Aloha kakou and good morning, the time to have fun has come. This week I was trying to put some ideas for crypto altogether and update our roadmap for security to reflect what do we want to achieve, basically I want to hear your opinion on it, otherwise you will implement what was written here :) I will wait for some feedback until friday (20) and if I don't hear anything our roadmap as well AGSEC jiras will be automagically updated. I don't want to html-ish you, so here comes my proposal formatted in markdown: # 1.3.0 (draft) ### Crypto library * Provide easy to use APIs for symmetric encryption: [GCM](http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf) * Provide easy to use APIs for asymmetric encryption: [ECC](http://www.nsa.gov/business/programs/elliptic_curve.shtml) * Provide easy to use APIs for password based key derivation: [PBKDF2](http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132... * Provide easy to use APIs for hashing: SHA-256, SHA-512 * Provide easy to use APIs for message authentication: GMAC, HMAC *See: [AGSEC-57](https://issues.jboss.org/browse/AGSEC-57)* * Provide easy to use APIs for digital signatures: ECDSA ### Examples: * Symmetric encryption: SimplePush server * Asymmetric encryption: shared encryption keys between two parties, to allow encryption and decryption of messages and prevent tampering. * Password-based key derivation: every application which requires password * Hashing: store passwords on the server's database * Message authentication: message integrity/tampering mitigation * Digital signatures: HTTP signed requests, digitally sign mobile application keys (*nonrepudiation*) **Add more scenarios or exclude but please make sure they are DOABLE and real** ### Scenarios * A mobile health system wants to store sensitive patients' data offline for web or mobile applications * Bob gets his phone stolen and wants to wipe the data to protect his privacy * Alice gets phone stolen and an attacker wants to steal her data * A web application must be able to provide encryption for users' password * A TOTP application wants to store shared secrets * A push mobile application wants to protect the messages exchanged between client and server * Showcase **proposed**: * Password manager * A password manager app which could be tested with offline sync as a next step. Initially we can start with the bare minimum ## Jiras * AGSEC-XX: Provide easy to use cryptography interface *Description*: We must build a foundation for encrypted storage, before start hacking on it. Having clearly defined goals in a single place might help to put things in perspective. Ex: **Android**-crypto, **iOS**-crypto & **JS**-crypto libraries * AGSEC-XX: Symmetric encryption support: [GCM](http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf) * AGSEC-XX: Asymmetric encryption support: [ECC](http://www.nsa.gov/business/programs/elliptic_curve.shtml) * AGSEC-XX: Password based key derivation: [PBKDF2](http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132... * AGSEC-XX: Hashing support: SHA-256, SHA-512 * AGSEC-XX: Message authentication support: GMAC, HMAC *See: AGSEC-57* * AGSEC-XX: Digital signatures support: ECDSA *(I'm considering to remove the Jiras below once they are too broad)* <strike> * AGSEC-57: Add message integrity verification * AGIOS-3: Implementation and API usage for iOS crypto * AGSEC-26: Authentication schemes for mobile devices </strike> * AGSEC-2: Secure storage and cache *documentation* (*I'm considering to make it a doc task. Thoughts?*) <strike>* AGSEC-7: Provide a detailed specification about how it should work (*I'm considering to rephrase it*)</strike> * AGSEC-7: Provide a specification about how to properly do key management *Description*: Each platform will have its own implementation and singularity to store/retrieve the keys. For example: *KeyStore* for Android, *SessionStorage* or *LocalStorage* for JavaScript or *Keychain services* API with iOS. * AGSEC-XX: Provide some use case scenarios for encryption: JS, Android, iOS *Description*: Joint effort from AeroGear team with some scenarios per platform. * AGSEC-9: Provide a specification and which kind of algorithms will be provided *Description*: Algorithms supported on AeroGear by default. Ex: *GCM, ECC, GHASH…etc* * AGSEC-27: Provide a specification and which kind of authentication schemes will be supported *Description*: Similar idea to *AGSEC-9* (nothing bureaucratic, just a short description) * AGSEC-47: Create a documentation with the overview of AeroGear Security * AGSEC-XX: Generating encryption keys * Provide password based encryption support to generate the keys * Automatically key generation with no interaction * AGSEC-XX: Manage cryptographic keys and respective owners *Description*: During the offline encryption a pair of keys (*asymmetric encryption*) or a single key (*symmetric encryption*) will be generated to encrypt the local data, we have to figure out what is the best way to <*put your platform here*> manage those keys. * AGSEC-XX: Encrypted offline storage (*for sensitive data*) *Description*: Sensitive data like patients information, social number security, GPS position or data from your biggest company oil * AGSEC-XX: Encrypted cache *Description*: Developers must be allowed to have their application privacy protected enabling data cache anonymity. * AGSEC-XX: Key agreement with the server *Description*: Key agreement between two parties mobile application and the server * AGSEC-XX: Key privilege revocation *Description*: If for some reason a phone get lost or stolen, keys must be revoked by the server * AGSEC-XX: Key privilege expiration *Description*: Allows to specify the valid period of time for the key added on mobile device or server. Working in both ways. * AGSEC-XX: Data seek and destroy *Description*: User/Developer must be able to notify the application using another authorized computer if the data stored on mobile device must be destroyed. Ex: *Phone get lost and I want to wipe all the passwords stored on my device* * AGSEC-XX: Showcase app *Description*: An application to showcase the goal of this release. Suggestion: password manager (*a nice fit for testing encryption locally and later the integration with the server*) * AGSEC-XX: Provide a screen to input user's password * AGSEC-XX: Allow user to include passwords specifying the alias * AGSEC-XX: Allow password to be decrypted and displayed on the screen * AGSEC-XX: Backup the data on to the server (*but do not expose the passwords to the server*) * AGSEC-XX: Performance checks *Description*: Check how much encryption will degrade CPU/memory on devices * AGSEC-XX: Hold the fort *Description*: Coordinate attacks against our platform. Ex: *DDoS, dump databases to check if the data was properly encrypted…etc* *(I'm considering to remove the Jiras below once they are too broad)* <strike> * AGSEC-6: Encryption for mobile devices * AGSEC-89: Encryption for iOS </strike> * AGSEC-59: Inclusion of a responsible disclosure for security at aerogear.org * AGSEC-58: Setup a mailing list to report security issues <strike>* AGSEC-61: Http Basic and Http Digest are mutually exclusive</strike> (*moved*) -- abstractj