1

i am trying to secure the connection between a single-page webApp (angularJS, loaded from a secure source via SSL) to a local server (called BOX) inside the private, local wifi of the user.

So the webApp is loaded in the browser via HTTPS and then uses ajax to connect to the local BOX Ressource in the local wifi.

At this point, the webApp might have lost internet connection, only loading data from the local source.

Now, i can not ensure that the wirekless is secure (people near the wifi could listen in) so i need ajax/javascript to securely authenitcate with the local resource somehow.

Most browsers do not support HTTPS Pinning which is why i can not use HTTPS, simple digest/basic Auth is not gonna do it for the client so i thought about using SRP.

My HTML/Javascript is delivered via HTTPS so that should be secure enough to protect it from being altered by a man-in-the-middle attack.

Reviewed SRP libs for Javascript exist.

Question: Does anyone see any flaws in this concept?

Andresch Serj
  • 217
  • 1
  • 8

1 Answers1

1

SRP protects only against a man in the middle sniffing the password. It does not protect against an active man-in-the-middle manipulating the transferred data.

Since active man-in-the-middle attacks in a local network are easy (ARP spoofing etc) anybody can make/manipulate the data and cause unwanted actions inside your securely authenticated but not tamper resistant connection.

Andresch Serj
  • 217
  • 1
  • 8
Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424
  • So i am not able to esablish a secure connection using SRP. You say my auth problem would be solved but my communication problem wouldn't - i would have to find a way to sign commands in order to prevent replay attacks/altering of my commands right? – Andresch Serj Jan 26 '15 at 12:42
  • 1
    Yes, some way to detect data manipulation would be needed. It does not need to be signing, it could also be encryption with HMAC, as long as the key stays unknown to the attacker. At the end you might need to re-implement important features from TLS. – Steffen Ullrich Jan 26 '15 at 13:18
  • Yes, that is it. I'll need to find a way to sign the commands, probably using a seperate Diffi-Hellmann Key Exchange. Thanks for your Answer! – Andresch Serj Jan 26 '15 at 13:27