Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEAT] Login token recommendation #942

Open
mccoysc opened this issue Mar 21, 2024 · 2 comments
Open

[FEAT] Login token recommendation #942

mccoysc opened this issue Mar 21, 2024 · 2 comments
Labels
enhancement New feature or request

Comments

@mccoysc
Copy link

mccoysc commented Mar 21, 2024
edited
Loading

To enhance the security of web login processes, a more secure and sophisticated approach involves the use of cryptographic keys, as follows:

1.	During user registration or password change, leverage the latest password as a seed to generate a unique pair of public and private keys. This ensures that the public and private keys are always directly correlated with the user’s password, allowing for the generation of these keys based on the user password at any given time.
2.	The server stores the username along with the corresponding public key.

Further steps for the login process include:

3.	At the time of login, the user’s password is used to regenerate the private key. Subsequently, a JSON object required for login is created, which may contain various pieces of information, but crucially includes a timestamp to guard against replay attacks. This JSON data is then signed using the private key.
4.	The signed information is submitted to the server.
5.	Upon receiving the login request (via “api/request-token”), the server retrieves the public key associated with the username from its database. It then uses this public key to verify the authenticity of the submitted login information. If the verification is successful, additional checks, such as the validity of the timestamp, are conducted.
6.	Once these checks are passed, a user token is generated. This token is encrypted using the user’s public key and sent back to the client.
7.	Upon receiving the response, the client decrypts the received token using its private key, thus completing the login process.

This methodology significantly enhances security by ensuring that passwords are not transmitted in plaintext, thereby reducing the risk of interception and unauthorized access.

Additionally, this approach offers the significant advantage of eliminating the need for the server to store user passwords. Instead, only usernames and their corresponding public keys are stored. This ensures that sensitive user information remains secure, even in the event of server anomalies, such as a security breach by hackers. By adopting this method, the integrity and confidentiality of user data are significantly enhanced, providing a robust defense against unauthorized access and data leaks.
@mccoysc
Copy link
Author

mccoysc commented Mar 21, 2024
edited
Loading

Or,in an alternative approach to authentication and data integrity, we forgo traditional token-based verification in favor of a system where each user action and its associated data payload are authenticated through digital signatures. In this model, users sign every request with their private key. The server then verifies the legitimacy and integrity of these requests by validating the signature against the user's public key. This method ensures two critical security assurances:

Authenticity - By verifying the digital signature with the public key, the server confirms that the request was indeed initiated by the legitimate user, effectively replacing the need for token-based authentication. This process guarantees that the requestor possesses the corresponding private key without revealing it, thereby affirming their identity.

Integrity - Digital signatures not only authenticate the sender but also ensure that the request data has not been altered in transit. Any modification to the original data would invalidate the signature, alerting the server to potential tampering. This ensures that the server processes the user's true intentions as expressed in the request.

This approach simplifies the authentication process by directly leveraging cryptographic principles, offering a clear and robust method for securing user interactions. It enhances security by ensuring both the identity of the requester and the integrity of the request data, providing a streamlined alternative to conventional token-based systems.

I recommend using this approach.

@mccoysc
Copy link
Author

mccoysc commented Mar 21, 2024
edited
Loading

If implementing the second approach is challenging due to significant changes required in the front-end code, making it difficult to achieve in the short term, I suggest that, at the very least, the first approach mentioned above should be adopted.

@mccoysc mccoysc changed the title about login security problem login security problem Mar 21, 2024
@timothycarambat timothycarambat changed the title login security problem [FEAT] Login token recommendation Mar 21, 2024
@timothycarambat timothycarambat added the enhancement New feature or request label Mar 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@timothycarambat @mccoysc