Upgrade to Pro — share decks privately, control downloads, hide ads and more …

An Introduction to PASETO Tokens

An Introduction to PASETO Tokens

JSON Web Tokens (JWTs) have become ubiquitous in the web authentication landscape over the last four years. In this talk, I'll introduce you to their successor: PASETO tokens (platform agnostic security tokens).

PASETO takes the best parts of the JWT spec and removes the rest. PASETO is a much simpler, more secure, and easier to use version of the JWT spec that makes cryptographers happy reduces risk for developers like you.

In this talk you'll learn what PASETO tokens are, how they work, and how to use them in your applications.

Randall Degges

October 14, 2019
Tweet

More Decks by Randall Degges

Other Decks in Programming

Transcript

  1. @rdegges @oktadev What's PASETO? P { "id": "a5db284d-d22c-4a3d-b67e-60776fc24526", "email": "[email protected]",

    "permissions": [ "download:file-a.mp4", "download:file-b.mp4", "download:file-c.mp4" ] } Randall Degges PASETOs are always authenticated.
  2. @rdegges @oktadev What are cryptographic signatures? Greetings, I am writing

    to inform you that you are the great grandson of a very wealthy king. I've been attempting to contact you to transfer your inheritance. Please send me your bank account details so I can initiate the transfer ASAP. Sincerely yours, Randall Degges I know who Randall is. I know what his signature looks like. I trust him. Therefore, I trust this information.
  3. @rdegges @oktadev What are PASETOs for? Proving that JSON data

    can be trusted. { "name": "Randall Degges", "height": "6'0", "eyeColor": "brown" } single-use only short duration P
  4. @rdegges @oktadev What does a PASETO look like? P v2.public.eyJpZCI6ICJjNDQ1NDY1Mi05NWExLTQ2MzktODA0Y

    y0yZjc2MTVhNGMwMjciLCAibmFtZSI6ICJSYW5kYWxsIERlZ2dl cyIsICJleHAiOiAiMjAxOS0xMC0xMFQxMTowNDozNS0wNzowMCJ 9rUy35ian_44WAlMLVi5Wk4GGvDlmCpEWkldn1CH3RgLfo-VUWm xC9EPTBY8l0uoomavACbAIoo1OiGVNMew1Bw.eyJraWQiOiAiMT IzNDUifQ base64-encoded URL safe!
  5. @rdegges @oktadev What does a PASETO look like? P v2.public.eyJpZCI6ICJjNDQ1NDY1Mi05NWExLTQ2MzktODA0Y

    y0yZjc2MTVhNGMwMjciLCAibmFtZSI6ICJSYW5kYWxsIERlZ2dl cyIsICJleHAiOiAiMjAxOS0xMC0xMFQxMTowNDozNS0wNzowMCJ 9rUy35ian_44WAlMLVi5Wk4GGvDlmCpEWkldn1CH3RgLfo-VUWm xC9EPTBY8l0uoomavACbAIoo1OiGVNMew1Bw.eyJraWQiOiAiMT IzNDUifQ version
  6. @rdegges @oktadev What does a PASETO look like? P v2.public.eyJpZCI6ICJjNDQ1NDY1Mi05NWExLTQ2MzktODA0Y

    y0yZjc2MTVhNGMwMjciLCAibmFtZSI6ICJSYW5kYWxsIERlZ2dl cyIsICJleHAiOiAiMjAxOS0xMC0xMFQxMTowNDozNS0wNzowMCJ 9rUy35ian_44WAlMLVi5Wk4GGvDlmCpEWkldn1CH3RgLfo-VUWm xC9EPTBY8l0uoomavACbAIoo1OiGVNMew1Bw.eyJraWQiOiAiMT IzNDUifQ version purpose
  7. @rdegges @oktadev What does a PASETO look like? P v2.public.eyJpZCI6ICJjNDQ1NDY1Mi05NWExLTQ2MzktODA0Y

    y0yZjc2MTVhNGMwMjciLCAibmFtZSI6ICJSYW5kYWxsIERlZ2dl cyIsICJleHAiOiAiMjAxOS0xMC0xMFQxMTowNDozNS0wNzowMCJ 9rUy35ian_44WAlMLVi5Wk4GGvDlmCpEWkldn1CH3RgLfo-VUWm xC9EPTBY8l0uoomavACbAIoo1OiGVNMew1Bw.eyJraWQiOiAiMT IzNDUifQ version purpose payload
  8. @rdegges @oktadev What does a PASETO look like? P v2.public.eyJpZCI6ICJjNDQ1NDY1Mi05NWExLTQ2MzktODA0Y

    y0yZjc2MTVhNGMwMjciLCAibmFtZSI6ICJSYW5kYWxsIERlZ2dl cyIsICJleHAiOiAiMjAxOS0xMC0xMFQxMTowNDozNS0wNzowMCJ 9rUy35ian_44WAlMLVi5Wk4GGvDlmCpEWkldn1CH3RgLfo-VUWm xC9EPTBY8l0uoomavACbAIoo1OiGVNMew1Bw.eyJraWQiOiAiMT IzNDUifQ version purpose payload footer
  9. @rdegges @oktadev What's inside a PASETO? P { "id": "a5db284d-d22c-4a3d-b67e-60776fc24526",

    "email": "[email protected]", "permissions": [ "download:file-a.mp4", "download:file-b.mp4", "download:file-c.mp4" ] } claims
  10. @rdegges @oktadev key name type example iss Issuer string {"iss":

    "okta.com"} sub Subject string {"sub": "test"} aud Audience string {"aud": "okta.com"} exp Expiration DateTime {"exp": "2019-10-31T00:00:00+00:00"} nbf Not Before DateTime {"nbf": "2019-10-31T00:00:00+00:00"} iat Issued At DateTime {"iat": "2019-10-31T00:00:00+00:00"} jti Token ID string {"jti": "ac478bc0-c73a-4a2c-8f00-186456cf8d88") kid Key-ID string {"kid": "stored in footer"} Who created the token? When does the token expire? When was the token created?
  11. @rdegges @oktadev What are the different types of PASETOs? P

    P local public symmetric shared key simple asymmetric public key complicated encrypted not encrypted
  12. @rdegges @oktadev How do local PASETOs work? v2.local.vB7daJlQOL5sY8mQa_FWb6ZYbkNi8yeRqI-DCFNEPTYEu7ItQH MMM5jzD_fw-G7l-AXJRBj3E9jxx9-JS5eG436WGUn03zYp2nuV3PVqppEyR P9LoZ1TTBREhR182NRcNYqUkM8FfazWegWcLc1gSzFXx0Kge4U7XHtAlliT

    rR8p09hH6qVpqAsgMdp00ao66JX_mxlEjkL3y784CoAK-gyy_ZZ1WzAvYAj QApl859RxnB9uLMpb-VURmetmrw9sC_Iw27to46ulTcMxx_KoSBem9eSG5M 4bvNQC5YFeDLIM2HXDf35YIo50.eyJraWQiOiAiMTIzNDUifQ secret_key { json } fuck The secret_key is needed to both encrypt and decrypt the PASETO.
  13. @rdegges @oktadev How do I use local PASETOs? www. P

    secret_key dl. { "purchaseID": "1234567", "permissions": [ "download:video1.mp4", "download:video2.mp4", "download:video3.mp4" ] } ?token=v2.local.xxx& file=video1.mp4 - Parse URL params - Decrypt token - Verify purchaseID - Verify permissions - Stream file to user video1.mp4 I want to download video1.mp4. secret_key - Validate request - Generate PASETO - Redirect
  14. @rdegges @oktadev How do public PASETOs work? v2.public.vB7daJlQOL5sY8mQa_FWb6ZYbkNi8yeRqI-DCFNEPTYEu7ItQ HMMM5jzD_fw-G7l-AXJRBj3E9jxx9-JS5eG436WGUn03zYp2nuV3PVqppEy RP9LoZ1TTBREhR182NRcNYqUkM8FfazWegWcLc1gSzFXx0Kge4U7XHtAlli

    TrR8p09hH6qVpqAsgMdp00ao66JX_mxlEjkL3y784CoAK-gyy_ZZ1WzAvYA jQApl859RxnB9uLMpb-VURmetmrw9sC_Iw27to46ulTcMxx_KoSBem9eSG5 M4bvNQC5YFeDLIM2HXDf35YIo50.eyJraWQiOiAiMTIzNDUifQ private key { json } I can see the data. The private key is needed to create the PASETO. The public key is need to validate the PASETO. public key
  15. @rdegges @oktadev How do I use public PASETOs? website P

    public_key authorization server private_key public_key { "userID": "1234567" } I'd like to log in. - Authenticate the user - Generate a PASETO - Redirect the user back to the website ?token=v2.public.xxx - Parse the token out of the URL - Validate the token - Create a secure session using server-side session management
  16. @rdegges @oktadev What's wrong with JWTs? Allows poor cryptography choices

    - RSA w/ PKCS #1v1.5 padding - RSA w/ OAEP Padding - Elliptic Curve Diffie-Hellman (ECDH) using Weierstrass curves - AES-GCM They're widely misused. Force implementations to strictly process the alg header. This causes forgery issues. Vulnerable to a padding oracle attack. Cryptographers recommend migrating away from RSA. Introduces risk of invalid-curve attacks that allow attackers to steal your secret keys. This is the wrong type of cryptography entirely. Using symmetric encryption when asymetric is needed.
  17. @rdegges @oktadev Try PASETO! P paseto.io read the RFC find

    developer libraries discover articles