4WWW95: CCI-based Web security

authors:

• judson d. weeks, NCSA
• adam cain, NCSA (also author of the security tutorial)
• briand sanderson, NCSA

Common Client Interface (CCI):

today, multiple solutions are available to increase security in the Web, e.g. S-HTTP, message digest, Kerberos based systems, SSL and PCT, DCE-Web and so on. while a diversity of methods and protocols may be desirable for various reasons, we may end up in a situation, where we need multiple browsers, one for each set of security mechanisms it supports.

instead of adding each new security feature to the browser itself, CCI is a new approach which adds application layer support to the client. a well defined interface allows to call other applications from the client, including security applications. if a new security algorithm is introduced, the browser does not need to be modified, instead, it simply calls the corresponding application via the CCI.

in the approach presented, they used PGP ("Pretty Good Privacy") to handle data encryption, signature verification and so on. in this PGP-CCI approach, they introduced HTTP extensions similar to S-HTTP and new HTML anchor attributes. no chances have to be made to the code of neither the server nor the client, all that is necessary is the addition of the new proposed MIME type

Content-type: application/x-pgp

the PGP-CCI protocol:

to handle the application/x-pgp content-types, the PGP-CCI application registers with the browser to receive all requests for URLs with the HTTP protocol and to handle all application/x-www-pgp-response content-types.

hyperlinks pointing to documents that shall be retrieved using PGP-CCI contain special attributes, such as the server's public key ID, if the request should be encrypted, signed or both and so on.

a request for a document using PGP-CCI is processed as follows:

1. the browser passes the HTTP request to the CCI application as it would normally send it to the server.
2. the CCI application applies the proper security enhancements to the request as defined by the attributes in the URL.
3. the CCI application encapsulates the original request with a generic HTTP request and passes it back to the browser for retrieval on the network.
4. the server uses PGP to decrypt and/or verify the signature on the encapsulated request. if the request was not properly authorized, the server sends back an "unauthorized" (message 401) response.
   if the request passed the authorization correctly, it sends back an "application/x-www-pgp-response" which might be encrypted and/or signed using the session key contained in the client's request.
5. if the server's respond is "unauthorized", the browser will display the server's HTML error message.
6. the CCI application uses PGP to decrypt and/or verify the signature of the server's response, then it passes the plain text of the HTTP response to the browser. the browser processes this response as it would handle any HTTP response.

the proposed new hyperlink attributes for PGP-CCI include:

• PGPPUBKEYID (required)
  this attribute identifies the public key of the server at the other end of the hyperlink.

• PGPUSER (optional)
  the full PGP username of the server.

• PGPPUBKEYBLOCK (optional)
  the server may include its public keyblock in the anchor.

• PGPMODE (optional)
  this attribute includes values indicating whether the HTTP request should be signed, encrypted or both.

this is an example of a PGP-CCI hyperlink:

<A HREF="http://www.topsecret.org/wherever/whatever.html"
PGPUSER="Topsecret Web Server <www@topsecret.org>"
PGPPUBKEYID="E9B2BB1D"
PGPMODE="request-signed,request-encrypted"
> this is a secure link </A>

CCI functions:

the commands used by PGP-CCI are based on

• Spyglass' Software Development Interface (SDI) and include the following functions:
  • RegisterViewer: (TO browser)
    to handle PGP-enhanced documents, the PGP-CCI application registers to view all documents with application/x-pgp MIME types. for the PGP-CCI protocol, the CCI application registers to handle application/x-www-pgp-response content types.

  • RegisterProtocol: (TO browser)
    the PGP-CCI application registers to handle all requests for URLs with protocol HTTP in order to trap requests to be pre-processed.

  • OpenURL: (FROM browser)
    if a CCI application is registered to handle a requested URL's protocol, the browser uses this command to pass on the request to the CCI application.

  • OpenURL: (TO browser)
    this function is used by the CCI application to tell the browser to fetch a document specified by the URL argument.

  • ViewDocData/File: (FROM browser)
    if a CCI application has registered as a viewer for the content-type of a received document, the browser uses these commands to pass the CCI application the data to be viewed.

  ---

  security consideration:

  potential attacks may be divided into two categories:
  1. network-based attacks related to the security protocol:
     any attacker who attempts to impersonate a desired Web server will either be detected before the request is sent or will be easily identified after the response. to decrypt/encrypt requests or to provide a signed or encrypted response, the attacker would have to posses the private key corresponding to the public key ID in the hyperlink.
     the main defense mechanism against these types of attacks is PGP's handling of public keys. if an attacker attempts to fool the client into using the attacker's public key which is not in the user's keyring, the PGP-CCI application asks that the user acknowledge the use of an untrusted key.

  2. attacks on the CCI communications between the browser and the PGP-CCI application:
     the communication between the CCI application and the browser is based on local temporary files. therefore the security of this communication is highly dependent upon the security of the operating system of the client system.

  ---

  for more information, see current version of this paper.

  ---

  back to 4WWW95 main document.

  ---

  4WWW95 CCI-based Web security / 28-jan-1999 (ra) / reto ambühler