Skip to content

Implementation

Jump to bottom
David Fialho edited this page Jan 4, 2017 · 18 revisions

What did we use to implement Group Bank and why?

Web Technologies

Group Bank is a web application developed using the Django Web framework. We chose Django for four reasons: first, easy of development, we were already familiar with the framework and we felt very comfortable using it; second, its extensive and detailed documentation; third, it is fast; and fourh, security, Django provides some functions that help developers avoid many common security mistakes, such as SQL injection, cross-site scripting, cross-site request forgery and clickjacking. In part we also chose Django because we wanted to develop with Python and Django is the de facto standard Web framework for Python. Python is a very articulated language that allows for easy development and quick deployment.

Security technologies

Our communication protocol is based on two standard technologies: RSA and TLS. RSA is used to authenticate the users and to sign records such as an Invite or an UOMe. TLS is used to encrypt the communication between each component in the system. Since all communication is made using the HTTP protocol, we may refer to the pair as HTTPS.

TLS/HTTPS

HTTPS is the standard protocol used in every web application.

RSA (Rivest-Shamir-Adleman)

RSA is an asymmetric cryptosystem. It uses two different but mathematically linked keys, one public and one private. The public key can be shared with everyone, whereas the private key must be kept secret. In RSA cryptography, both the public and the private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it. This attribute is one reason why RSA has become the most widely used asymmetric algorithm: It provides a method of assuring the confidentiality, integrity, authenticity and non-reputability of electronic communications and data storage. Here we use RSA for two different purposes: authentication and non-repudiation.

We rely on digital signatures to authenticate users and to prevent entities from repudiating some of their activity. For actions like invitations, registrations, and transactions signatures of the entities involved are kept to avoid non-repudiation. Consequently, we should guarantee that signing and verifying is done correctly. Although the algorithm used to sign a messsage and verify the signature is the same as for encrypting and decrypting, there are very important differences between the two processes. First of all, you sign the hash of the message and not the message itself, opposed to encrypting where you encrypt the actual message. Consequently, to verify have to have the message itself and compute its hash value, then decrypt the signature and compare the hash of the message with the result of the decryption. To summarize:

Signing:

  1. you have the message: m
  2. you compute the hash of the message: hash(m)
  3. and sign by encrypting the hash: signature = encrypt(hash(m))

Verifying:

  1. you need to have the actual message: m
  2. you compute the hash of the message: h = hash(m)
  3. you decrypt the signature: s = decrypt(signature)
  4. and then compare the result with the hash of the message: is h == s?

Practical RSA implementations typically embed some form of structured, randomized padding into the value the message m before encrypting/signing it. This padding ensures that m does not fall into the range of insecure plaintexts, and that a given message, once padded, will encrypt to one of a large number of different possible ciphertexts. Once again, the padding scheme used for signing/verifying is different from the one used for encrypting/decrypting.

Used cryptographic protocols

  • HTTPS: all the involved communications use HTTPS to encrypt the traffic. In this way, confidentiality of the exchanged information is ensured and man-in-the-middle attacks are prevented. HTTPS provides also protection against replay attacks (TODO: all kind of replay attacks? Should I describe the mechanisms used? Can't find any information)
  • RSA: algorithm used to generate asymmetric key pairs of 2048 bits. Asymmetric keys are used for authenticating messages sent by the involved entities by means of signatures. To protect the integrity of the signatures an hashing algorithm (TODO: SHA2?) is used to hash the signed message.

As mention in the Protocol the communication between the client an both the group and main servers is always secured using HTTPS. section

  • Django
  • Python
    • memory safe
  • RSA
    • cryptographic library
    • how do we sign
  • Desktop application
    • native application
    • removes all security issues relative to javascript and a browser
  • HTTPS
  1. Problem and Solution Concept
  2. Introduction
  3. Usage Scenario
  4. What are groups?
  5. Architecture
  6. Goals and Principals
  7. Keeping Information Private
  8. User Authentication
  9. Non-Repudiation
  10. Protocol
  11. User Registration
  12. Group Server Registration
  13. Managing UOMes
  14. Other Requests
  15. Implementation
  16. Web Technologies
  17. SQL Injection
  18. Security Technologies
  19. TLS/HTTPS
  20. RSA
  21. Client application
  22. Request Formats
  23. Main/Group Server Setup
  24. Proxy Server Setup
Clone this wiki locally