Hello devs,
I am new to ODK and started looking at the security features of it. I got
some info on the usage of public-key cryptosystem key exchange in the ODK.
I am wondering how the ODK client verifies the integrity of the server
public-key before using it? does ODK support digital signature? Is there a
wiki page on the security implementation?
Thanks,
Best,
Samson
CommCare ODK Collect has a more complex use of public-key cryptography than
the standard ODK Collect implementation. I am not knowledgeable enough
about its details to speak about it.
ODK Collect uses public-key cryptography in two areas: (1) securing the
https: communications between the client and the server, and (2) encrypting
the form when finalized, prior to sending.
For (1), ODK Collect relies entirely on the root certificates registered on
the phone to validate the SSL certificate the server provides. This means
that you either need to add your own root certificate, for your own
certificate authority, or you need to obtain an SSL certificate from a
registered authority (e.g., Verisign) in order for ODK Collect to establish
an https: connection to the server. We don't do anything special here,
just standard web code. The theory is, if you trust the registered
authorities to issue certificates only to legitimate parties, if some
server provides a valid certificate, you can trust that the server is who
it says it is.
For (2), ODK Collect simply uses the provided public key to encrypt the
filled-in form. There is no validation or checking of the public key,
beyond the well-formed-ness checks done by the underlying library (we use
the standard crypto libraries provided on the phone -- these appear to be a
variant of bouncycastle).
Mitch
Hello devs,
I am new to ODK and started looking at the security features of it. I got
some info on the usage of public-key cryptosystem key exchange in the ODK.
I am wondering how the ODK client verifies the integrity of the server
public-key before using it? does ODK support digital signature? Is there a
wiki page on the security implementation?Thanks,
Best,
Samson
--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com
Thanks Mitch.
If I understood you well, in the first case (1), the application data is
encrypted with a symmetric key and the public-key is used to exchange the
symmetric key. The second case (2) is not clear. Are you saying the the
filled-in form is encrypted using the public-key? If that is the case, how?
As far as I know, if you use, for instance, PKCS#1 RSA key with X bytes
size , the the maximum data allowed to be encrypted is X - 11bytes. If the
filled-in form size is larger than the public-key size, what do you do?
Best,
Samson
CommCare ODK Collect has a more complex use of public-key cryptography
than the standard ODK Collect implementation. I am not knowledgeable
enough about its details to speak about it.ODK Collect uses public-key cryptography in two areas: (1) securing the
https: communications between the client and the server, and (2) encrypting
the form when finalized, prior to sending.For (1), ODK Collect relies entirely on the root certificates registered
on the phone to validate the SSL certificate the server provides. This
means that you either need to add your own root certificate, for your own
certificate authority, or you need to obtain an SSL certificate from a
registered authority (e.g., Verisign) in order for ODK Collect to establish
an https: connection to the server. We don't do anything special here,
just standard web code. The theory is, if you trust the registered
authorities to issue certificates only to legitimate parties, if some
server provides a valid certificate, you can trust that the server is who
it says it is.For (2), ODK Collect simply uses the provided public key to encrypt the
filled-in form. There is no validation or checking of the public key,
beyond the well-formed-ness checks done by the underlying library (we use
the standard crypto libraries provided on the phone -- these appear to be a
variant of bouncycastle).Mitch
On Mon, Jul 16, 2012 at 2:23 AM, Samson samson.gejibo@gmail.com wrote:
Hello devs,
I am new to ODK and started looking at the security features of it. I got
some info on the usage of public-key cryptosystem key exchange in the ODK.
I am wondering how the ODK client verifies the integrity of the server
public-key before using it? does ODK support digital signature? Is there a
wiki page on the security implementation?Thanks,
Best,
Samson
--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com
--
Samson Gejibo
PhD candidate
Department of Informatics
University of Bergen
P.O.Box 7800
5020 Bergen
Office: +4755584278
Mobile: +4794123374
Yes, (1) is using all the standard web encryption handshakes for doing
https:// communications -- nothing custom, nothing special.
For (2), a random symmetric key is generated and the submission payload is
encrypted using this random symmetric key and this algorithm:
AES/CFB/PKCS5Padding. The encrypted submission file (and all media
captures) are then wrapped in a submission manifest that includes this
symmetric key encrypted using the public key and the
RSA/NONE/OAEPWithSHA256AndMGF1Padding algorithm.
Mitch
Thanks Mitch.
If I understood you well, in the first case (1), the application data is
encrypted with a symmetric key and the public-key is used to exchange the
symmetric key. The second case (2) is not clear. Are you saying the the
filled-in form is encrypted using the public-key? If that is the case, how?
As far as I know, if you use, for instance, PKCS#1 RSA key with X bytes
size , the the maximum data allowed to be encrypted is X - 11bytes. If the
filled-in form size is larger than the public-key size, what do you do?Best,
Samson
On Mon, Jul 16, 2012 at 6:21 PM, Mitch S mitchellsundt@gmail.com wrote:
CommCare ODK Collect has a more complex use of public-key cryptography
than the standard ODK Collect implementation. I am not knowledgeable
enough about its details to speak about it.ODK Collect uses public-key cryptography in two areas: (1) securing the
https: communications between the client and the server, and (2) encrypting
the form when finalized, prior to sending.For (1), ODK Collect relies entirely on the root certificates registered
on the phone to validate the SSL certificate the server provides. This
means that you either need to add your own root certificate, for your own
certificate authority, or you need to obtain an SSL certificate from a
registered authority (e.g., Verisign) in order for ODK Collect to establish
an https: connection to the server. We don't do anything special here,
just standard web code. The theory is, if you trust the registered
authorities to issue certificates only to legitimate parties, if some
server provides a valid certificate, you can trust that the server is who
it says it is.For (2), ODK Collect simply uses the provided public key to encrypt the
filled-in form. There is no validation or checking of the public key,
beyond the well-formed-ness checks done by the underlying library (we use
the standard crypto libraries provided on the phone -- these appear to be a
variant of bouncycastle).Mitch
On Mon, Jul 16, 2012 at 2:23 AM, Samson samson.gejibo@gmail.com wrote:
Hello devs,
I am new to ODK and started looking at the security features of it. I
got some info on the usage of public-key cryptosystem key exchange in the
ODK. I am wondering how the ODK client verifies the integrity of the server
public-key before using it? does ODK support digital signature? Is there a
wiki page on the security implementation?Thanks,
Best,
Samson
--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com--
Samson GejiboPhD candidate
Department of Informatics
University of Bergen
P.O.Box 7800
5020 BergenOffice: +4755584278
Mobile: +4794123374
--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com
Now it is clear. Thanks again!
/Samson
Yes, (1) is using all the standard web encryption handshakes for doing
https:// communications -- nothing custom, nothing special.For (2), a random symmetric key is generated and the submission payload is
encrypted using this random symmetric key and this algorithm:
AES/CFB/PKCS5Padding. The encrypted submission file (and all media
captures) are then wrapped in a submission manifest that includes this
symmetric key encrypted using the public key and the
RSA/NONE/OAEPWithSHA256AndMGF1Padding algorithm.Mitch
On Mon, Jul 16, 2012 at 1:19 PM, Samson Gejibo samson.gejibo@gmail.comwrote:
Thanks Mitch.
If I understood you well, in the first case (1), the application data is
encrypted with a symmetric key and the public-key is used to exchange the
symmetric key. The second case (2) is not clear. Are you saying the the
filled-in form is encrypted using the public-key? If that is the case, how?
As far as I know, if you use, for instance, PKCS#1 RSA key with X bytes
size , the the maximum data allowed to be encrypted is X - 11bytes. If the
filled-in form size is larger than the public-key size, what do you do?Best,
Samson
On Mon, Jul 16, 2012 at 6:21 PM, Mitch S mitchellsundt@gmail.com wrote:
CommCare ODK Collect has a more complex use of public-key cryptography
than the standard ODK Collect implementation. I am not knowledgeable
enough about its details to speak about it.ODK Collect uses public-key cryptography in two areas: (1) securing the
https: communications between the client and the server, and (2) encrypting
the form when finalized, prior to sending.For (1), ODK Collect relies entirely on the root certificates registered
on the phone to validate the SSL certificate the server provides. This
means that you either need to add your own root certificate, for your own
certificate authority, or you need to obtain an SSL certificate from a
registered authority (e.g., Verisign) in order for ODK Collect to establish
an https: connection to the server. We don't do anything special here,
just standard web code. The theory is, if you trust the registered
authorities to issue certificates only to legitimate parties, if some
server provides a valid certificate, you can trust that the server is who
it says it is.For (2), ODK Collect simply uses the provided public key to encrypt the
filled-in form. There is no validation or checking of the public key,
beyond the well-formed-ness checks done by the underlying library (we use
the standard crypto libraries provided on the phone -- these appear to be a
variant of bouncycastle).Mitch
On Mon, Jul 16, 2012 at 2:23 AM, Samson samson.gejibo@gmail.com wrote:
Hello devs,
I am new to ODK and started looking at the security features of it. I
got some info on the usage of public-key cryptosystem key exchange in the
ODK. I am wondering how the ODK client verifies the integrity of the server
public-key before using it? does ODK support digital signature? Is there a
wiki page on the security implementation?Thanks,
Best,
Samson
--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com--
Samson GejiboPhD candidate
Department of Informatics
University of Bergen
P.O.Box 7800
5020 BergenOffice: +4755584278
Mobile: +4794123374--
Mitch Sundt
Software Engineer
University of Washington
mitchellsundt@gmail.com
--
Samson Gejibo
PhD candidate
Department of Informatics
University of Bergen
P.O.Box 7800
5020 Bergen
Office: +4755584278
Mobile: +4794123374