Saving a crypted private key in a cookie

Asked 18/3, 2014 at 13:37 Answered 16/6, 2014 at 18:4

security cookies applet private-key public-key

I am currently working on a project with a lot of security and I am having a bit of a problem choosing a technical solution to satisfy my customer need.

First things first, let me explain you the customer need.

For my customer's website, at some point a user needs to generate a private key and public key client side (gui : browser) then send the public key to the server and save the private key (crypted by a user choosen password) locally. The private key needs to be saved because it is used once in a second part of the process (the user needs to enter his password in order to decrypt it), once used we can dispose of the private key.

I have to add that the customer requests backward compatibility to IE7.

First technical choice : Java Applet

The first thing we looked up is to use a Java Applet, generates the keys just fine, but we enconter a problem on Safari Mac OSX, the appet is sandboxed and the user needs to perform a complicated action to disable sandbox mod. Our customer does not want this as it is not user firendly.

Second solution : Saving crypted private key in a cookie

We kept the java applet, but it does not save anything on disk, it is only used to perform cryptographic actions. We passed from the applet a crypted private key to the javascript to save in a cookie. We did it fine and we can retrieve the crypted private key from the cookie store and pass it to the applet to decrypt (with a popup requesting the user to enter his password).

Question We know that it is technically doable to save a crypted private key in a cookie, but the question is : is it secured, what kind of risks are we taking saving that private key in a the cookie store of the browser?

It would help me a lot if one of you could help me!

Cheers

Coactive answered 18/3, 2014 at 13:37 Comment(0)

Cookies are sent in each request. This is really really bad because you want the private key to not sent over the network as much as possible.

Assuming you can't have local storage (IE7), the only way I know to store info on the cient side is cookies. I'd say : use local storage as much as possible, and when you can't, store the private key on the server side. At least, you'll be sending it once. it's bad, but less than really really bad ...

Or maybe you could store cookies on a dedicated subdomain that you never use again, but in order to read the cookie, even on the client side with javascript, you need to be on a page of that subdomain, and that means sending the key over the network again everytime you want to use it.

As far as I know.

Wortman answered 18/3, 2014 at 19:49 Comment(1)

Yes I think that using localStorage ass much as possible is the solution. Except for IE7 of course. I do not have control over what happens on the server side unfortunatly. I think I have to remain with either a cookie based storage for IE7 or use the Java Applet to perform the operation only for IE7. – Coactive 19/3, 2014 at 9:41

The main problem is that cookies are only meant for things you are sending to the server. They are not meant for storage and you should not be sending your private key anywhere, ever.

Cookies can be stolen via XSS (always assume you have an XSS vuln in your site) and the attacker can then try to decrypt it.

On the grand scale of things you could do a lot worse. Assuming your crypto is solid, the private key is probably safe, but the big issue is that you shouldn't be using cookies like this. Using Web Storage is probably a far better solution here.

Weaponeer answered 18/3, 2014 at 19:51 Comment(2)

Yes Web Storage is the solution for me, the problem is that I need a solution for IE7. IE7 does not support localStorage ad its polyfill is a cookie based storage – Coactive 19/3, 2014 at 9:29

Oh, sure. Uh...I guess for that purpose cookies might be the best way to do it, but for IE7 ONLY (check the browser version, etc server-side). (I know you mentioned this but I'll reiterate it for anyone else reading this:) Make sure they are encrypted and https-only. I think there are js alternatives but you're less likely to have a user who will let you write arbitrary files to their filesystem (although the kind of person still on IE7 probably won't care) – Weaponeer 21/3, 2014 at 0:48

I´d say that saving your private key in a cookies isn´t a really good choice since they are not supposed to hold sensitive information due security reasons, and our colleagues already told other reasons. It´s also important to notice that the user may clear all his cookies at any given time or disable it at all. The applet would meet better your customer requirements and would let you for example prompt the user to save a keystore file with the private key, this kind file was designed to hold this kind of information.

Noman answered 18/3, 2014 at 21:26 Comment(1)

Yes prompting the user to save the private key was the initial proposition. But we have a user case where a user (lets say an admin) can request a certificates for his people of his organisation. In that case it would be tidious for the administrator to save one by one each private key and to remember wich private key belongs to whom. That is why we want to hide this step to the user. But all the problem comes from the fact that we need to support IE7 and IE7 does not support localStorage... – Coactive 19/3, 2014 at 9:36

You could use localstorage then just deploy localstorage polyfill for IE7

Lucubration answered 16/6, 2014 at 18:4 Comment(0)

Recommended topics

Hot tags