Preventing replay attacks
Carl Howells
chowells at janrain.com
Thu Sep 8 15:16:42 PDT 2005
One thing the current version of schtuff.com's python openid library
does not handle itself is preventing replay attacks on the consumer.
Currently, that has to be handled by the user of the library. That is,
of course, not optimal for users of the library, as it requires thinking
about how to solve it, when there's almost always a single best solution.
We will be updating our libraries soon to use nonces to prevent replay
attacks, both in normal operation (consumer issues the nonces) and in
dumb mode (server issues the nonces, as the consumer is expected to
maintain no state about openID).
While going over the spec to confirm that our intended behavior didn't
violate it, we actually found very little reference to replay attacks.
While using nonces to is mentioned once, very little behavior regarding
what to do about replay attacks is actually specified.
I'd like to suggest that some notes be added to the spec regarding
replay attacks, to make it more clear to implementers that they need to
be both aware and concerned.
I think the specification should make a strenuous recommendation (or
perhaps even a requirement) that implementations prevent replay attacks.
Preventing replay attacks has to be done by the consumer in normal
mode, typically with the use of nonces. For dumb mode, if the consumer
is really too limited to maintain state about openid connections, the
server needs to prevent replay attacks in its check_authentication call.
Any thoughts on wording and/or placement?
Carl Howells
More information about the yadis
mailing list