Does using channel encryption (https) make hashing the secret key redundant?_问答_开发者

Does using channel encryption (https) make hashing the secret key redundant?

开发者 https://www.devze.com 2023-03-06 06:39 出处：网络

I\'m designing a web service that clients connect to in order to retrieve some private data. Each client has a unique ID and a secret key (generated by the server) that are sent as parameters to the w

相关专题：hmac security

I'm designing a web service that clients connect to in order to retrieve some private data. Each client has a unique ID and a secret key (generated by the server) that are sent as parameters to the web service in order to authenticate itself. In addition, all communications are done over HTTPS.

I'm also planning to use HMAC-SHA256, in order to avoid sending the secret key over the wire.

However, I'm wondering whether this is strictly necessary. Since HTTPS gives me a secure channel between client and server, why would I really mind sending the secret key over that channel?

The only reason I managed to come up with is that an unknowledgeable developer might add a service in the future and not reject non-HTTPS con开发者_运维问答nections, so hashing the secret key is a sort of insurance against the realities of corporate software development, an extra line of defense if you will.

Am I missing something more significant? Is this a real vulnerability that some attack vector could take advantage of?

An attacker installs a fake trusted certificate into a browser and hijacks the session.
A link to your site is sent, but the redirection to SSL is intercepted and a non-SSL session commences.

There are others, but the story is this: SSL is complicated and often attacked in inventive ways. If your connection is secure, then the hashing has little value compared to the complexity in code for humans and the cost in cpu time. However, if the SSL session is compromised, then you've still saved your key. Much as we hash passwords in databases despite the fact that nobody undesirable should have access, hashing your key despite SSL would be wise.

The channel may be secure, but that doesn't tell you anything about endpoints: depending on the browser in question (and its plugins/extensions/...), your key could very well end up in a disk-based cache somewhere on the user's computer, and it could sit there until the end of forever.

That is not a very interesting vulnerability ... until you realize that various malware already goes trawling through the disks, looking for anything valuable - and with the current rates, some of your users will be infected (unless your website only has twenty users ;)).

So: don't throw away a pretty powerful crypto mechanism to save a few CPU cycles; that's a potentially dangerous microoptimization IMNSHO.