6

I am trying to "invent" secure client-side authentication where all data are stored in browser encrypted and only accessible with the correct password. My question is, what is your opinion about my idea. If you think it is not secure or there is possible backdoor, let me know.

// INPUT:
- test string (hidden, random, random length)
- password
- password again
// THEN:
- hash test string with sha-512
- encrypt test string with password
- save hash of test string
// AUTH:
- decrypt test string
- hash decrypted string with sha-512
- compare hashes
- create password hash sha-512 (and delete password from memory, so you cannot get it somehow - possible hole here because hash is reversible with brute force)

// DATA PROCESSING
- encrypt/decrypt with password hash as secret (AES-256)

Thanks!

EDIT: Maybe some salt for test string would be nice

Comments
  • 1
  • 0
  • 0
    If the hashes match the user is authenticated, right?
    If that's the case, what prevents a malicious user from tampering the hash and make it equals to the desired value?
  • 0
    Without a third party to say whether a user is who he says it is, I'm afraid it's not possible to create a really secure authentication. You can't rely on any local storage for that since a bad user may change it.
  • 0
    @lucaspar but to get the right hash, attacker will need the correct password, isn't it? or am I missing something?
  • 1
    @lamka02sk to decrypt the data the attacker would need the correct password (assuming a symmetric encryption). But encryption and authentication are different things.

    If the only condition for authenticating the user is the hashes to match, this is faulty because you can't trust the local storage (where the hashes are stored, I assume).

    If the only reason you're authenticating is to decrypt data, I don't think you need it at all.
  • 1
    @lucaspar yes, the only reason is to decrypt data, but also somehow also ensure that entered password was really correct
  • 1
    @lamka02sk ok, in that case you don't need to worry about authenticating the user. The hash is just a checksum to acknowledge that the extracted data is correct without any real security implication.
    Thus, all the secure part is up to the AES encryption, which will not yield the correct data without the correct password.

    That being said, if you really want to authenticate a user (to avoid impersonation of actions or control privileges), I think you'd need a third party.
Add Comment