        "CipherType" : {
            "type" : "GenericIdentifier",
            "minlen" : 1,
            "maxlen" : 32
        },
        "CipherMode" : {
            "type" : "string",
            "regex" : "^[A-Z0-9][A-Z0-9_]{1,14}[A-Z0-9]$",
            "desc" : "CBC, CTR, GCM, CFB and others"
        }
    },
    "funcs" : {
        "checkMAC" : {
            "params" : {
                "base" : "MACBase",
                "sec" : "MACSecField",
                "source" : "ClientFingerprints"
            },
            "result" : "AuthInfo",
            "throws" : [
                "SecurityError"
            ],
            "seclvl" : "PrivilegedOps"
        },
        "genMAC" : {
            "params" : {
                "base" : "MACBase",
                "reqsec" : "MACSecField"
            },
            "result" : "MACValue",
            "throws" : [
                "SecurityError"
            ],
            "seclvl" : "PrivilegedOps"
        },
        "exposeDerivedKey" : {
            "params" : {
                "base" : "MACBase",
                "sec" : "MACSecField",
                "source" : "ClientFingerprints"
            },
            "result" : {
                "auth" : "AuthInfo",
                "prm" : "KDSParam",
                "etype" : "CipherType",
                "emode" : "CipherMode",
                "ekey" : "EncryptedKey"
            },
            "throws" : [
                "SecurityError"
            ],
            "desc" : "Feature to support local key cache",
            "seclvl" : "ExceptionalOps"
        },
        "getNewEncryptedSecret" : {
            "params" : {
                "type" : "ExchangeKeyType",
                "pubkey" : "ExchangeKey",
                "scope" : {
                    "type" : "MasterScope",
                    "default" : null
                }
            },
            "result" : {
                "id" : "MasterSecretID",
                "esecret" : "EncryptedMasterSecret"
            },
            "throws" : [
                "SecurityError",
                "NotSupportedKeyType"
            ],
            "seclvl" : "ExceptionalOps"
        }
    },
    "requires" : [
        "SecureChannel",
        "MessageSignature",
        "BinaryData"
    ]
}

3.2. Auto registration

This interface allow anonymous access and should be disabled by default configuration.

TBD.

{
    "iface" : "futoin.auth.master.register",
    "version" : "{ver}",
    "ftn3rev" : "1.9",
    "imports" : [
        "futoin.ping:1.0",
        "futoin.auth.types:{ver}"
    ],
    "funcs" : {
    },
    "requires" : [
        "SecureChannel",
        "AllowAnonymous"
    ]
}

3.3. Management

This one is complementary to "futoin.auth.manage" iface.

{
    "iface" : "futoin.auth.master.manage",
    "version" : "{ver}",
    "ftn3rev" : "1.9",
    "imports" : [
        "futoin.ping:1.0",
        "futoin.auth.types:{ver}"
    ],
    "funcs" : {
        "getNewPlainSecret" : {
            "params" : {
                "user" : "LocalUserID"
            },
            "result" : {
                "id" : "MasterSecretID",
                "secret" : "Base64"
            },
            "throws" : [
                "UnknownUser",
                "NotSet"
            ],
            "seclvl" : "System"
        }
    },
    "requires" : [
        "SecureChannel",
        "MessageSignature"
    ]
}

=END OF SPEC=