Nelson,
We are planning on using a USB device that has keys for various vendors
in a "private" area. The USB device can generate a session key based
upon that secret vendor key. The Server can autogenerate that same
session key. The session key does not have to be passed.
The external module communicates with the USB device. If the device is
removed, communication cannot take place. When the module communicates
with the USB device, it authenticates that the device belongs to the
client, and then and only then will generate the session key for the vendor.
There is no authentication requried across the network only to the local
USB device, something the client can take with him from machine to machine.
Currently I'm thinking of an extenstion to firefox that would be called
by the browser when the session key is needed. That extension would
provide the interface to the USB device.
Nothing would be transmitted across the network that can be used to
generate the session key. The session key changes without human
intervention. The uses only authenticates to the device that he carries
with him. He doesn't leave any certificates behind that can be used by
anyone else. This seems to be a very secure system that would be very
hard to comprimise, as the keys are never on a client machine to
intercept, and nothing can be intercepted that can be used to generate
or guess at the key.
The USB token is already developed. It holds hundreds of unique vendor
keys, handles AES-256, generates true random numbers and handles the
secure communication required. We are working on the external module,
now what we need is the PKS-TLS-AES Cipher.
We are thinking that this shouldn't be to hard to impliment, as the RFC
4279 clienthello and ServerHello are pretty much the same as standard
TLS. After that it just passes and "identity" string back and forth.
Then the module would provide the PSK to set up the communication and
then it should be on autopilot.
Jay
Nelson B wrote:
Jay Potter wrote:
Hi, I'm new to NSS. I'm involved with a project that uses Pre-Shared
Keys for TLS - AES-256. (RFC 4279). I get the key from an external
module (both Client and Server). This implementation would be perfect
for my application. I would like to see Mozilla handle this cipher set.
Any suggestions on what I would need to do to get this implimented?
Jay, please tell us more about getting the PSK from an external module.
When the PSK proposal was put forth to the TLS WG, the vision given for
PSKs was that of passwords, pins, or other keys known to humans. This
caused many TLS implementors to roll their eyes, and regard the PSK
idea as being on far less secure than the mechanisms normally used with
TLS.
But if the PSK comes from an external module, and is not "static",
then perhaps it is worthy of more consideration. So, please share
with us info about this module, and how it would communicate with
the application (electronically? eyeballs and fingers?)
What (if any) User Interface impact would this have on a browser?
(I think the right answer, BTW, is "none", because the communication with
the module would be all electronic, not involving user participation.)
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto