On 8/25/13 at 8:32 PM, leich...@lrw.com (Jerry Leichter) wrote:

*The* biggest headache is HTTP support. Even the simplest modern HTTP server is so complex you can never be reasonably sure it's secure (though, granted, it's simpler than a browser!) You'd want to stay simple and primitive.

I'm currently over 250 messages behind, so please pardon me if this item has already been mentioned.

Back in 2009, Charlie Landau and I worked on a DARPA contract to demonstrate a secure web key server[1]. We used CAPROS[2] as the underlying operating system and build a HTTP interpreter to act as the server. The system is GPL and the source for the web key server is available on Sourceforge[3].

Charlie comments that the IDL files are quite useful, but there really isn't any documentation. Let me give a brief overview:

When a new TCP connection arrives, a new instance of the web key server is created. It can not communicate with any other instance of the web key server, and the only real authority it has, beyond sending and receiving on the TCP circuit, is to a name lookup system.

This name lookup system takes a string -- the secret part of the web key -- and returns a resource. The web key server then returns the contents of that resource to the requestor.

Since the name lookup system does not allow enumeration of its contents, even if an instance of the web key server is compromised, an attacker will still have to guess the secret part of the web key to retrieve authorities from the name lookup system.

Cheers - Bill

[1] Web key: <http://waterken.sourceforge.net/web-key/>

[2] <http://www.capros.org/>, <http://capros.sourceforge.net/>

[3] <http://sourceforge.net/projects/capros/>

Bill Frantz        | Truth and love must prevail  | Periwinkle
(408)356-8506 | over lies and hate. | 16345 Englewood Ave www.pwpconsult.com | - Vaclav Havel | Los Gatos, CA 95032

The cryptography mailing list

Reply via email to