Services/KeyExchange: Difference between revisions
< Services
Jump to navigation
Jump to search
No edit summary |
(→Flow) |
||
| Line 35: | Line 35: | ||
*Key: strong secret that both clients derive through J-PAKE | *Key: strong secret that both clients derive through J-PAKE | ||
== Flow | == Flow == | ||
<ol> | <ol> | ||
<li>Mobile asks server for new channel ID (3 characters a-z0-9) | <li>Mobile asks server for new channel ID (3 characters a-z0-9) | ||
<pre>C: GET /new_channel HTTP/1.1 | |||
S: "a7i"</pre></li> | |||
<li>Mobile generates PIN from channel ID + random weak secret (3 characters a-z0-9), computes and uploads J-PAKE msg 1 | <li>Mobile generates PIN from channel ID + random weak secret (3 characters a-z0-9), computes and uploads J-PAKE msg 1 | ||
<pre> | |||
C: PUT /a7i HTTP/1.1 | |||
C: | |||
C: {"type": "client1-msg1", XXX} | |||
S: HTTP/1.1 200 OK | |||
S: Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT | |||
</pre></li> | |||
<li>Desktop asks user for the PIN, extracts channel ID and weak secret, fetches Mobile's msg 1 | <li>Desktop asks user for the PIN, extracts channel ID and weak secret, fetches Mobile's msg 1 | ||
<pre> | |||
C: GET /a7i HTTP/1.1 | |||
S: HTTP/1.1 200 OK | |||
... | |||
</pre></li> | |||
<li>Desktop computes and uploads msg 1 | <li>Desktop computes and uploads msg 1 | ||
<pre> | |||
<li>Mobile | C: PUT /a7i HTTP/1.1 | ||
C: | |||
<p>computes and uploads msg 2</p> | C: {"type": "client2-msg1", XXX} | ||
<pre>PUT / | |||
<li>Desktop retrieves Mobile's msg 2 | S: HTTP/1.1 200 OK | ||
S: Last-Modified: Wed, 08 Jan 2003 23:11:56 GMT | |||
</pre></li> | |||
<li>Mobile polls for Desktop's msg 1 | |||
<pre> | |||
C: GET /a7i HTTP/1.1 | |||
C: If-Modified-Since: Wed, 08 Jan 2003 23:11:55 GMT | |||
S: HTTP/1.1 304 Not Modified | |||
</pre> | |||
<p>Mobile tries again after 1s</p> | |||
<pre> | |||
C: GET /a7i HTTP/1.1 | |||
C: If-Modified-Since: Wed, 08 Jan 2003 23:11:55 GMT | |||
S: HTTP/1.1 200 OK | |||
... | |||
</pre> | |||
<p>Mobile computes and uploads msg 2</p> | |||
<pre>C: PUT /a7i HTTP/1.1 | |||
C: | |||
C: {"type": "client1-msg2", XXX} | |||
S: HTTP/1.1 200 OK | |||
S: Last-Modified: Wed, 08 Jan 2003 23:11:58 GMT | |||
</pre></li> | |||
<li>Desktop polls for and eventually retrieves Mobile's msg 2 | |||
<pre> | |||
C: GET /a7i HTTP/1.1 | |||
C: If-Modified-Since: Wed, 08 Jan 2003 23:11:56 GMT | |||
S: HTTP/1.1 200 OK | |||
... | |||
</pre> | |||
<p>computes msg 2 and key, encrypts Sync credentials and uploads msg 2 and encrypted credentials</p> | |||
<pre> | |||
C: PUT /a7i HTTP/1.1 | |||
C: | |||
C: {"type": "client1-msg2", XXX, "credentials":"XXX", "hmac":"XXX"}</pre></li> | |||
<li>Mobile retrieve's Desktop's msg 2 and encrypted credentials | <li>Mobile retrieve's Desktop's msg 2 and encrypted credentials | ||
<pre> | |||
C: GET /a7i HTTP/1.1 | |||
C: If-Modified-Since: Wed, 08 Jan 2003 23:11:58 GMT | |||
S: HTTP/1.1 200 OK | |||
... | |||
</pre> | |||
<p>computes key and decrypts Sync credentials.</p></li> | |||
</ol> | |||
Revision as of 21:52, 4 October 2010
Overview
Explore using J-PAKE to securely pass credentials to another device.
Tracking bug is bug 601644.
Engineers Involved
- Tarek (server)
- Philipp (FxSync)
- Stefan (FxHome)
User Requirements
- Setting up a new mobile device should only involve entering a short code on the desktop device
- Secondary request, not a hard requirement, is that if the user has a mobile device, and is setting up a desktop device, that the flow is similar and still involves entering the key on the desktop
Desired User Flow
- User chooses "quick setup" on new device
- Device displays a setup key that contains both the initial secret and a channel ID
- On a device that is authenticated, user chooses "add another device" and is prompted for that key
- The two devices exchange messages to build the secure tunnel
- The already-authenticated device passes all credentials (username/password/passphrase) to the new device
- New device completes setup and starts syncing
Implementation (draft)
Terminology
- Desktop: Client that has Fx Sync already set up
- Mobile: Client that needs to be set up (of course this could be another desktop computer, too)
- PIN: code that is displayed on Mobile and entered on Desktop
- Secret: weak secret that is used to start the J-PAKE algorithm
- Key: strong secret that both clients derive through J-PAKE
Flow
- Mobile asks server for new channel ID (3 characters a-z0-9)
C: GET /new_channel HTTP/1.1 S: "a7i"
- Mobile generates PIN from channel ID + random weak secret (3 characters a-z0-9), computes and uploads J-PAKE msg 1
C: PUT /a7i HTTP/1.1 C: C: {"type": "client1-msg1", XXX} S: HTTP/1.1 200 OK S: Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT - Desktop asks user for the PIN, extracts channel ID and weak secret, fetches Mobile's msg 1
C: GET /a7i HTTP/1.1 S: HTTP/1.1 200 OK ...
- Desktop computes and uploads msg 1
C: PUT /a7i HTTP/1.1 C: C: {"type": "client2-msg1", XXX} S: HTTP/1.1 200 OK S: Last-Modified: Wed, 08 Jan 2003 23:11:56 GMT - Mobile polls for Desktop's msg 1
C: GET /a7i HTTP/1.1 C: If-Modified-Since: Wed, 08 Jan 2003 23:11:55 GMT S: HTTP/1.1 304 Not Modified
Mobile tries again after 1s
C: GET /a7i HTTP/1.1 C: If-Modified-Since: Wed, 08 Jan 2003 23:11:55 GMT S: HTTP/1.1 200 OK ...
Mobile computes and uploads msg 2
C: PUT /a7i HTTP/1.1 C: C: {"type": "client1-msg2", XXX} S: HTTP/1.1 200 OK S: Last-Modified: Wed, 08 Jan 2003 23:11:58 GMT - Desktop polls for and eventually retrieves Mobile's msg 2
C: GET /a7i HTTP/1.1 C: If-Modified-Since: Wed, 08 Jan 2003 23:11:56 GMT S: HTTP/1.1 200 OK ...
computes msg 2 and key, encrypts Sync credentials and uploads msg 2 and encrypted credentials
C: PUT /a7i HTTP/1.1 C: C: {"type": "client1-msg2", XXX, "credentials":"XXX", "hmac":"XXX"} - Mobile retrieve's Desktop's msg 2 and encrypted credentials
C: GET /a7i HTTP/1.1 C: If-Modified-Since: Wed, 08 Jan 2003 23:11:58 GMT S: HTTP/1.1 200 OK ...
computes key and decrypts Sync credentials.