Difference between revisions of "Bound Token"
From MgmtWiki
(→Context) |
(→Problem) |
||
Line 9: | Line 9: | ||
==Problem== | ==Problem== | ||
+ | *Attacks against [[Bearer Token]]s | ||
+ | *[[Distribute Identity]] has the feature of collecting [[User]] [[Claim]]s from a variety of sources, not all of which have a relationship with the [[OP]] used to [[Authentication|Authenticate]] the [[User]]. | ||
+ | |||
+ | |||
*Any party in possession of a [[Bearer Token]] can use it to get access to the associated [[Resource]]s. To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport. | *Any party in possession of a [[Bearer Token]] can use it to get access to the associated [[Resource]]s. To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport. | ||
*[[Bearer Token]]s are valid only for as short time as possible. These tokens work like passwords, and if intercepted can be used immediately by an attacker. Therefore the OAuth2 (with bearer token) specification requires that all communication takes place over SSL - since no cryptography is built into the specification. Typically access tokens have a short validity, which can be refreshed with a "refresh token" which has longer validity but is only transferred when the initial bearer token is received by the consumer, and when a bearer token is refreshed. | *[[Bearer Token]]s are valid only for as short time as possible. These tokens work like passwords, and if intercepted can be used immediately by an attacker. Therefore the OAuth2 (with bearer token) specification requires that all communication takes place over SSL - since no cryptography is built into the specification. Typically access tokens have a short validity, which can be refreshed with a "refresh token" which has longer validity but is only transferred when the initial bearer token is received by the consumer, and when a bearer token is refreshed. | ||
*Microsoft reported the replay attack against Kerberos tokens<ref>Microsoft Security Advisory 974926, ''Credential Relaying Attacks on Integrated Windows Authentication'' (2009-12-08) https://docs.microsoft.com/en-us/security-updates/securityadvisories/2009/974926</ref> and addressed the attack with [[Channel Binding]].<ref>Microsoft Directroy Services Team, ''Control Extended Protection for Authentication using Security Policy.'' https://blogs.technet.microsoft.com/askds/2009/12/10/control-extended-protection-for-authentication-using-security-policy/</ref> | *Microsoft reported the replay attack against Kerberos tokens<ref>Microsoft Security Advisory 974926, ''Credential Relaying Attacks on Integrated Windows Authentication'' (2009-12-08) https://docs.microsoft.com/en-us/security-updates/securityadvisories/2009/974926</ref> and addressed the attack with [[Channel Binding]].<ref>Microsoft Directroy Services Team, ''Control Extended Protection for Authentication using Security Policy.'' https://blogs.technet.microsoft.com/askds/2009/12/10/control-extended-protection-for-authentication-using-security-policy/</ref> | ||
*Token reuse: [[OAuth 2.0]] or [[OpenID Connect]] use of bearer tokens raises the risk of token theft. For years architects have been waiting for [[Token Binding]] to get ratified so there would be transparent mechanism to close this gap. If this feature gets dropped from Chrome, this enterprise use case doesn't go away and only Microsoft Browsers support the feature. | *Token reuse: [[OAuth 2.0]] or [[OpenID Connect]] use of bearer tokens raises the risk of token theft. For years architects have been waiting for [[Token Binding]] to get ratified so there would be transparent mechanism to close this gap. If this feature gets dropped from Chrome, this enterprise use case doesn't go away and only Microsoft Browsers support the feature. | ||
− | + | ||
*[[Bearer Tokens Considered Harmful]] is a paper that discusses the limitations of [[Channel Binding]] or other half-way measures to fix a broken security measure. | *[[Bearer Tokens Considered Harmful]] is a paper that discusses the limitations of [[Channel Binding]] or other half-way measures to fix a broken security measure. | ||
Revision as of 16:59, 22 October 2018
Full Title or Meme
A data structure that passes strongly purpose bound Authorization grants to a Resource server.
Context
RFC 6750 "The OAuth 2.0 Authorization Framework: Bearer Token Usage" defines the Bearer Token.
Any party in possession of a bearer token (a "bearer") can use it to get access to the associated resources (without demonstrating possession of a cryptographic key). To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport.
The Bound Token is specifically designed to overcome several of the problems of a Bearer Token.
Problem
- Attacks against Bearer Tokens
- Distribute Identity has the feature of collecting User Claims from a variety of sources, not all of which have a relationship with the OP used to Authenticate the User.
- Any party in possession of a Bearer Token can use it to get access to the associated Resources. To prevent misuse, bearer tokens need to be protected from disclosure in storage and in transport.
- Bearer Tokens are valid only for as short time as possible. These tokens work like passwords, and if intercepted can be used immediately by an attacker. Therefore the OAuth2 (with bearer token) specification requires that all communication takes place over SSL - since no cryptography is built into the specification. Typically access tokens have a short validity, which can be refreshed with a "refresh token" which has longer validity but is only transferred when the initial bearer token is received by the consumer, and when a bearer token is refreshed.
- Microsoft reported the replay attack against Kerberos tokens[1] and addressed the attack with Channel Binding.[2]
- Token reuse: OAuth 2.0 or OpenID Connect use of bearer tokens raises the risk of token theft. For years architects have been waiting for Token Binding to get ratified so there would be transparent mechanism to close this gap. If this feature gets dropped from Chrome, this enterprise use case doesn't go away and only Microsoft Browsers support the feature.
- Bearer Tokens Considered Harmful is a paper that discusses the limitations of Channel Binding or other half-way measures to fix a broken security measure.
Solution
- Don't use Bearer Tokens without an Identifier to the audience for the token as included in the spec as: "Issue scoped bearer tokens: Token servers SHOULD issue bearer tokens that contain an audience restriction, scoping their use to the intended relying party or set of relying parties."
- Microsoft introduced EAP and Channel Binding
- John Bradly created RFC on token binding which was supported by Microsoft browsers with Channel Binding but Google found reasons for token binding not persuasive and dropped support.
- Protection from the secure channel endpoint to a front end server
Reference
- Bound Tokens, unlike Late Binding Tokens or Bearer Tokens cannot be re-purposed after they are created.