localconnection data encrypted?

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

localconnection data encrypted?

Pete Appleby
I am using localconnections to pass information from one AIR
application to another. All of this is working fine.

I understand that AMF0 is being used behind the scenes to pass the
information through the localconnection send() method.

Is the data encrypted? If not, I assume that I must encrypt sensitive
information myself.

Hope someone can help with this.

Pete


Reply | Threaded
Open this post in threaded view
|

Re: localconnection data encrypted?

Tom Chiverton-2
On Monday 26 Jan 2009, Pete Appleby wrote:
> Is the data encrypted? If not, I assume that I must encrypt sensitive
> information myself.

Does LocalConnection even use the network ? As opposed to some sort of shared
memory access ?

--
Tom Chiverton
Helping to adaptively entrench magnetic patterns

****************************************************

This email is sent for and on behalf of Halliwells LLP.

Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB.  A list of members is available for inspection at the registered office together with a list of those non members who are referred to as partners.  We use the word ?partner? to refer to a member of the LLP, or an employee or consultant with equivalent standing and qualifications. Regulated by the Solicitors Regulation Authority.

CONFIDENTIALITY

This email is intended only for the use of the addressee named above and may be confidential or legally privileged.  If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents.  If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500.

For more information about Halliwells LLP visit www.halliwells.com.
Reply | Threaded
Open this post in threaded view
|

Re: localconnection data encrypted?

Pete Appleby
It would seem that there is a network connection being used, but I
have not been able to find out for sure.

The localconnection allows different versions of the Flash player to
communicate via AMF0. This leads me to believe that the network is
being used as opposed to a shared memory model. It would be nice to
know for sure, but it is now a moot point for my applications.

I have taken the time to implement RSA encryption in my communication
classes so that the two AIR applications exchange public keys at the
time of the first Send command.

Once the handshaking of public keys has been completed, the future
messages are encrypted and pushed out through the use of the Send method.

The receiving app then decrypts the message using its private keys. I
am storing the keys in the encrypted local store. That brings up the
question of just how secure is the encrypted local store?

Pete


Reply | Threaded
Open this post in threaded view
|

RE: Re: localconnection data encrypted?

Seth Hodgson
There's no network involved. More details here: http://greetingsfromoakland.blogspot.com/2008/11/zen-and-art-of-localconnection.html

You need to worry about encryption in this scenario unless you're worried about other processes on the local machine trolling randomly through memory...
What you likely do need to worry about are the gotchas mentioned in the blog post.

Best,
Seth

From: [hidden email] [mailto:[hidden email]] On Behalf Of Pete Appleby
Sent: Wednesday, January 28, 2009 2:45 PM
To: [hidden email]
Subject: [flexcoders] Re: localconnection data encrypted?

It would seem that there is a network connection being used, but I
have not been able to find out for sure.

The localconnection allows different versions of the Flash player to
communicate via AMF0. This leads me to believe that the network is
being used as opposed to a shared memory model. It would be nice to
know for sure, but it is now a moot point for my applications.

I have taken the time to implement RSA encryption in my communication
classes so that the two AIR applications exchange public keys at the
time of the first Send command.

Once the handshaking of public keys has been completed, the future
messages are encrypted and pushed out through the use of the Send method.

The receiving app then decrypts the message using its private keys. I
am storing the keys in the encrypted local store. That brings up the
question of just how secure is the encrypted local store?

Pete
Reply | Threaded
Open this post in threaded view
|

Re: localconnection data encrypted?

Pete Appleby
Thanks for the info! I have not been able to find out much about this
out there.

I have implemented my localconnection between AIR apps like you
describe, with Send and ack/nack from the receiving apps.

This is all working great. I am passing data back and forth from one
app to another. In my first case we have an order entry system. The
second app is a financial calculator. I can push the info back and
forth if needed to calculate the financing. Both apps can be used
standalone, but it is great to have them working in tandem when needed.

Since I was not able to find the answer, I have used the as3crypto
library to implement RSA encryption. The two apps do a quick handshake
of public keys at the beginning, then all remaining Sends are encrypted.

The only weakness I can see in this is that I am using the Encrypted
Local Store to save the RSA keys. I intend to use this same technique
in communicating sensitive with back end web services. Which brings up
the next question: How secure is the Encrypted Local Store? If someone
can get the private key from there, it's all for nothing.

Thanks!

Pete


Reply | Threaded
Open this post in threaded view
|

RE: Re: localconnection data encrypted?

Seth Hodgson
In reply to this post by Pete Appleby
Sorry - typo. That should have been: You _don't_ need to worry about encryption in this scenario. If you're worried about encrypting bytes sent over LocalConnections (just a block of shared memory on your local system), I'd assume you'd also need to be worried about those same values in the memory space used by the Player or AIR instances that are communicating via LocalConnections. Given the GC'ed nature of ActionScript, you don't have direct control over how long variables will stick around. So if there's a rogue process running locally that can scan and read anything in system memory, the values in Player/AIR memory space are just as vulnerable as values in the shared memory block used for LocalConnections. If that's the case, then you have bigger issues to worry about than encrypting what you're exchanging via LocalConnection, like getting good anti-virus software installed or something :)

Best,
Seth

-----Original Message-----
From: Seth Hodgson
Sent: Wednesday, January 28, 2009 2:50 PM
To: '[hidden email]'
Subject: RE: [flexcoders] Re: localconnection data encrypted?

There's no network involved. More details here: http://greetingsfromoakland.blogspot.com/2008/11/zen-and-art-of-localconnection.html

You need to worry about encryption in this scenario unless you're worried about other processes on the local machine trolling randomly through memory...
What you likely do need to worry about are the gotchas mentioned in the blog post.

Best,
Seth

From: [hidden email] [mailto:[hidden email]] On Behalf Of Pete Appleby
Sent: Wednesday, January 28, 2009 2:45 PM
To: [hidden email]
Subject: [flexcoders] Re: localconnection data encrypted?

It would seem that there is a network connection being used, but I
have not been able to find out for sure.

The localconnection allows different versions of the Flash player to
communicate via AMF0. This leads me to believe that the network is
being used as opposed to a shared memory model. It would be nice to
know for sure, but it is now a moot point for my applications.

I have taken the time to implement RSA encryption in my communication
classes so that the two AIR applications exchange public keys at the
time of the first Send command.

Once the handshaking of public keys has been completed, the future
messages are encrypted and pushed out through the use of the Send method.

The receiving app then decrypts the message using its private keys. I
am storing the keys in the encrypted local store. That brings up the
question of just how secure is the encrypted local store?

Pete
Reply | Threaded
Open this post in threaded view
|

Re: Re: localconnection data encrypted?

Sam Lai
In reply to this post by Pete Appleby
> The only weakness I can see in this is that I am using the Encrypted
> Local Store to save the RSA keys. I intend to use this same technique
> in communicating sensitive with back end web services. Which brings up
> the next question: How secure is the Encrypted Local Store? If someone
> can get the private key from there, it's all for nothing.

The Encrypted Local Store is just a wrapper around the operating
system's, well, encrypted local store. On Windows, it's the DPAPI, and
on the Mac, it's the keychain. No idea what it is on Linux.

As for whether those APIs are vulnerable, well, if they were, it would
be a pretty high priority bug for OS manufacturers given all kinds of
even more secret things are stored in there. It is worth noting that
those APIs depend on the security of the system and the user's
password.

On top of that, the AIR ELS implementation uses your app's cert as
part of the key (as well as your app and publisher IDs), so only your
app with your cert can access data you have encrypted. Any other app
cannot access it (not quite sure what happens when your cert expires
and you need to renew it).

The most vulnerable part of using the ELS is after the data has been
decrypted. It is then stored in memory in plain text until it is
garbage collected. (Curious question - I wonder if strings are
interned in AIR, if so, that could pose another security problem.)

But like others have said, if memory scanning is a problem, the
problem is bigger than AIR.

Here's a bit of discussion on it -
http://weblogs.macromedia.com/cantrell/archives/2007/12/encrypting_data.html
Reply | Threaded
Open this post in threaded view
|

RE: Re: localconnection data encrypted?

Seth Hodgson
In reply to this post by Pete Appleby
> The most vulnerable part of using the ELS is after the data has been
> decrypted. It is then stored in memory in plain text until it is
> garbage collected. (Curious question - I wonder if strings are
> interned in AIR, if so, that could pose another security problem.)

Strings are interned by the AVM in both the Player and AIR.

So if you have highly sensitive character data and you're worried about memory scanning, you'd want to use an array of characters, and scramble the contents manually after you've used the value in order to render it illegible until the array is GCed. There's no perfect solution here, but this reduces the attack surface.

Again, not a concern for most apps.

Best,
Seth

-----Original Message-----
From: Seth Hodgson
Sent: Wednesday, January 28, 2009 3:36 PM
To: '[hidden email]'
Subject: RE: [flexcoders] Re: localconnection data encrypted?

Sorry - typo. That should have been: You _don't_ need to worry about encryption in this scenario. If you're worried about encrypting bytes sent over LocalConnections (just a block of shared memory on your local system), I'd assume you'd also need to be worried about those same values in the memory space used by the Player or AIR instances that are communicating via LocalConnections. Given the GC'ed nature of ActionScript, you don't have direct control over how long variables will stick around. So if there's a rogue process running locally that can scan and read anything in system memory, the values in Player/AIR memory space are just as vulnerable as values in the shared memory block used for LocalConnections. If that's the case, then you have bigger issues to worry about than encrypting what you're exchanging via LocalConnection, like getting good anti-virus software installed or something :)

Best,
Seth

-----Original Message-----
From: Seth Hodgson
Sent: Wednesday, January 28, 2009 2:50 PM
To: '[hidden email]'
Subject: RE: [flexcoders] Re: localconnection data encrypted?

There's no network involved. More details here: http://greetingsfromoakland.blogspot.com/2008/11/zen-and-art-of-localconnection.html

You need to worry about encryption in this scenario unless you're worried about other processes on the local machine trolling randomly through memory...
What you likely do need to worry about are the gotchas mentioned in the blog post.

Best,
Seth

From: [hidden email] [mailto:[hidden email]] On Behalf Of Pete Appleby
Sent: Wednesday, January 28, 2009 2:45 PM
To: [hidden email]
Subject: [flexcoders] Re: localconnection data encrypted?

It would seem that there is a network connection being used, but I
have not been able to find out for sure.

The localconnection allows different versions of the Flash player to
communicate via AMF0. This leads me to believe that the network is
being used as opposed to a shared memory model. It would be nice to
know for sure, but it is now a moot point for my applications.

I have taken the time to implement RSA encryption in my communication
classes so that the two AIR applications exchange public keys at the
time of the first Send command.

Once the handshaking of public keys has been completed, the future
messages are encrypted and pushed out through the use of the Send method.

The receiving app then decrypts the message using its private keys. I
am storing the keys in the encrypted local store. That brings up the
question of just how secure is the encrypted local store?

Pete