An Introduction to PASETO Tokens

Slide 1

Slide 1 text

@rdegges @oktadev PASETO Tokens An Introduction to platform agnostic security tokens

Slide 2

Slide 2 text

@rdegges @oktadev Chief Hacker @okta python/js/go hacker builder open source author Hi, I'm Randall.

Slide 3

Slide 3 text

@rdegges @oktadev What's PASETO? P { "id": "a5db284d-d22c-4a3d-b67e-60776fc24526", "email": "r@rdegges.com", "permissions": [ "download:file-a.mp4", "download:file-b.mp4", "download:file-c.mp4" ] } Randall Degges PASETOs are always authenticated.

Slide 4

Slide 4 text

@rdegges @oktadev What are cryptographic signatures? Greetings, I am writing to inform you that you are the great grandson of a very wealthy king. I've been attempting to contact you to transfer your inheritance. Please send me your bank account details so I can initiate the transfer ASAP. Sincerely yours, Randall Degges I know who Randall is. I know what his signature looks like. I trust him. Therefore, I trust this information.

Slide 5

Slide 5 text

@rdegges @oktadev What are PASETOs for? Proving that JSON data can be trusted. { "name": "Randall Degges", "height": "6'0", "eyeColor": "brown" } single-use only short duration P

Slide 6

Slide 6 text

@rdegges @oktadev What does a PASETO look like? P v2.public.eyJpZCI6ICJjNDQ1NDY1Mi05NWExLTQ2MzktODA0Y y0yZjc2MTVhNGMwMjciLCAibmFtZSI6ICJSYW5kYWxsIERlZ2dl cyIsICJleHAiOiAiMjAxOS0xMC0xMFQxMTowNDozNS0wNzowMCJ 9rUy35ian_44WAlMLVi5Wk4GGvDlmCpEWkldn1CH3RgLfo-VUWm xC9EPTBY8l0uoomavACbAIoo1OiGVNMew1Bw.eyJraWQiOiAiMT IzNDUifQ base64-encoded URL safe!

Slide 7

Slide 7 text

Slide 8

Slide 8 text

Slide 9

Slide 9 text

Slide 10

Slide 10 text

Slide 11

Slide 11 text

@rdegges @oktadev What's inside a PASETO? P { "id": "a5db284d-d22c-4a3d-b67e-60776fc24526", "email": "r@rdegges.com", "permissions": [ "download:file-a.mp4", "download:file-b.mp4", "download:file-c.mp4" ] } claims

Slide 12

Slide 12 text

@rdegges @oktadev key name type example iss Issuer string {"iss": "okta.com"} sub Subject string {"sub": "test"} aud Audience string {"aud": "okta.com"} exp Expiration DateTime {"exp": "2019-10-31T00:00:00+00:00"} nbf Not Before DateTime {"nbf": "2019-10-31T00:00:00+00:00"} iat Issued At DateTime {"iat": "2019-10-31T00:00:00+00:00"} jti Token ID string {"jti": "ac478bc0-c73a-4a2c-8f00-186456cf8d88") kid Key-ID string {"kid": "stored in footer"} Who created the token? When does the token expire? When was the token created?

Slide 13

Slide 13 text

@rdegges @oktadev What are the different types of PASETOs? P P local public symmetric shared key simple asymmetric public key complicated encrypted not encrypted

Slide 14

Slide 14 text

@rdegges @oktadev How do local PASETOs work? v2.local.vB7daJlQOL5sY8mQa_FWb6ZYbkNi8yeRqI-DCFNEPTYEu7ItQH MMM5jzD_fw-G7l-AXJRBj3E9jxx9-JS5eG436WGUn03zYp2nuV3PVqppEyR P9LoZ1TTBREhR182NRcNYqUkM8FfazWegWcLc1gSzFXx0Kge4U7XHtAlliT rR8p09hH6qVpqAsgMdp00ao66JX_mxlEjkL3y784CoAK-gyy_ZZ1WzAvYAj QApl859RxnB9uLMpb-VURmetmrw9sC_Iw27to46ulTcMxx_KoSBem9eSG5M 4bvNQC5YFeDLIM2HXDf35YIo50.eyJraWQiOiAiMTIzNDUifQ secret_key { json } fuck The secret_key is needed to both encrypt and decrypt the PASETO.

Slide 15

Slide 15 text

@rdegges @oktadev How do I use local PASETOs? www. P secret_key dl. { "purchaseID": "1234567", "permissions": [ "download:video1.mp4", "download:video2.mp4", "download:video3.mp4" ] } ?token=v2.local.xxx& file=video1.mp4 - Parse URL params - Decrypt token - Verify purchaseID - Verify permissions - Stream ﬁle to user video1.mp4 I want to download video1.mp4. secret_key - Validate request - Generate PASETO - Redirect

Slide 16

Slide 16 text

@rdegges @oktadev How do public PASETOs work? v2.public.vB7daJlQOL5sY8mQa_FWb6ZYbkNi8yeRqI-DCFNEPTYEu7ItQ HMMM5jzD_fw-G7l-AXJRBj3E9jxx9-JS5eG436WGUn03zYp2nuV3PVqppEy RP9LoZ1TTBREhR182NRcNYqUkM8FfazWegWcLc1gSzFXx0Kge4U7XHtAlli TrR8p09hH6qVpqAsgMdp00ao66JX_mxlEjkL3y784CoAK-gyy_ZZ1WzAvYA jQApl859RxnB9uLMpb-VURmetmrw9sC_Iw27to46ulTcMxx_KoSBem9eSG5 M4bvNQC5YFeDLIM2HXDf35YIo50.eyJraWQiOiAiMTIzNDUifQ private key { json } I can see the data. The private key is needed to create the PASETO. The public key is need to validate the PASETO. public key

Slide 17

Slide 17 text

@rdegges @oktadev How do I use public PASETOs? website P public_key authorization server private_key public_key { "userID": "1234567" } I'd like to log in. - Authenticate the user - Generate a PASETO - Redirect the user back to the website ?token=v2.public.xxx - Parse the token out of the URL - Validate the token - Create a secure session using server-side session management

Slide 18

Slide 18 text

@rdegges @oktadev Why are PASETOs better than JWTs?

Slide 19

Slide 19 text

@rdegges @oktadev What's wrong with JWTs? Allows poor cryptography choices - RSA w/ PKCS #1v1.5 padding - RSA w/ OAEP Padding - Elliptic Curve Diffie-Hellman (ECDH) using Weierstrass curves - AES-GCM They're widely misused. Force implementations to strictly process the alg header. This causes forgery issues. Vulnerable to a padding oracle attack. Cryptographers recommend migrating away from RSA. Introduces risk of invalid-curve attacks that allow attackers to steal your secret keys. This is the wrong type of cryptography entirely. Using symmetric encryption when asymetric is needed.

Slide 20

Slide 20 text

@rdegges @oktadev Try PASETO! P paseto.io read the RFC ﬁnd developer libraries discover articles

Slide 21

Slide 21 text

@rdegges @oktadev Thank You rdegges.com developer.okta.com