[slightlyoff/ServiceWorker] Secure Client-Subscribed 1:M Broadcast message delivery (#901)

I have been communicating off-line with a very knowledgeable encryption person and I have submitted the following privacy/encryption strategy to him for comment. For purposes of a second opinion I'd like to open the topic to the Push API community at large.

The goal is to allow HTML Clients, who have previously authenticated with their Application Server, subscribe to any number of Topics published by said AS with ALL client/topic mapping managed by the 3rd party Push Service. The content/body/payload would be encrypted, but each authenticated client would receive identical decryption keys via the second pipe. The Notification metadata would be available to the "hostile" PS as it is today.

My algorithm in a nutshell: -

1) Client (Web App) authenticates itself with Application Server via non-prescriptive means. (For the sake of argument REST via httpS against Active Directory).

2) Client tells server I am looking to subscribe to topics a/b, London/weather, and Sport.

3) Application Server responds with topic GUIDs and corresponding shared secrets for symmetric encryption. NB: The same shared secret for ALL broadcast-topic subscribers for a given life-span/topic.

4) The JSON body/data/payload/whatever is encrypted with the shared secret before being pushed. Meta-data, including topic headers, priority, TTL etc are visible to PS and open to abuse.

Please explain what is: -
a) Deficient with my strategy for payload confidentiality
b) What more your point-to-point architecture offers
c) Yes, a "hostile" PS can delete messages for both

Cheers Richard Maher

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/slightlyoff/ServiceWorker/issues/901

Received on Friday, 20 May 2016 07:14:45 UTC