ePrint

Berytus:

GitHub

A Secure Governance Framework for Web User

Authentication through Password Managers

Ali Cherry, Konstantinos Barmpis, Siamak Shahandashti

University of York, York, United Kingdom

{ali.cherry,konstantinos.barmpis,siamak.shahandashti}@york.ac.uk

Overview

Web App

Berytus API

Secret Manager

To effectively mediate between web applications and secret managers, we propose Berytus, a web governance framework for web authentication through embedded Secret Managers. As an orchestrator, Berytus sits between the web application frontend and the Secret Manager, operating natively in the browser. Berytus introduces two APIs, a Web API for web apps and a WebExtensions API for secret managers; both of which are used to facilitate a structured communication flow between web apps and secret managers.

With this positioning of Berytus, secret manager extensions can register as secret management tools through the Berytus WebExtensions API. At the other end, web applications can interact with the Berytus Web API to initiate an account-related operation (e.g. authentication). Inter alia, Berytus (a) tracks installed secret managers, (b) prompts for secret manager selection and (c) ensures conformity with the spec.

Unified Secret Management (platform-agnostic) — Embedded Password Managers can now directly register with the user agent using the WebExtensions API, harmonizing multiple Password Manager usage [1, 2] through the use of secret manager selection prompts.

Key-based Credential Mapping — Web apps can assume ownership of cryptographic public keys (Ed25519), eliminating the troublesome domain-based credential mapping [3, 4, 5, 6].

App-level E-2-E Encryption — Berytus faciliates elliptic curve Diffie–Hellman key exchange using Curve25519, a.k.a X25519, between the secret manager and the web app to establish a shared secret for symmetric data encryption. App-level eavesdroppers abusing the DOM [7, 8, 9] or Monkey Patching can no longer steal credentials.

Challenge-based Authentication — Web applications can now initiate one-or-more authentication challenges instead of exclusively retrieving independent credentials [10].

References

[1]

Oesch, S., Ruoti, S., Simmons, J., & Gautam, A. (2022). “It Basically Started Using Me:” An Observational Study of Password Manager Usage. Proceedings of the 2022 CHI Conference on Human Factors in Computing Systems. https://doi.org/10.1145/3491102.3517534

[2]

Stobert, E., & Biddle, R. (2015). Expert Password Management. Passwords. https://api.semanticscholar.org/CorpusID:40395405

[3]

Carr, M., & Shahandashti, S. F. (2020). Revisiting Security Vulnerabilities in Commercial Password Managers. In M. Hölbl, K. Rannenberg, & T. Welzer (Eds.), ICT Systems Security and Privacy Protection (pp. 265–279). Springer International Publishing.

[4]

Oesch, S., Gautam, A., & Ruoti, S. (2021). The Emperor’s New Autofill Framework:A Security Analysis of Autofill on IOS and Android. Annual Computer Security Applications Conference, 996–1010. https://doi.org/10.1145/3485832.3485884

[5]

Huaman, N., Amft, S., Oltrogge, M., Acar, Y., & Fahl, S. (2021). They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites. https://doi.org/10.1109/sp40001.2021.00094

[6]

Blanchou, M., & Youn, P. (2013). Password Managers: Exposing Passwords Everywhere. iSEC Partners. https://raw.githubusercontent.com/iSECPartners/publications/master/whitepapers/password_managers.pdf

[7]

Stock, B., & Johns, M. (2014). Protecting users against XSS-based password manager abuse. https://doi.org/10.1145/2590296.2590336

[8]

Silver, D., Jana, S., Boneh, D., Chen, E., & Jackson, C. (2014). Password Managers: Attacks and Defenses. 23rd USENIX Security Symposium (USENIX Security 14), 449–464. https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/silver

[9]

Oesch, S., & Ruoti, S. (2020). That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers. 29th USENIX Security Symposium (USENIX Security 20), 2165–2182. https://www.usenix.org/conference/usenixsecurity20/presentation/oesch

[10]

West, M. (2019, January 17). Credential Management Level 1. https://www.w3.org/TR/2019/WD-credential-management-1-20190117/

Project artifacts

Firefox + Berytus

Source code

Secret* (manager)

Source code

Getting started

The quickest way to get started is to download the packaged Secret* extension and our extended Firefox browser binary. If you are compiling it yourself instead of downloading the packaged browser binary, follow the build instructions below. Otherwise, skip to the download instructions.

Build instructions

Head to the official Firefox docs and follow the instructions to download the Mozilla codebase and bootstrap your machine.
Use the Berytus's port tool to copy the Berytus source code in your Mozilla codebase director: $ ./port export /path/to/mozilla-unified
Add the below mozconfig file into your mozilla-unified directory: # Configure build options $ cat <<EOF > ./mozconfig # mozilla build config ac_add_options --with-ccache=sccache ac_add_options --disable-bootstrap # if you wish to enable debugging, uncomment the below #ac_add_options --enable-debug-js-modules #ac_add_options --enable-debug EOF
Build firefox: $ ./mach build
After the build completes, run the browser $ ./mach run

Download instructions

If you wish to skip building Firefox, you can download the packaged Firefox from the download links provided above. Simply choose your Operating System (Mac or Linux (x86_64)) and follow the instructions below.

Browser/MacOS - mount the disk image as you normally do for any installer and drag the firefox nightly icon into the applications folder. The browser can be launched by searching for 'Nightly.app'.
Browser/Linux - extract the zip contents into a desired directory. The browser can be launched by executing the 'firefox' binary, e.g. using terminal ./firefox

Launch instructions

Open the downloaded/compiled browser.
A few seconds after startup, Secret* would popup automatically.
Now, to set up the secret manager, click on the bouncing ID card button.
Go to 'Settings'
Optional: tick 'Seamless onboarding' if you wish to experience an automated epxerience.
Optional: Specify a sample email address and phone number with an international country code
Optional: Click on 'Use Development Identity.' or fill your identity innformation by going back to the idendity tab. Filling your identity info is not necessary as you will get prompted to input it during registration if needed.

✅ Your secret manager is now configured and the browser your running supports the Berytus API. Navigate to the bottom of this web page to start experimenting.

Open Source Roadmap

There has been, in some sense, three development iterations of Berytus. Berytus v0.2 has been rewritten from its previous iteration that heavily relied on XPCOM to execute JavaScript in the browser chrome. This was not performant, and Berytus v0.2 eradicated such heavy dependency on XPCOM.

We aim to implement the features below within 8 months. We will be pushing incremental updates as time goes by.

(Core): Authentication of Web App Ed25519 keys using website certificates.
(Core): Ensure only at most 1 channel can be active within a browser context.
(Secret*): Adapt implementation to support encrypted field data and encrypted user attributes.
(Core/Liaison): Bind request handlers to BrowsingContexts using WeakMap. This would ensure the implementation of SequentialRequestHandler is applicable on a browsing context level instead of on a global level.

Now the fun starts!

Run the codeblock below to register a new account or authenticate with an existing account via Berytus.

Optional

Credentials

Metadata

Category

Version

Status

Nice! You've completed all the steps. You can restart the stage if you wish.

Make sure you download/compile the lastest release of Berytus/Firefox before running the code below.

Pause between steps

Your browser the Berytus Web API