[enhancement] Validation Service & Agent with Double Challenges #447
Description
[enhancement] Validation Service & Agent
- Separated from [integrity.js][WIP] Optional double encryption for integrity #310 to show the updated status
- In addition to the above description, more robust security is achieved via double challanges that minimize the lifetime of the secret keys, which attackers would try to steal.
Shortened Lifetime of Keys
| Version | 0.4.0-alpha.62 | Design at #310 | Design at this issue with Double Challenges |
|---|---|---|---|
| htmlHash lifetime | > 4 weeks | > 4 weeks | several seconds |
| _traverse browserHash lifetime | 4 weeks (not used) |
4 weeks | several seconds |
| Connect browserHash lifetime | 4 weeks (not used) |
4 weeks | one time |
- The lifetime of 4 weeks is the release cycle of major version browsers
- htmlHash without challenges is constant for the same web app version
- While a browserHash is generally consistent across a single major version, minor version updates can sometimes trigger changes. I therefore group these minor versions into "browser classes" that share a consistent hash per challenge value. This approach enables the system to validate hashes for previously unseen minor versions. (Note: "Class" here denotes a classification or category, distinct from the OOP definition.) ※本項目はAIレビューにより更改済み。厳密だけどのっぺりした力強くない表現だったのに、これが言いたかったんだよという表現に明確に近付けることができました。You do not have to translate this note in Japanese to understand this item.
Status Summary - Design and Implementation in Progress
- Validation with double challenges - basic features are working but error handling is fragile
- Selection of challenge1 whose browserHash has been calculated via Agent browser
- Generation and handing of challange2 on each user request
- Agent with challenge1 (1st challenge) - basic features are working but error handling is fragile
- Validation X (The compoent name is subject to change) - prototyping in progress
- Different features in addition to agent scheduling are being considered
Feature Summary
Threat Models
- Replay Attacks
- Memory Scan Attacks
- MITM Attacks
- Man-in-the-Browser Attacks
- Social Engineering Attacks
Main Features
- Validation of browsers via challenges to make the lifetime of the secret keys as short as possible
- Validation Agent browsers to automatically generate the keys
- More robustness against different attack vectors
- TBD
Expected Components
- Integrity Service (integrityService.js) - enhanced to support validation of browsers
- Validation Service (validationService.js) - implemented as an HTTP/2 server with node:http2 (not spdy)
- [NEW] Agent Client - launch the app page in a new tab to generate new keys
- TBD
Detailed Status
- TBD