Introducing auth.pico: A Secure and Modern HTTP Authentication Scheme
- Jonas Seidemann
- Announcement
- September 10, 2023
With the increasing sophistication of cyber threats, modern API authentication needs to be both robust and easy to implement. At alpico, we are happy to announce the release of our brand-new authentication scheme, a state-of-the-art solution that leverages ed25519 signatures for securing your HTTP requests.
To start using the alpico Authentication Scheme and access our code, visit our GitHub repository .
The Challenge of Modern API Authentication
Every request made to the alpico backend needs to be authenticated by the client. However, password-based schemes and traditional methods like HTTP Basic and Digest fall short in ensuring the level of security required for today’s APIs. Even HMAC -based approaches, while stronger, demand the management of shared secrets that must be kept secure on both ends. This becomes a significant challenge in a distributed backend system.
To address these concerns, we have adopted a public-key signature scheme, where the private key never leaves the device on which it was generated. With a previously registered public key, the backend can confidently verify that a specific request originates from a particular user and that the request parameters have not been tampered with.
Why ed25519 Signatures?
We have chosen to build our authentication scheme on top of ed25519 signatures for several compelling reasons:
- Efficiency : ed25519 signatures are fast to calculate, ensuring that the authentication process doesn’t introduce significant latency into your API requests.
- Security : Implementing ed25519 is easier to do securely than RSA, reducing the likelihood of vulnerabilities in your authentication system.
- Widespread Support : ed25519 signatures enjoy wide support across various programming languages and libraries, making it accessible for developers in different ecosystems.
You can find a comprehensive description of ed25519 in RFC 8082 , which includes example code and test vectors. While implementing ed25519 signatures from scratch is possible, we strongly recommend using an existing library like libsodium to minimize the risk of subtle bugs undermining your system’s security.
Security Considerations
Security is paramount in any authentication scheme, and the alpico Authentication Scheme has been meticulously designed with this principle in mind. Let’s delve deeper into the various aspects of security that our scheme provides:
1. Public-Key Cryptography
At the heart of our authentication scheme lies public-key cryptography, specifically ed25519 signatures. This cryptographic approach offers robust security benefits:
- Asymmetric Keys: Public-key cryptography uses a pair of keys—a public key and a private key. The private key never leaves the user’s device, ensuring that sensitive information remains secure.
- Tamper-Resistant Signatures: ed25519 signatures provide strong resistance against tampering. Even if an attacker intercepts a message, they cannot modify it without invalidating the signature.
2. Signature Validity
The alpico Authentication Scheme introduces the concept of signature validity through the time parameter. This feature plays a crucial role in enhancing security:
- Limited Time Window: Signatures are only valid within a specified time window, reducing the risk of attackers reusing intercepted signatures. Clients and servers can enforce this time constraint, making it challenging for malicious actors to exploit old signatures.
- Flexible Time Durations: Clients can tailor the duration to their specific use cases. Short durations may be suitable for single API calls, while longer ones might be necessary for granting access to resources over an extended period.
3. Protection Against Key Theft
One significant security concern with public-key cryptography is the potential theft of private keys. The alpico Authentication Scheme mitigates this risk:
- Private Key Retention: Private keys generated by our scheme remain on the user’s device and are never transmitted over the network. This isolation prevents attackers from gaining access to the private key, even if they compromise other parts of the system.
- Revocation Mechanism: In the event of a security incident or a suspected compromise of a private key, the scheme provides a mechanism to revoke access by installing a new public key. This proactive approach ensures that security breaches can be contained.
4. Header Integrity
Our authentication scheme places a strong emphasis on HTTP header integrity:
- Header Inclusion: By default, the scheme includes essential headers like the request method and path in the signature. This practice ensures that the most critical components of the request are covered, reducing the risk of attackers manipulating the request.
- Custom Header Support: Clients have the flexibility to include additional headers in the signature using the add parameter. This feature is especially useful when specific headers, such as content type, need to be protected.
Ongoing Maintenance and Updates
The alpico team is committed to continuously monitoring the security landscape and addressing any emerging threats. As part of our commitment to security, we will release updates and improvements to the authentication scheme as needed.
Community and Collaboration
We encourage active collaboration and feedback from the developer community. If you identify potential security improvements or have suggestions for enhancing the scheme’s security posture, please don’t hesitate to engage with us on our GitHub repository . Your input is invaluable in making the alpico Authentication Scheme even more secure in the future.