Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

API CSRF protection #38

Open
mcginty opened this issue Apr 8, 2021 · 0 comments
Open

API CSRF protection #38

mcginty opened this issue Apr 8, 2021 · 0 comments

Comments

@mcginty
Copy link
Collaborator

mcginty commented Apr 8, 2021

(This continues the discussion from #26)

Temporary solution

We can have some basic CSRF protection by requiring custom headers with some unique information, as experimented with in #37.

This type of solution is far from ideal, and is instead just a means to stop the simplest of this class of attacks.

Idea A: Signature-based authentication

Curve25519 keys, those used by WireGuard, can be converted to be used in Ed25519 signatures.

Peers could use their private keys to sign API requests (kind of like what AWS does), and through that would prove that the initiator of the request is in possession of the peer's private key.

Advantages

  • No extra keys or magic secrets
  • Could be used as an authentication method not just for innernet-server, but eventually for other services on an innernet network.

Disadvantages

  • Curve25519

Idea B: Token-based authentication

The innernet-server could give peers a token when peers first join (or re-join) the network, and require that they pass that token along with every request.

Advantages

  • Simple, tried-and-true method

Disadvantages

  • Not completely clear when exactly the token is generated and given to peers, and how/if it's rotated.
  • Only really an applicable solution for innernet-server, every other service has to work their own stuff out.

Idea C: ???
@mcginty mcginty changed the title API authetication API authentication Apr 8, 2021
mcginty pushed a commit that referenced this issue Apr 9, 2021
{client,server}: send and require a header that contains the server p…
a87d56c 
…ublic key

This is a stop-gap CSRF protection mechanism from unsophisticated attacks. It's to be considered a temporary solution until a more complete one can be implemented, but it should be sufficient in most cases for the time being.

See #38 for further discussion.
@mcginty mcginty changed the title API authentication API CSRF protection Apr 9, 2021
@mcginty mcginty mentioned this issue Apr 24, 2021
Open
@mcginty mcginty mentioned this issue Sep 6, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mcginty