Professional Documents
Culture Documents
eavesdropper in attacks that have come to negligible, and all major web browsers
unprotected at the transport layer, has page AJAX web applications, e.g. Gmail
While SSL can protect against lines of JavaScript and 60 lines of server-
state requires having the web client interface to prompt the user for her
provide some unique identifier to the web username and password. Unlike in plain
server on every request, so that the server auth, digest auth provides a challenge-
precisely. In 1995, web browsers support For sending along the password,
cookies, which allow a web server to send, which ensures that a network
This header can also specify a number of auth as a way to secure sessions against
BUILDING BLOCKS
The technical
components are simple and require only
a cursory explanation
1.Fragment Identifier:
The URL specification
defines the fragment identifier, the portion
of the URL that follows the # character.
Figure 1: The Session Lock Protocol As its name implies, the fragment
identifier designates a portion of the
4. SSL
resource. For example, consider the
SSL provides end-to-end
followingURL:
encryption between the web server and
http://host/of/url#paragraph4
browser, clearly foiling passive
Here, #paragraph4 is
eavesdroppers. Unfortunately, SSL
the fragment identifier. When the
requires more work on the server side
primary resource, in this case
and, more importantly, triggers a number
http://host/rest/of/url,is an HTML
of sub-optimal behaviors on the client
document, the fragment identifier tells
side. An SSL server must run on its own
the browser to scroll the viewport to the
IP address (no virtual hosting), because
section of the document that reads:
<div id="paragraph4"> 2. the web browser uses this secret token
... to authenticate, using HMAC, every
</div> subsequent, time-stamped plain HTTP
When no such portion of the document request it makes.
exists, the browser doesn’t scroll, and the 3. the session token is never sent over the
fragment identifier remains in the URL, network in the clear: it is communicated
unused from the SSL login page to the first plain
HTTP page, and to each subsequent plain
2.Authenticating Web Requests with HTTP page hereafter, using the URL
HMAC fragments identifier.
Simple message 4. an attacker limited to eavesdropping
authentication between two parties with a capabilities never sees the session secret
shared secret is easily achievable using a and cannot generate valid HTTP requests
Message Authentication Code (MAC) on behalf of another user’s session, other
algorithm. In particular, HMAC is a than the ones it intercepts.
hash-function-based message We now provide additional detail for the
authentication technique which is easily above outline.
implemented and quite efficient in just
about any programming environment, 1.Generating the Secret Token
including browser-based JavaScript. A Alice visits her web
number of web-based APIs, including mail site, example.com. She is directed to
Google APIs and the Face book Platform a login page over SSL, where she enters
already use HMAC for authenticating her username and password. The server
requests. sets up her session, sets a non-SSL
session_id cookie, then an SSL-only
cookie session secret, and redirects Alice
THE SESSION LOCK
to
PROTOCOLS http://example.com/login/done#[session_s
At a high level, Session Lock ecret]Because this redirect command is
functions as follows: sent to Alice’s browser over SSL, its
1. at login time over SSL, the web server content is secure against eavesdropping.
delivers a session secret to the web Then, when Alice’s browser loads the
browser. new, non-SSL URL, the session_secret
remains secure from eavesdropping,
because is located inside the fragment Once these modifications are done, the
identifier and thus not sent over the event proceeds as initially requested, only
network. with two new parameters that
authenticate the request to the server.
For AJAX requests, JavaScript can
2.Keeping the Session Secret Around intercept all calls toXMLHttpRequest to
To keep the achieve exactly the same task. Once
session_secret around from one page to again, it appears that Session Lock is
another, it must be appended as a easier to implement with AJAX
fragment identifier to every URL the user applications.
navigates within the web application.
Importantly, this cannot be done on the 4.Recovering From Failure
server side, as it would then be available Because of our ad-hoc
to the eavesdropper when the HTML is approach to communicating the session
transferred over plain, unencrypted secret from one page to another, it is
HTTP. The appending of the session conceivable that the session secret will be
secret can only be done on the client side lost. The user might type in a URL
using JavaScript.Thus, upon page load, Manually, click a bookmark, or otherwise
Session Lock JavaScript code traverses access the service without the session
the page, appending the fragment secret in the fragment identifier. To force
identifier to every clickable link and the user to re-login at this point would
every form target. break existing expectations for web
services. Fortunately, it is easy to recover
3.Time stamping and HMAC the session secret, using an IFRAME that
With the session secret accesses a small SSL page that minimally
in JavaScript scope, we must then ensure affects the user experience. The web page,
that every HTTP request is augmented noticing that it does not have a session
stored while at an SSL URL cannot be consider the side-effects of carrying this
read by JavaScript from a non-SSL URL, secret as a fragment within every page.
Lock without any SSL, even on the login stays in the URL as a fragment identifier,
page. On session setup the following steps and an on load JavaScript event handler
1. The server assigns the browser a was captured on first load. In this case, a
2. The client-side JavaScript code initiates JavaScript page that locally recreates a
a Diffie-Hellman Key-exchange with the freshly time stamped version of the same
secret between the browser JavaScript .replace to reload the page with the
with the server storing the secret in a Book marking a page that
Session Lock suffers from two important in the case of heavily AJAX-enabled
REFERENCES:
1.Whitfield Diffie and Martin E. Hellman.
New directions in cryptography. IEEE
Transactions on Information Theory
http://www.ietf.org/rfc/rfc.txt.