research-article

ShadowCrypt: Encrypted Web Applications for Everyone

Authors:

Devdatta Akhawe,

Dawn SongAuthors Info & Claims

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

Pages 1028 - 1039

https://doi.org/10.1145/2660267.2660326

Published: 03 November 2014 Publication History

Abstract

A number of recent research and industry proposals discussed using encrypted data in web applications. We first present a systematization of the design space of web applications and highlight the advantages and limitations of current proposals. Next, we present ShadowCrypt, a previously unexplored design point that enables encrypted input/output without trusting any part of the web applications. ShadowCrypt allows users to transparently switch to encrypted input/output for text-based web applications. ShadowCrypt runs as a browser extension, replacing input elements in a page with secure, isolated shadow inputs and encrypted text with secure, isolated cleartext. ShadowCrypt's key innovation is the use of Shadow DOM, an upcoming primitive that allows low-overhead isolation of DOM trees. Evaluation results indicate that ShadowCrypt has low overhead and of practical use today. Finally, based on our experience with ShadowCrypt, we present a study of 17 popular web applications, across different domains, and the functionality impact and security advantages of encrypting the data they handle.

References

[1]

6WUNDERKINDER. Let's talk comments for wunderlist and our 5+ million users. http://goo.gl/PcjOR6.

[2]

AGARWAL, N., RENFRO, S., AND BEJAR, A. Phishing forbidden. Queue 5, 5 (2007), 28--32.

Digital Library

[3]

AGARWAL, N., RENFRO, S., AND BEJAR, A. Yahoo!'s sign-in seal and current anti-phishing solutions. In Proceedings of Web 2.0 Security & Privacy Workshop (2007).

[4]

BELLARE, M., RISTENPART, T., ROGAWAY, P., AND STEGERS, T. Format-preserving encryption. In Selected Areas in Cryptography (2009), pp. 295--312.

Digital Library

[5]

BETHENCOURT, J., SAHAI, A., AND WATERS, B. Ciphertext-policy attribute-based encryption. In Proceedings,of the 2007 IEEE Symposium on Security and Privacy (2007), SP '07, pp. 321--334.

Digital Library

[6]

BONEH, D., SAHAI, A., AND WATERS, B. Functional encryption: Definitions and challenges. In Proceedings of the 8th Conference on Theory of Cryptography (2011), TCC'11, pp. 253--273.

Digital Library

[7]

CASH, D., JARECKI, S., JUTLA, C. S., KRAWCZYK, H., ROSU, M.-C., AND STEINER, M. Highly-scalable searchable symmetric encryption with support for boolean queries. In CRYPTO (2013), pp. 353--373.

[8]

CHEN, A. Gcreep: Google engineer stalked teens, spied on chats. http://gawker.com/5637234/.

[9]

CHRISTODORESCU, M. Private use of untrusted web servers via opportunistic encryption. W2SP 2008: Web 2.0 Security and Privacy 2008 (2008).

[10]

CONSTANTIN, L. Mega: Bug bounty programme resulted in seven vulnerabilities fixed so far, Feb. 2013. http://www. computerworld.co.nz/article/488585/.

[11]

CONSTINE, J. Twitter and linkedin manage tasks with asana, new api means robots can too. http://goo.gl/M8monn.

[12]

Cryptocat blog: Xss vulnerability discovered and fixed, Aug. 2012. http://goo.gl/Nq7tVk.

[13]

Dromaeo: Javascript performance testing. http://dromaeo.com/.

[14]

FAHL, S., HARBACH, M., MUDERS, T., AND SMITH, M. Confidentiality as a service-usable security for the cloud. In Trust, Security and Privacy in Computing andCommunications (TrustCom), 2012 IEEE 11th International Conference on (2012), IEEE, pp. 153--162.

Digital Library

[15]

GALLAGHER, J. Thanks a million! http://blog.trello.com/thanks-a-million/.

[16]

GENTRY, C. Fully homomorphic encryption using ideal lattices. In STOC (2009), pp. 169--178.

Digital Library

[17]

GIFFIN, D. B., LEVY, A., STEFAN, D., TEREI, D., MAZIERES, D., MITCHELL, J., AND RUSSO, A. Hails: Protecting data privacy in untrusted web applications. In 10th Symposium on Operating Systems Design and Implementation (OSDI) (2012), pp. 47--60.

Digital Library

[18]

GLAZKOV, D. {shadow}: Consider isolation. https://www.w3.org/Bugs/Public/show_bug.cgi?id=16509.

[19]

GLAZKOV, D. Shadow dom. http://goo.gl/G4j3L4.

[20]

GOEL, V., AND WYATT, E. Facebook privacy change is subject of f.t.c. inquiry. http://nyti.ms/19IWMV8.

[21]

GOLDREICH, O., AND OSTROVSKY, R. Software protection and simulation on oblivious RAMs. J. ACM (1996).

Digital Library

[22]

GOOGLE. Content scripts. http://goo.gl/G2r47g.

[23]

GORDON, S. D., KATZ, J., KOLESNIKOV, V., KRELL, F., MALKIN, T., RAYKOVA, M., AND VAHLIS, Y. Secure two-party computation in sublinear (amortized) time. In ACM Conference on Computer and Communications Security (CCS) (2012).

Digital Library

[24]

HEIDERICH, M., NIEMIETZ, M., SCHUSTER, F., HOLZ, T., AND SCHWENK, J. Scriptless attacks: stealing the pie without touching the sill. In Proceedings of the 2012 ACM conference on Computer and communications security (2012), ACM, pp. 760--771.

Digital Library

[25]

HUANG, L.-S., MOSHCHUK, A., WANG, H. J., SCHECHTER, S., AND JACKSON, C. Clickjacking: Attacks and defenses. In Proceedings of the 21st USENIX Conference on Security Symposium (Berkeley, CA, USA, 2012), Security'12, USENIX Association, pp. 22--22.

Digital Library

[26]

JAIN, A., AND TIKIR, M. Is the web getting faster? http://goo.gl/kFXL7r.

[27]

KEYBASE. Keybase. https://keybase.io/.

[28]

KURT OPSAHL. Facebook's eroding privacy policy: A timeline. http://goo.gl/BkRknm.

[29]

Lastpass blog: Cross site scripting vulnerability reported, fixed, Feb. 2011. http://goo.gl/4MDNjU.

[30]

LU, S., AND OSTROVSKY, R. How to garble ram programs. In EUROCRYPT (2013).

[31]

MANIATIS, P., AKHAWE, D., FALL, K., SHI, E., MCCAMANT, S., AND SONG, D. Do you know where your data are?: Secure data capsules for deployable data protection. In Proceedings of the 13th USENIX Conference on Hot Topics in Operating Systems (Berkeley, CA, USA, 2011), HotOS'13, USENIX Association, pp. 22--22.

Digital Library

[32]

MAONE, G., HUANG, D. L.-S., GONDROM, T., AND HILL, B. User interface security directives for content security policy. http://www.w3.org/TR/UISecurity/.

[33]

MCGREGOR, S. Zerobin. http://goo.gl/blY1zx.

[34]

MEENAN, P. Webpagetest - website performance and optimization test. http://www.webpagetest.org/.

[35]

MOZILLA DEVELOPER NETWORK, AND INDIVIDUAL CONTRIBUTORS. Xpconnect wrappers. http://goo.gl/8eZzQ8.

[36]

PARNO, B., MCCUNE, J., AND PERRIG, A. Bootstrapping trust in commodity computers. In Security and Privacy (SP), 2010 IEEE Symposium on (2010), pp. 414--429.

Digital Library

[37]

POPA, R. A., REDFIELD, C. M. S., ZELDOVICH, N., AND BALAKRISHNAN, H. Cryptdb: Protecting confidentiality with encrypted query processing. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles (New York, NY, USA, 2011), SOSP '11, ACM, pp. 85--100.

Digital Library

[38]

POPA, R. A., STARK, E., VALDEZ, S., HELFER, J.,ZELDOVICH, N., AND BALAKRISHNAN, H. Securing web applications by blindfolding the server. NDSI (2014).

[39]

PRIVLY. Privly. http://priv.ly/.

[40]

RECURITY LABS GMBH. Openpgp.js. http://openpgpjs.org/.

[41]

ROESNER, F., KOHNO, T., MOSHCHUK, A., PARNO, B., WANG, H. J., AND COWAN, C. User-driven access control: Rethinking permission granting in modern operating systems. In Security and Privacy (SP), 2012 IEEE Symposium on (2012), IEEE, pp. 224--238.

Digital Library

[42]

SAHAI, A., AND WATERS, B. Fuzzy identity-based encryption. In EUROCRYPT (2005), pp. 457--473.

Digital Library

[43]

Shadowcrypt code release. http://shadowcrypt-release.weebly.com/.

[44]

SONG, D. X., WAGNER, D., AND PERRIG, A. Practical techniques for searches on encrypted data. In Proceedings of the 2000 IEEE Symposium on Security and Privacy (Washington, DC, USA, 2000), IEEE Computer Society.

Digital Library

[45]

STARK, E., HAMBURG, M., AND BONEH, D. Symmetric cryptography in javascript. In Computer Security Applications Conference, 2009. ACSAC'09. Annual (2009), IEEE, pp. 373--381.

Digital Library

[46]

STONE, P. Pixel perfect timing attacks with html5.

[47]

THE CHROMIUM AUTHORS. Design plans for out-of-processiframes. http://goo.gl/VqR4sv.

[48]

Virtru. http://www.virtru.com.

[49]

WIKIPEDIA. Global surveillance disclosures (2013-present). http://goo.gl/3YWjY9.

[50]

YANG, J., YESSENOV, K., AND SOLAR-LEZAMA, A. A language for automatically enforcing privacy policies. ACM SIGPLAN Notices 47, 1 (2012), 85--96.

Digital Library

[51]

YAO, A. C.-C. How to generate and exchange secrets. In IEEE symposium on Foundations of Computer Science (FOCS) (1986).

Digital Library

[52]

ZALEWSKI, M. Postcards from the post-xss world. http://lcamtuf.coredump.cx/postxss/.

Cited By

Xu WMa HSong ZLi JZhang R(2024)Gringotts: An Encrypted Version Control System With Less Trust on ServersIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.325136521:2(668-684)Online publication date: Mar-2024
https://doi.org/10.1109/TDSC.2023.3251365
Ali TAl-Khalidi MAl-Zaidi R(2024)Information Security Risk Assessment Methods in Cloud Computing: Comprehensive ReviewJournal of Computer Information Systems10.1080/08874417.2024.2329985(1-28)Online publication date: 29-Mar-2024
https://doi.org/10.1080/08874417.2024.2329985
Al Qahtani EJaved YTabassum SSahoo LShehab M(2023)Managing Access to Confidential Documents: A Case Study of an Email Security ToolFuture Internet10.3390/fi1511035615:11(356)Online publication date: 28-Oct-2023
https://doi.org/10.3390/fi15110356
Show More Cited By

Index Terms

ShadowCrypt: Encrypted Web Applications for Everyone
1. Information systems
  1. World Wide Web
    1. Web applications
    2. Web services
2. Security and privacy
  1. Cryptography
  2. Systems security
    1. Operating systems security

Recommendations

A privacy problem on Hu-Huang's proxy key generation protocol

A proxy signature scheme enables an original signer to delegate his signing capability to a proxy signer and then the proxy signer can sign a message on behalf of the original signer. Recently, several ID-based proxy signature schemes have been ...
Browserprint: an Analysis of the Impact of Browser Features on Fingerprintability and Web Privacy
Information Security
Abstract
Web browsers are indispensable applications in our daily lives. Millions of users use web browsers for a wide range of activities such as social media, online shopping, emails, or surfing the web. The evolution of increasingly more complicated web ...
Privacy-Enhancing Proxy Signatures from Non-interactive Anonymous Credentials
DBSec 2014: Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII - Volume 8566

Proxy signatures enable an originator to delegate the signing rights for a restricted set of messages to a proxy. The proxy is then able to produce valid signatures only for messages from this delegated set on behalf of the originator. Recently, two ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

November 2014

1592 pages

ISBN:9781450329576

DOI:10.1145/2660267

General Chair:
Gail-Joon Ahn
Arizona State University, USA
,
Program Chairs:
Moti Yung
Google -- Columbia University, USA
,
Ninghui Li
Purdue University, USA

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 November 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Office of Naval Research
Division of Computer and Network Systems
National Science Foundation
Google
ISTC for Secure Computing
Air Force Office of Scientific Research
Alfred P. Sloan Foundation

Conference

CCS'14

Sponsor:

SIGSAC

CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security

November 3 - 7, 2014

Arizona, Scottsdale, USA

Acceptance Rates

CCS '14 Paper Acceptance Rate 114 of 585 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

64
Total Citations
View Citations
821
Total Downloads

Downloads (Last 12 months)44
Downloads (Last 6 weeks)2

Reflects downloads up to 09 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Xu WMa HSong ZLi JZhang R(2024)Gringotts: An Encrypted Version Control System With Less Trust on ServersIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.325136521:2(668-684)Online publication date: Mar-2024
https://doi.org/10.1109/TDSC.2023.3251365
Ali TAl-Khalidi MAl-Zaidi R(2024)Information Security Risk Assessment Methods in Cloud Computing: Comprehensive ReviewJournal of Computer Information Systems10.1080/08874417.2024.2329985(1-28)Online publication date: 29-Mar-2024
https://doi.org/10.1080/08874417.2024.2329985
Al Qahtani EJaved YTabassum SSahoo LShehab M(2023)Managing Access to Confidential Documents: A Case Study of an Email Security ToolFuture Internet10.3390/fi1511035615:11(356)Online publication date: 28-Oct-2023
https://doi.org/10.3390/fi15110356
Xue MWu ZZhang YWang JLiu W(2023)AdvParams: An Active DNN Intellectual Property Protection Technique via Adversarial Perturbation Based Parameter EncryptionIEEE Transactions on Emerging Topics in Computing10.1109/TETC.2022.323101211:3(664-678)Online publication date: 1-Jul-2023
https://doi.org/10.1109/TETC.2022.3231012
Gui ZPaterson KPatranabis S(2023)Rethinking Searchable Symmetric Encryption2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179460(1401-1418)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179460
Ren KWang CRen KWang C(2023)Security Impact of Leakage Profiles: Threats and CountermeasuresSearchable Encryption10.1007/978-3-031-21377-9_5(77-105)Online publication date: 5-Jan-2023
https://doi.org/10.1007/978-3-031-21377-9_5
Yadav THales JSeamons KYin HStavrou ACremers CShi E(2022)PosterProceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security10.1145/3548606.3563541(3499-3501)Online publication date: 7-Nov-2022
https://dl.acm.org/doi/10.1145/3548606.3563541
Wang XDu YWang CWang QFang L(2022)WebEnclave: Protect Web Secrets From Browser Extensions With Software EnclaveIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.308186719:5(3055-3070)Online publication date: 1-Sep-2022
https://doi.org/10.1109/TDSC.2021.3081867
Sun SMa HSong ZZhang R(2022)WebCloud: Web-Based Cloud Storage for Secure Data Sharing Across PlatformsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2020.304078419:3(1871-1884)Online publication date: 1-May-2022
https://doi.org/10.1109/TDSC.2020.3040784
Chen YHao YYi ZGuo XXu C(2022)Ciphertext storage scheme supporting data hierarchical management and control2022 International Conference on Networking and Network Applications (NaNA)10.1109/NaNA56854.2022.00042(205-212)Online publication date: Dec-2022
https://doi.org/10.1109/NaNA56854.2022.00042
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents