As I am blogging from the Real World Crypto workshop, I wanted to choose a talk that has a real world use. Now based on the name of the conference all the presentations are to do with real world crypto but while bitcoin (for example) is real world, I wanted to choose something that is both real world and mainstream, that the average person uses, and hence choose to blog about "Firefox Sync: Securely Sharing Browser Data" by Brian Warner [1].
The talk was essentially a history of Firefox Sync and how it uses cryptography to provides this desirable functionality but before I go into this I want to recap what Firefox Sync actually provides.
Firefox sync is used to give you access to your Firefox bookmarks, history, tabs and usernames/passwords no matter which one of your multiple devices you are logged onto. This should be a seamless process; I could be browsing a website at work and create an account on it and when I get home this tab should still be open on my laptop with the account details stored on the machine for my use. Now this instantly implies several security concerns, the two major ones being as follows. Firstly no-one else should be able to pretend to be me and have access to my data, and secondly not even the server that is storing my details should be able to read my username and details to my online banking (or any other online account for that matter).
Now that I have recapped what the problem is that is trying to be solved, I will now give the history of Firefox Sync that lead it to be the product it is today.
Pre-2007: This functionality was not provided by Firefox itself (and wasn't even a plug-in) but it was provided by a third-party website. The first problem with this is that it isn't an integrated solution, you would log on to your third-party website of choice and it would display all of the links to your bookmarks. Due to the lack of integration it clearly couldn't do history and tabs, and for reasons that I will explain in a moment, it also doesn't do usernames and passwords. Now a bigger issue than the integration is the issue of security - there is none, everything is stored in the clear. This is why usernames and passwords being stored is clearly a bad idea but even despite this you don't want people to know what your favourite website is to look at photos of cats and thus this solution is not ideal.
2007: Firefox create a plug-in called Weave to provide this functionality. Now that it is integrated, as well as doing bookmarks, it can also do tabs, history and usernames/passwords. Despite being useful to have your history to hand on any device, Firefox having your history has another benefit - it uses this history to train the URL recommendation engine and thus this has its accuracy increased by having access to the history from all of your devices. The major leap forward with this iteration is that this is now all stored encrypted for your account, where you provide a passphrase which is used to generate your encryption key.
2010: Weave trys a new approach to sync devices using J-PAKE [2]. A side effect of this is that the user will no longer have a passphrase that they must create/remember to sync their devices. When the first device is set up it creates a random encryption key to encrypt all the data under (this is not known by the user). When the second (or more) device wants to be synced with the first the following happens; the first device creates a "pairing" key (think bluetooth pairing not elliptic curve pairing) and displays it on the screen. The user then takes this key and types it into the second device at which point the key is used with J-PAKE to sync all the data (including the random secret key generated by the first device) down to this new device. After this has been done the syncing between all devices will be done in the background without any user input.
2011: At this point Weave comes embedded into Firefox and a version for android is now released.
Feedback Phase: This approach turned out to be confusing to most regular users and almost solves a problem that isn't the major one that people have a use for. Instead of using it to sync devices most people were trying to use this as a back-up system for a single machine. They would have it on a single system and when that system dies they would get a replacement and try and get Firefox Sync to bring the data back but of course they can't get a code from the first machine and thus can not retrieve their data...
Q2-2014: The whole of Firefox Sync has an overhaul based on user-feedback. It now works like signing into any other website - each new device you add asks for your username/email and password and logs you on and then will sync all of your data. While this works like people would "expect" it also has its downsides - it trades security in favour of familiarity. Using passwords is inherently less secure, they can be brute forced and if your email is compromise they can wipe all your passwords (thankfully it doesn't give access to all of your other saved passwords/booksmarks) and access all of your bookmarks and other passwords. This version will be released in April this year.
Future Plans: There are (thankfully) plans to release another version that has the option to reuse the pairing option over the standard password option in favour of security. This option is fine for syncing between multiple devices but does not work as a backup solution.
This talk was interesting not due to the technical content but due to seeing how cryptography can be used to solve a problem that is used day to day by millions of people around the world. It was particularly interesting to hear about how the security and primitives had to be adjusted based on the fact that it was not working how the everyday user feels that security products should work.
[1] http://people.mozilla.org/~bwarner/warner-rwc2014/#/
[2] http://en.wikipedia.org/wiki/Password_Authenticated_Key_Exchange_by_Juggling
The talk was essentially a history of Firefox Sync and how it uses cryptography to provides this desirable functionality but before I go into this I want to recap what Firefox Sync actually provides.
Firefox sync is used to give you access to your Firefox bookmarks, history, tabs and usernames/passwords no matter which one of your multiple devices you are logged onto. This should be a seamless process; I could be browsing a website at work and create an account on it and when I get home this tab should still be open on my laptop with the account details stored on the machine for my use. Now this instantly implies several security concerns, the two major ones being as follows. Firstly no-one else should be able to pretend to be me and have access to my data, and secondly not even the server that is storing my details should be able to read my username and details to my online banking (or any other online account for that matter).
Now that I have recapped what the problem is that is trying to be solved, I will now give the history of Firefox Sync that lead it to be the product it is today.
Pre-2007: This functionality was not provided by Firefox itself (and wasn't even a plug-in) but it was provided by a third-party website. The first problem with this is that it isn't an integrated solution, you would log on to your third-party website of choice and it would display all of the links to your bookmarks. Due to the lack of integration it clearly couldn't do history and tabs, and for reasons that I will explain in a moment, it also doesn't do usernames and passwords. Now a bigger issue than the integration is the issue of security - there is none, everything is stored in the clear. This is why usernames and passwords being stored is clearly a bad idea but even despite this you don't want people to know what your favourite website is to look at photos of cats and thus this solution is not ideal.
2007: Firefox create a plug-in called Weave to provide this functionality. Now that it is integrated, as well as doing bookmarks, it can also do tabs, history and usernames/passwords. Despite being useful to have your history to hand on any device, Firefox having your history has another benefit - it uses this history to train the URL recommendation engine and thus this has its accuracy increased by having access to the history from all of your devices. The major leap forward with this iteration is that this is now all stored encrypted for your account, where you provide a passphrase which is used to generate your encryption key.
2010: Weave trys a new approach to sync devices using J-PAKE [2]. A side effect of this is that the user will no longer have a passphrase that they must create/remember to sync their devices. When the first device is set up it creates a random encryption key to encrypt all the data under (this is not known by the user). When the second (or more) device wants to be synced with the first the following happens; the first device creates a "pairing" key (think bluetooth pairing not elliptic curve pairing) and displays it on the screen. The user then takes this key and types it into the second device at which point the key is used with J-PAKE to sync all the data (including the random secret key generated by the first device) down to this new device. After this has been done the syncing between all devices will be done in the background without any user input.
2011: At this point Weave comes embedded into Firefox and a version for android is now released.
Feedback Phase: This approach turned out to be confusing to most regular users and almost solves a problem that isn't the major one that people have a use for. Instead of using it to sync devices most people were trying to use this as a back-up system for a single machine. They would have it on a single system and when that system dies they would get a replacement and try and get Firefox Sync to bring the data back but of course they can't get a code from the first machine and thus can not retrieve their data...
Q2-2014: The whole of Firefox Sync has an overhaul based on user-feedback. It now works like signing into any other website - each new device you add asks for your username/email and password and logs you on and then will sync all of your data. While this works like people would "expect" it also has its downsides - it trades security in favour of familiarity. Using passwords is inherently less secure, they can be brute forced and if your email is compromise they can wipe all your passwords (thankfully it doesn't give access to all of your other saved passwords/booksmarks) and access all of your bookmarks and other passwords. This version will be released in April this year.
Future Plans: There are (thankfully) plans to release another version that has the option to reuse the pairing option over the standard password option in favour of security. This option is fine for syncing between multiple devices but does not work as a backup solution.
This talk was interesting not due to the technical content but due to seeing how cryptography can be used to solve a problem that is used day to day by millions of people around the world. It was particularly interesting to hear about how the security and primitives had to be adjusted based on the fact that it was not working how the everyday user feels that security products should work.
[1] http://people.mozilla.org/~bwarner/warner-rwc2014/#/
[2] http://en.wikipedia.org/wiki/Password_Authenticated_Key_Exchange_by_Juggling
No comments:
Post a Comment