-
Notifications
You must be signed in to change notification settings - Fork 0
Cryptographic Security
The Cryptographic Security layer mitigates credential theft by implementing a mechanism functionally identical to a Zero-Knowledge Proof (ZKP). Specifically, it proves possession of authorization without transmitting the authorization secret across the network.
The implementation relies on the Elliptic Curve Digital Signature Algorithm (ECDSA) utilizing the NIST P-256 (SECP256R1) curve. This standard provides a high level of security (128-bit symmetric equivalent) with minimal computational overhead, ensuring rapid authentication suitable for high-frequency API gateways.
The system necessitates asymmetric cryptography:
-
Private Key (
$d$ ): Generated entirely on the client-side using thewindow.crypto.subtleAPI. It resides exclusively locally (e.g.,localStorageor ideally a Secure Enclave/TPM). It is never transmitted. -
Public Key (
$Q = dG$ ): Exported in X.509 SubjectPublicKeyInfo (SPKI) PEM format and registered with the server.
To prevent interception and reuse of legitimate signatures, the system enforces a strict Challenge-Response protocol:
-
Nonce Generation: The server (
crypto_utils.py) utilizessecrets.token_bytes(32)to generate a cryptographically secure 32-byte pseudo-random challenge nonce. -
Commitment Binding: The server stores this nonce in a thread-safe
ChallengeStoremapped to theuser_id, alongside a rigid 60-second expiration timestamp. -
Proof Generation: The client retrieves the nonce and signs it using the private key and a SHA-256 hash function:
$Sign(PrivateKey, SHA256(Challenge))$ . - Verification: The client submits the resulting signature. The server verifies the signature against the registered Public Key using the exact same nonce parameters.
1. Credential Stuffing & Phishing Immunity: Standard attacks rely on capturing a static password or OTP. Even if an attacker captures the traffic from a legitimate session, they only acquire the public signature and the specific nonce for that session. Because they do not possess the Private Key mathmatically required to sign a new nonce, subsequent login attempts are impossible.
2. Replay Attack Prevention:
The ChallengeStore utilizes a strict single-use policy. Upon a successful verification, the state of the challenge is immediately inverted to used=True. If an attacker intercepts a valid signature and attempts to resubmit the exact same payload a millisecond later, the server identifies the nonce as consumed and terminates the connection (HTTP 403).
3. Format Interoperability Pipeline:
Standard WebCrypto operations in JavaScript browsers natively generate IEEE P1363 raw signatures (a concatenated 64-byte array containing the cryptography verification methods anticipate ASN.1 DER-encoded signatures.
The backend elegantly resolves this by implementing dual-verification logic: it initially attempts DER validation, and upon failure, dynamically invokes internal utility functions to structurally encode the raw 64-byte array into valid DER format before finalizing verification.