a Secarta project ...

HTTPsec Authentication Protocol

[ View as one printable page ]

Preamble

1. Introduction
1.1. Editorial Conventions
1.2. Terms
1.3. Identifiers
2. Summary
2.1. Authentication Model
2.2. Peer Identifiers
2.3. Protocol Operation
2.3.1. Initialization
2.3.2. Continuation
3. Protocol Messages
3.1. Initialization Messages
3.1.1. Initialization Request
3.1.2. Initialization Response
3.2. Continuation Messages
3.2.1. Continuation Request
3.2.2. Continuation Response
3.3. Challenge Messages
3.3.1. Challenge Response
3.4. Message Flow
4. Protocol Directives
4.1. id
4.2. dh
4.3. certificate
4.4. url
4.5. group
4.6. nonce
4.7. auth
4.8. token
4.9. signature
4.10. count
4.11. mac
4.12. digest
5. Other Headers
5.1. Content-Encoding
5.2. Cache-Control
5.3. Expires
6. Protocol Computations
6.1. Algorithms
6.1.1. Hash Algorithm
6.1.2. Public Key Algorithm
6.1.3. Encryption Scheme
6.1.4. Signature Scheme
6.1.5. Block Cipher
6.1.6. Block Cipher Mode
6.2. Header Canonicalization
6.3. Initialization Transcript
6.4. Continuation Request Transcript
6.5. Continuation Response Transcript
6.6. Shared Secret
6.7. Keys
6.7.1. MAC Keys
6.7.2. Cipher Keys
6.8. Message Body Ciphering
7. Message Validation
7.1. Initialization Request Validation
7.2. Initialization Response Validation
7.3. Continuation Request Validation
7.4. Continuation Response Validation
8. Cache Considerations
9. Security Considerations
10. References
11. Editor Address

4.9. signature

The signature directive in an initialization response is used to verify the integrity of all the initialization directives and thus allows the requester to authenticate the responder prior to making any continuation requests.

The signature directive is computed by the responder as follows:

signature = base64enc( SIGN( private-key, init-transcript ) )

where the following apply:

  • base64enc() is base64 encoding, bytes to string.
  • SIGN(k,m) is the signature over string m using private key k according to the Signature Scheme.
  • private-key is the responder's authentication key private key.
  • init-transcript is a concatenation of all the initialization directives, computed according to the Initialization Transcript section.

The signature directive is validated by the requester as follows:

VALIDATE( public-key, init-transcript, base64dec( signature ) )

where the following apply:

  • base64dec() is base64 decoding, string to bytes.
  • VALIDATE(k,m,s) is the validation of a signature s over a string m using public key k, according to the Signature Scheme.
  • signature is the value of the received directive.
  • public-key is the public key associated (subjectively, by the requester) with the responder. Note that this may or may not be equivalent the public key implied by the certificate directive, depending on the trust mechanism employed by the requester.
  • init-transcript is a concatenation of all the initialization directives, computed according to the Initialization Transcript section.
© Secarta. All rights reserved.