Tweet
Tweet

Slide 1

Slide 1 text

zero-knowledge web application turning cloud privacy upside-down clipperz Giulio Cesare SOLAROLI [email protected] jse2011 - Paris, January 20 2011 Thursday, January 20, 2011 how JavaScript may help

Slide 2

Slide 2 text

clipperz project Thursday, January 20, 2011

Slide 3

Slide 3 text

clipperz project store (and share) personal data Thursday, January 20, 2011

Slide 4

Slide 4 text

clipperz project store (and share) personal data •reliable Thursday, January 20, 2011

Slide 5

Slide 5 text

clipperz project store (and share) personal data •reliable •secure Thursday, January 20, 2011

Slide 6

Slide 6 text

clipperz project store (and share) personal data •reliable •secure •convenient Thursday, January 20, 2011

Slide 7

Slide 7 text

reliable Thursday, January 20, 2011

Slide 8

Slide 8 text

reliable the “cloud” is definitely the most reliable way to store data Thursday, January 20, 2011

Slide 9

Slide 9 text

secure Thursday, January 20, 2011

Slide 10

Slide 10 text

secure “host proof hosting” Thursday, January 20, 2011

Slide 11

Slide 11 text

secure “host proof hosting” concept defined around 2005 to merge the reliability of cloud based storage and the security achievable using cryptography Thursday, January 20, 2011

Slide 12

Slide 12 text

convenient Thursday, January 20, 2011

Slide 13

Slide 13 text

convenient since GMail, convenient means “web based” Thursday, January 20, 2011

Slide 14

Slide 14 text

convenient since GMail, convenient means “web based” •nothing to install Thursday, January 20, 2011

Slide 15

Slide 15 text

convenient since GMail, convenient means “web based” •nothing to install •nothing to configure Thursday, January 20, 2011

Slide 16

Slide 16 text

clipperz project Thursday, January 20, 2011

Slide 17

Slide 17 text

clipperz project Thatʼs easy Thursday, January 20, 2011

Slide 18

Slide 18 text

clipperz project Thatʼs easy, isnʼt it? Thursday, January 20, 2011

Slide 19

Slide 19 text

clipperz project Thatʼs easy almost! , isnʼt it? Thursday, January 20, 2011

Slide 20

Slide 20 text

clipperz project Thatʼs easy almost! the devil hides in the details , isnʼt it? Thursday, January 20, 2011

Slide 21

Slide 21 text

clipperz challenges Thursday, January 20, 2011

Slide 22

Slide 22 text

clipperz challenges achieve convenience Thursday, January 20, 2011

Slide 23

Slide 23 text

clipperz challenges achieve convenience keeping the system secure Thursday, January 20, 2011

Slide 24

Slide 24 text

clipperz challenges achieve convenience keeping the system secure •never trade security for convenience Thursday, January 20, 2011

Slide 25

Slide 25 text

clipperz challenges achieve convenience keeping the system secure •never trade security for convenience •being paranoid “only the paranoid survive” Thursday, January 20, 2011

Slide 26

Slide 26 text

cryptography very short compendium Thursday, January 20, 2011

Slide 27

Slide 27 text

cryptography Thursday, January 20, 2011

Slide 28

Slide 28 text

symmetric encryption scheme cryptography Thursday, January 20, 2011

Slide 29

Slide 29 text

symmetric encryption scheme •message cryptography Thursday, January 20, 2011

Slide 30

Slide 30 text

symmetric encryption scheme •message •algorithm cryptography Thursday, January 20, 2011

Slide 31

Slide 31 text

symmetric encryption scheme •message •algorithm •secret key cryptography Thursday, January 20, 2011

Slide 32

Slide 32 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 33

Slide 33 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 34

Slide 34 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 35

Slide 35 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 36

Slide 36 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 37

Slide 37 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 38

Slide 38 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 39

Slide 39 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 40

Slide 40 text

cryptography symmetric encryption Thursday, January 20, 2011

Slide 41

Slide 41 text

application anatomy Thursday, January 20, 2011

Slide 42

Slide 42 text

application anatomy zero-knowledge web app Thursday, January 20, 2011

Slide 43

Slide 43 text

application anatomy zero-knowledge web app aka host proof app Thursday, January 20, 2011

Slide 44

Slide 44 text

application anatomy zero-knowledge web app aka host proof app •verifiable codebase Thursday, January 20, 2011

Slide 45

Slide 45 text

application anatomy zero-knowledge web app aka host proof app •verifiable codebase •no tampering Thursday, January 20, 2011

Slide 46

Slide 46 text

application anatomy zero-knowledge web app aka host proof app •verifiable codebase •no tampering •wise password handling Thursday, January 20, 2011

Slide 47

Slide 47 text

verifiable codebase Thursday, January 20, 2011

Slide 48

Slide 48 text

verifiable codebase •all source code available for inspection https://github.com/clipperz Thursday, January 20, 2011

Slide 49

Slide 49 text

verifiable codebase •all source code available for inspection https://github.com/clipperz •app served as a single, static, HTML file Thursday, January 20, 2011

Slide 50

Slide 50 text

verifiable codebase •all source code available for inspection https://github.com/clipperz •app served as a single, static, HTML file •browsers do not support checksum verification #fail Thursday, January 20, 2011

Slide 51

Slide 51 text

no tampering Thursday, January 20, 2011

Slide 52

Slide 52 text

no tampering application code should not be modifiable by any data returned by the server Thursday, January 20, 2011

Slide 53

Slide 53 text

no tampering application code should not be modifiable by any data returned by the server •javascript is very dynamic Thursday, January 20, 2011

Slide 54

Slide 54 text

no tampering application code should not be modifiable by any data returned by the server •javascript is very dynamic •eval(…) is your enemy here Thursday, January 20, 2011

Slide 55

Slide 55 text

password handling Thursday, January 20, 2011

Slide 56

Slide 56 text

password handling password should never be sent to server Thursday, January 20, 2011

Slide 57

Slide 57 text

password handling password should never be sent to server •SRP authentication Thursday, January 20, 2011

Slide 58

Slide 58 text

password handling password should never be sent to server •SRP authentication •only verifiers are stored and exchanged Thursday, January 20, 2011

Slide 59

Slide 59 text

security tradeoffs Thursday, January 20, 2011

Slide 60

Slide 60 text

security tradeoffs features Thursday, January 20, 2011

Slide 61

Slide 61 text

security tradeoffs features security Thursday, January 20, 2011

Slide 62

Slide 62 text

security tradeoffs features security Thursday, January 20, 2011

Slide 63

Slide 63 text

security tradeoffs features security Thursday, January 20, 2011

Slide 64

Slide 64 text

being paranoid Thursday, January 20, 2011

Slide 65

Slide 65 text

being paranoid clipperz does not store neither the password, Thursday, January 20, 2011

Slide 66

Slide 66 text

being paranoid clipperz does not store neither the password, nor the username Thursday, January 20, 2011

Slide 67

Slide 67 text

being paranoid clipperz does not store neither the password, nor the username •users can still login! #ftw Thursday, January 20, 2011

Slide 68

Slide 68 text

being paranoid clipperz does not store neither the password, nor the username •users can still login! #ftw •multiple accounts can share the same username! #wtf Thursday, January 20, 2011

Slide 69

Slide 69 text

features?! Thursday, January 20, 2011

Slide 70

Slide 70 text

features?! password manager Thursday, January 20, 2011

Slide 71

Slide 71 text

features?! password manager playground to test how far this architecture could go Thursday, January 20, 2011

Slide 72

Slide 72 text

features?! password manager playground to test how far this architecture could go • features Thursday, January 20, 2011

Slide 73

Slide 73 text

features?! password manager playground to test how far this architecture could go • features • convenience Thursday, January 20, 2011

Slide 74

Slide 74 text

features?! password manager playground to test how far this architecture could go • features • convenience • reliability Thursday, January 20, 2011

Slide 75

Slide 75 text

features!! Thursday, January 20, 2011

Slide 76

Slide 76 text

features!! direct logins Thursday, January 20, 2011

Slide 77

Slide 77 text

features!! direct logins one-click access to most sites #ftw Thursday, January 20, 2011

Slide 78

Slide 78 text

features!! direct logins one-click access to most sites ✘ some #cool ✓ Thursday, January 20, 2011

Slide 79

Slide 79 text

features!! Thursday, January 20, 2011

Slide 80

Slide 80 text

features!! one time password Thursday, January 20, 2011

Slide 81

Slide 81 text

features!! one time password access your data without typing your password Thursday, January 20, 2011

Slide 82

Slide 82 text

features!! one time password access your data without typing your password great for using clipperz from an internet caffè Thursday, January 20, 2011

Slide 83

Slide 83 text

features!! Thursday, January 20, 2011

Slide 84

Slide 84 text

features!! offline copy Thursday, January 20, 2011

Slide 85

Slide 85 text

features!! offline copy full application (including your own data) packed into a single html file Thursday, January 20, 2011

Slide 86

Slide 86 text

features!! offline copy full application (including your own data) packed into a single html file no external resources used Thursday, January 20, 2011

Slide 87

Slide 87 text

features!! Thursday, January 20, 2011

Slide 88

Slide 88 text

hidden features!! Thursday, January 20, 2011

Slide 89

Slide 89 text

hidden features!! hashcash Thursday, January 20, 2011

Slide 90

Slide 90 text

hidden features!! hashcash avoid bots access without bothering users with nasty capcha puzzles Thursday, January 20, 2011

Slide 91

Slide 91 text

odd side effects!! Thursday, January 20, 2011

Slide 92

Slide 92 text

odd side effects!! no page reload Thursday, January 20, 2011

Slide 93

Slide 93 text

odd side effects!! no page reload otherwise credential values are lost, and the user needs to type them in again #fail Thursday, January 20, 2011

Slide 94

Slide 94 text

odd side effects!! Thursday, January 20, 2011

Slide 95

Slide 95 text

odd side effects!! no fancy web-2.0 mash-ups Thursday, January 20, 2011

Slide 96

Slide 96 text

odd side effects!! no fancy web-2.0 mash-ups difficult to integrate into other products without relaxing security concerns Thursday, January 20, 2011

Slide 97

Slide 97 text

odd side effects!! no fancy web-2.0 mash-ups difficult to integrate into other products without relaxing security concerns and we are paranoid! Thursday, January 20, 2011

Slide 98

Slide 98 text

clipperz http://www.clipperz.com [email protected] THANKS Thursday, January 20, 2011