Strengthening Authentication and Integrity in Web Applications

Doctoral Thesis

Abstract

Web applications have become one of the most common ways of providing access to online information and services. People use their desktop or mobile browsers to surf the web and perform a wide range of functions, as well as store and access their ever growing personal digital data. The popularity, importance and versatility of web applications comes at a cost though, as they naturally attract the interest of malicious actors. Web application breaches expose sensitive data and incur significant financial and reputation losses to the affected parties. It is, therefore, necessary to adequately secure web applications, and shield them from malicious intent.

In this thesis we consider authentication on the web which constitutes a vital aspect of web application security. We consider three main pillars of authentication, namely client authentication, server authentication, and data authenticity and integrity protection.

In the first part, we propose Sound-Proof, a two-factor authentication scheme for web logins. Sound-Proof leverages short audio recordings to verify the proximity of the user’s phone to the computer on which the login is taking place. Sound-Proof is transparent to the user, as it does not require any user-phone interaction, resembling the behavior of password-only authentication. It is, moreover, readily deployable, requiring no additional software or browser plugins on the user’s computer.

In the second part, we consider TLS MITM attacks where the attacker impersonates the legitimate web server to the user, with the goal of impersonating the user to the server and compromise the user’s account. We show why the recently proposed client authentication based on TLS Channel IDs, as well as client web authentication in general, cannot fully prevent such attacks. We then show how combining strong client authentication with the concept of server invariance can protect against such attacks. We design a novel mechanism called SISCA (Server Invariance with Strong Client Authentication) and show how it can be realized in practice.

In the third part, we propose Verena, a web application platform that provides end-to-end integrity guarantees, under full server compromise. In Verena web clients can verify the integrity of a webpage by verifying the results of queries on data stored at the server. Verena provides correctness, completeness and freshness for a common set of database queries by relying on a small trusted computing base. Verena enables a developer to specify an integrity policy for query results based on our notion of trust contexts and enforces this policy efficiently.

People

Dr. Nikolaos Karapanos
Doctoral Student (2012 – 2018)
CTO, Futurae Technologies AG

BibTex

@PHDTHESIS{karapanos2018strengthening,
	copyright = {In Copyright - Non-Commercial Use Permitted},
	year = {2018},
	type = {Doctoral Thesis},
	author = {Karapanos, Nikolaos},
	size = {226 p.},
	abstract = {Web applications have become one of the most common ways of providing access to online information and services. People use their desktop or mobile browsers to surf the web and perform a wide range of functions, as well as store and access their ever growing personal digital data. The popularity, importance and versatility of web applications comes at a cost though, as they naturally attract the interest of malicious actors. Web application breaches expose sensitive data and incur significant financial and reputation losses to the affected parties. It is, therefore, necessary to adequately secure web applications, and shield them from malicious intent.In this thesis we consider authentication on the web which constitutes a vital aspect of web application security. We consider three main pillars of authentication, namely client authentication, server authentication, and data authenticity and integrity protection.In the first part, we propose Sound-Proof, a two-factor authentication scheme for web logins. Sound-Proof leverages short audio recordings to verify the proximity of the user's phone to the computer on which the login is taking place. Sound-Proof is transparent to the user, as it does not require any user-phone interaction, resembling the behavior of password-only authentication. It is, moreover, readily deployable, requiring no additional software or browser plugins on the user's computer.In the second part, we consider TLS MITM attacks where the attacker impersonates the legitimate web server to the user, with the goal of impersonating the user to the server and compromise the user's account. We show why the recently proposed client authentication based on TLS Channel IDs, as well as client web authentication in general, cannot fully prevent such attacks. We then show how combining strong client authentication with the concept of server invariance can protect against such attacks. We design a novel mechanism called SISCA (Server Invariance with Strong Client Authentication) and show how it can be realized in practice.In the third part, we propose Verena, a web application platform that provides end-to-end integrity guarantees, under full server compromise. In Verena web clients can verify the integrity of a webpage by verifying the results of queries on data stored at the server. Verena provides correctness, completeness and freshness for a common set of database queries by relying on a small trusted computing base. Verena enables a developer to specify an integrity policy for query results based on our notion of trust contexts and enforces this policy efficiently.},
	keywords = {Computer security; Web security; Authentication; Integrity},
	language = {en},
	address = {Zurich},
	publisher = {ETH Zurich},
	DOI = {10.3929/ethz-b-000279542},
	title = {Strengthening Authentication and Integrity in Web Applications},
	school = {ETH Zurich}
}

Research Collection: 20.500.11850/279542