Firefox Sync and Firefox Accounts in FF29 – Old Sync Security – New Sync Security

View Github Repository Open presentation in a new window

warner

See all presentation from warner

Firefox Sync and Firefox Accounts in FF29 – Old Sync Security – New Sync Security

0 0

fxa-brownbag-slides

slides for the upcoming presentation on FxA/Sync

On Github warner / fxa-brownbag-slides

Firefox Sync and Firefox Accounts in FF29

Brian Warner

warner@mozilla.com

Outline

  • Old FF Sync: design, pairing, problems
  • New FF Sync: setup
  • Introducing Firefox Accounts (FxA)
  • FxA + Firefox Sync

Firefox Sync

  • Introduced in Firefox 4.0 (March 2011)
  • Synchronizes:
    • bookmarks, history, open-tabs
    • passwords, add-ons, prefs
  • Between two or more Firefox browsers
    • Desktop and Android

Sync Security

  • All data is encrypted
  • Sync Storage Server only holds ciphertext
  • Each connected browser knows the key
  • Nobody else knows the key

Old Sync: Pairing

Old Sync Security

  • random encryption key generated by first device

Old Sync Security

  • pairing transfers the key to second device

Old Sync Security

  • pairing transfers the key to second device

Old Sync Security

  • pairing transfers the key to second device

Old Sync Security

  • single-use pairing code is forgotten

Old Sync Security

  • second device uses shared key to decrypt data

Old Sync Problems

  • not useful for single device, surprising setup process

New Sync: FF29

  • conventional password-based signin
  • still end-to-end security
  • can now sync one or more devices with cloud
what's really happening here is that you're signing into a Firefox Account

What is a Firefox Account?

  • Single sign-on for Mozilla services
    • Sync (as of FF29)
    • Marketplace, Where's My Fox (soon)
  • Usable in any browser
    • But some features will only be used by Firefox at first

What does a Firefox Account get you?

  • signed BrowserID assertions
  • encryption keys

Proving Control of a Firefox Account

  • To use an account, you must prove:
    • the ability to receive email
    • knowledge of account password

How is FxA used by Sync?

  • Client uses kB key to encrypt/decrypt bookmark data
  • Storage Server requires signed assertion to upload/download ciphertext

New Sync Security

  • random encryption key generated by first device

New Sync Security

  • key wrapped by user password, stored on auth server

New Sync Security

  • password no longer needed

New Sync Security

  • second device starts with password

New Sync Security

  • fetches from auth server, unwraps key

New Sync Security

  • second device uses shared key to decrypt data

FxA Sync Security

  • still end-to-end encryption
    • but based on password, not pairing
  • note: forgotten password requires account reset
    • this erases server-side data
    • merely changing the password does not

Protecting kB

  • server does not learn password or kB

Old Sync Accounts

  • same backend, only difference is key management
    • pairing code is gone
  • pre-FF29 Sync accounts will continue to work
    • but aren't interoperable with new FxA-based accounts
  • to upgrade:
    • disconnect from Sync
    • then sign in with a new account

References

  • Project Page:

https://wiki.mozilla.org/Identity/FirefoxAccount

Protocol Diagrams:

https://github.com/mozilla/fxa-auth-server/wiki/onepw-protocol

Login Server:

https://github.com/mozilla/fxa-auth-server

Questions? Thanks!

Bonus Slides

kA vs kB

  • kA:
    • known by fxa-auth-server
    • immutable: persistent through account reset
    • user-recoverable by answering email challenge
    • not currently used for anything
  • kB:
    • protected by user password
    • erased/reset upon account reset
    • not recoverable if password is forgotten
    • used for Sync data
  • Applications use derivatives, not raw kA/kB
0