Italo Dacosta
Abstract
HTTP cookies are the de facto mechanism for session authentication in Web applications. However, their inherent security weaknesses allow attacks against the integrity of Web sessions. HTTPS is often recommended to protect cookies, but deploying full HTTPS support can be challenging due to performance and financial concerns, especially for highly distributed applications. Moreover, cookies can be exposed in a variety of ways even when HTTPS is enabled. In this article, we propose one-time cookies (OTC), a more robust alternative for session authentication. OTC prevents attacks such as session hijacking by signing each user request with a session secret securely stored in the browser. Unlike other proposed solutions, OTC does not require expensive state synchronization in the Web application, making it easily deployable in highly distributed systems. We implemented OTC as a plug-in for the popular WordPress platform and as an extension for Firefox and Firefox for mobile browsers. Our extensive experimental analysis shows that OTC introduces a latency of less than 6 ms when compared to cookies—a negligible overhead for most Web applications. Moreover, we show that OTC can be combined with HTTPS to effectively add another layer of security to Web applications. In so doing, we demonstrate that one-time cookies can significantly improve the security of Web applications with minimal impact on performance and scalability.
- Adida, B. 2007. Beamauth: Two-factor Web authentication with a bookmark. In Proceedings of the ACM Conference on Computer and Communications Security (CCS). ACM, New York. Google Scholar
Digital Library
- Adida, B. 2008. Sessionlock: Securing Web sessions against eavesdropping. In Proceedings of the ACM International Conference on World Wide Web (WWW). ACM, New York. Google ScholarDigital Library
- Barth, A. 2011. RFC 6265. HTTP state management mechanism. https://tools.ietf.org/html/rfc6265.Google Scholar
- Blanchet, B. ProVerif: Cryptographic protocol verifier in the formal model. http://www.proverif.ens.fr/.Google Scholar
- Blanchet, B. 2001. An efficient cryptographic protocol verifier based on Prolog rules. In Proceedings of the IEEE Workshop on Computer Security Foundations (CSFW). IEEE, Los Alamitos, CA. Google ScholarDigital Library
- Blundo, C., Cimato, S., and Prisco, R. D. 2005. A lightweight approach to authenticated Web caching. In Proceedings of the Symposium on Applications and the Internet. Google ScholarDigital Library
- Bortz, A., Barth, A., and Czeskis, A. 2011. Origin cookies: Session integrity for Web applications. In Proceedings of the Web 2.0 Security and Privacy Workshop (W2SP).Google Scholar
- BUDDYPRESS. BuddyPress.org. http://buddypress.org/.Google Scholar
- Butler, E. Firesheep. http://codebutler.com/firesheep.Google Scholar
- Chan, M. 2011. China and Google: A detailed look. http://blogs.aljazeera.net/asia/2011/03/23/china-and-google-detailed-look.Google Scholar
- Chen, S., Mao, Z., Wang, Y.-M., and Zhang, M. 2009. Pretty-bad-proxy: An overlooked adversary in Browsers' HTTPS deployments. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA. Google ScholarDigital Library
- Choi, T. and Gouda, M. G. 2011. HTTPI: An HTTP with integrity. In Proceedings of the International Conference on Computer Communications and Networks (ICCCN).Google Scholar
- Close, T. 1999. Waterken server: Capability-based security for the Web. http://waterken.sourceforge.net/.Google Scholar
- Coarfa, C., Druschel, P., and Wallach, D. S. 2006. Performance analysis of TLS Web servers. ACM Trans. Comput. Syst. 24, 1. Google ScholarDigital Library
- COMSCORE. 2011. Smartphones and tablets drive nearly 7 percent of total U.S. digital Traffic. http://www.comscore.com/Press_Events/Press_Releases/2011/10/Smartphones_and_Tabets_Drive_Nearly _7_Percent_of_Total_U.S._Digital_Traffic.Google Scholar
- Constantin, L. 2010. XSS Attack on Twitter subdomain allowed for complete session hijacking. http://news.softpedia.com/news/XSS-Attack-on-Twitter-Subdomain-Allowed-Full-Session-Hijacking-148240.shtml.Google Scholar
- Cross, T. 2009. Stealing cookies with SSL renegotiation. http://blogs.iss.net/archive/stealingcookieswiths. html.Google Scholar
- Dolev, D. and Yao, A. 1983. On the security of public key protocols. IEEE Trans. Inf. Theor. 29, 2, 198--208. Google ScholarDigital Library
- Electronic Frontier Foundation. HTTPS everywhere. https://www.eff.org/https-everywhere.Google Scholar
- Elizabeth Woyke. 2011. Automatic Wi-Fi offloading coming to U.S. carriers. http://www.forbes.com/sites/elizabethwoyke/2011/04/22/automatic-wi-fi-offloading-coming-to-u-s-carriers/.Google Scholar
- Fielding, R. T. 2000. Architectural styles and the design of network-based software architectures. Ph.D. dissertation, University of California, Irvine. Google ScholarDigital Library
- FIREBUG. Firebug: Web development evolved. https://getfirebug.com/.Google Scholar
- Fu, K., Sit, E., Smith, K., and Feamster, N. 2001. Dos and don'ts of client authentication on the Web. In Proceedings of the USENIX Security Symposium. Google ScholarDigital Library
- Galperin, E. 2011. Microsoft shuts off HTTPS in Hotmail for over a dozen countries. https://www.eff.org/deeplinks/2011/03/microsoft-shuts-https-hotmail-over-dozen-countries.Google Scholar
- Goodin, D. 2009. Newfangled cookie attack steals/poisons website creds. http://www.theregister.co.uk/2009/11/04/website_cookie_stealing/print.html.Google Scholar
- Goodin, D. 2010. Hotmail always-on crypto breaks Microsoft's own apps. http://www.theregister.co.uk/2010/11/10/lame_hotmail_encryption/.Google Scholar
- Graham, R. 2007. SideJacking with Hamster. http://erratasec.blogspot.com/2007/08/sidejacking-with-hamster_05.html.Google Scholar
- Grossman, J. 2003. Cross-site tracing (XST). http://www.cgisecurity.com/whitehatmirror/WhitePaper screen.pdf.Google Scholar
- Hodges, J., Jackson, C., and Barth, A. 2010. HTTP strict transport security (HSTS). http://tools.ietf.org/html/draft-hodges-strict-transport-sec-02.Google Scholar
- Jackson, C. and Barth, A. 2008. Forcehttps: Protecting high-security Web sites from network attacks. In Proceeding of the ACM International Conference on the World Wide Web (WWW). ACM, New York. Google ScholarDigital Library
- Jehiah. 2006. XSS - Stealing cookies 101. http://jehiah.cz/a/xss-stealing-cookies-101.Google Scholar
- Juels, A., Jakobsson, M., and Jagatic, T. 2006. Cache cookies for browser authentication (extended abstract). In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA. Google ScholarDigital Library
- Koch, A. 2011. DroidSheep. http://droidsheep.de/.Google Scholar
- Kolsek, M. 2007. Session fixation vulnerability in Web-based applications. http://www.acrossecurity.com/papers/session_fixation.pdf.Google Scholar
- Kristol, D. and Montulli, L. 1997. RFC 2109 - HTTP state management mechanism. http://tools.ietf.org/html/rfc2109. Google ScholarDigital Library
- Kristol, D. and Montulli, L. 2000. RFC 2965 - HTTP state management mechanism. Google ScholarDigital Library
- Leyden, J. 2011. AmEx “debug mode left site wide open,” says hacker. http://www.theregister.co.uk/.2011/10/07/amex_website_security_snafu/print.html.Google Scholar
- Liu, A., Kovacs, J., and Gouda, M. 2005. A secure cookie protocol. In Proceedings of the International Conference on Computer Communications and Networks (ICCCN).Google Scholar
- Mitchell, S. 2004. Understanding ASP.NET view state. http://msdn.microsoft.com/en-us/library/ms 972976.aspx.Google Scholar
- Mosberger, D. and Jin, T. 1998. httperf - A tool for measuring Web server performance. ACM SIGMETRICS Perform. Eval. Rev. 26, 3, 31--37. Google ScholarDigital Library
- M'raihi, D., Bellare, M., Hoornaert, F., Naccache, D., and Ranen, O. 2005. RFC 4226 - HOTP: An HMAC-based one-time password algorithm. http://tools.ietf.org/html/rfc4226.Google ScholarCross Ref
- Neuman, C., Yu, T., Hartman, S., and Raeburn, K. 2005. RFC 4120 - The Kerberos network authentication service (V5). http://tools.ietf.org/html/rfc4120.Google Scholar
- Park, J. S. and Sandhu, R. 2000. Secure cookies on the Web. IEEE Internet Comput. 4, 36--44. Google ScholarDigital Library
- Ponurkiewicz, B. 2011. FaceNiff. http://faceniff.ponury.net/.Google Scholar
- Prandini, M., Ramilli, M., Cerroni, W., And Callegati, F. 2010. Splitting the HTTPS stream to attack secure Web connections. IEEE Security Privacy 8, 80--84. Google ScholarDigital Library
- Prince, B. 2010. Google moves encrypted Web search. http://www.eweek.com/c/a/Security/Google-Moves-Encrypted-Web-Search-668624/.Google Scholar
- Reis, C., Gribble, S. D., Kohno, T., and Weaver, N. C. 2008. Detecting in-flight page changes with Web tripwires. In Proceedings of the USENIX Symposium on Network Systems Design and Implementation (NSDI). Google ScholarDigital Library
- Rodriguez, A. 2008. RESTful Web services: The basics. https://www.ibm.com/developerworks/webservices/library/ws-restful/.Google Scholar
- Schechter, S. E., Dhamija, R., Ozment, A., and Fischer, I. 2007. The emperor's new security indicators. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE, Los Alamitos, CA. Google ScholarDigital Library
- Schneier, B. 2011. Man-in-the-middle attack against SSL 3.0/TLS 1.0. https://www.schneier.com/blog/archives/2011/09/man-in-the-midd_4.html.Google Scholar
- Siegler, M. 2010. China syndrome: Gmail now defaults to encrypted access. http://techcrunch.com/2010/01/13/china-hacking-gmail-secure/.the open web application security project (OWASP). 2010. OWASP Top Ten Project. http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project.Google Scholar
- Visaggio, C. 2010. Session management vulnerabilities in today's Web. IEEE Security Privacy 8, 48--56. Google ScholarDigital Library
- WORDPRESS. WordPress: Blog tool, publishing platform, and CMS. http://wordpress.org/.Google Scholar
- Zalewski, M. 2008. Browser Security Handbook. http://code.google.com/p/browsersec/wiki/Part2.Google Scholar
- Zhou, Y. and Evans, D. 2010. Why aren't HTTP-only cookies more widely deployed? In Proceedings of the Web 2.0 Security and Privacy Workshop (W2SP).Google Scholar
Index Terms
- One-time cookies: Preventing session hijacking attacks with stateless authentication tokens
Recommendations
Surviving the Web: A Journey into Web Session Security
In this article, we survey the most common attacks against web sessions, that is, attacks that target honest web browser users establishing an authenticated session with a trusted web application. We then review existing security solutions that prevent ...
Half-Baked Cookies: Hardening Cookie-Based Authentication for the Modern Web
ASIA CCS '16: Proceedings of the 11th ACM on Asia Conference on Computer and Communications SecurityModern websites use multiple authentication cookies to allow visitors to the site different levels of access. The complexity of modern web applications can make it difficult for a web application programmer to ensure that the use of authentication ...
SessionShield: lightweight protection against session hijacking
ESSoS'11: Proceedings of the Third international conference on Engineering secure software and systemsThe class of Cross-site Scripting (XSS) vulnerabilities is the most prevalent security problem in the field of Web applications. One of the main attack vectors used in connection with XSS is session hijacking via session identifier theft. While session ...
Reviews
Andre C. M. Marien
The Web generally uses protocols that are essentially stateless, but applications often depend on context and prior actions. Web 2.0 further complicates how we must deal with the gap between stateless protocols and some notion of session required by applications. Cookies are used in various ways to solve these problems. The two most important aspects are how cookies support session maintenance and how cookies help keep the server-side stateless. For session support, the most basic form is setting a cookie containing some form of a session identifier. Various attacks exist that try to get the cookie value and use it to take over the session. The generic solution to keep the server-side stateless is to push all state information back and forth between server and client. The server gets the previous state from the client, modifies it, and sends the modified state back to the client. Sensitive elements in the state are encrypted by the server before sending it to the client and decrypted when receiving the updated state from the client. The most obvious risk here is playback of the encrypted session content (a replay attack). Compared to standard techniques, the paper adds proof of origin for the whole request by adding a signature for the complete content. This sounds a little better than it actually is. In the discussion section, the authors note that their solution is vulnerable to cross-site request forgery (CSRF). Properly done, an attack can mimic a user action and get its malicious requests signed as well. Exploits such as the man-in-the-browser threat are not blocked either. The authors propose a method to establish a key for the encryption of security state information. They derive the key from a global key and a random value that is transmitted "in the clear." This method enables stateless operation. Using "exclusive or" for the key derivation has me a little worried, but I leave it to the cryptographers to judge. Finally, the authors separate the normal cookies from the security tokens, both in the protocol (a different hypertext transfer protocol (HTTP) header) and in a different store browser-side. Such a change has a big impact, although it also may not be in the right direction. Since we need to modify browser software anyway, why not incorporate the secure and HttpOnly flags into a system with more and better controls__?__ That way, other cookie users could benefit from it. There are other details that make me uneasy. The authors downplay the tendency to move from HTTP to secure HTTP (HTTPS) everywhere. The client signature contains a session timeout set by the client, but this should really be decided by the server. The authors spent time building the system and working on its performance, and the paper provides ample data on those efforts, but this is only relevant if the proposal is solid enough. Browser-side security is problematic, and we could use some good proposals for improving it. For me, this one is not good enough. Online Computing Reviews Service
Access critical reviews of Computing literature here
Become a reviewer for Computing Reviews.
Comments