Building Sesto, in-browser password manager

Intro: what is Sesto

Sesto (abbreviation for Secret Store) is open source passwords (and general secrets) manager for web.

What sets Sesto apart from many other password managers is:

  • it's web password manager, e.g. you don't need local client to run it, only have compatible browser (Google Chrome with PNaCl modules enabled), the application is downloaded from Sesto server.
  • for a clientless web password manager, it's strong security model: most web password managers are built either on JS crypto (which is bad), or rely on simply protecting your data via SSL and with some arbitrary keys on server side. Sesto protects everything stored on server with client keys, and does not have any access to the data; moreover, Sesto performs all client-side decryption in a safe and secure manner.

Sesto was designed as one of proof of concept tools during the development of Themis and Toughbase, where we assess different techniques in implementing data manipulation schemes for sensitive data.

Sesto allows you to store your secrets in tree-like structure: 

It works in your web browser, which downloads all code from the server, but is a compiled Google Chrome application, which sets it aside from weaker apps with JS encryption or transmitting data over plain HTTPS.

Sesto server is written in Python, Sesto front-end is combination of PNaCl module (C++) and JS/CSS/HTML interface. Sesto utilizes our Themis library and it's WebThemis port.

Enough of this! Just bring me the code! There's readme there, but to learn more about inner workings of Sesto, you might still want to read this post.

Architecture

Server

The server is built in Python. It solves 2 main tasks:

  • Serve clients PEXE + JS/HTML code in response to HTTP GET /
  • Talk to PNaCl application and work as it's backend via WebScokets

Client

Client consists of 3 main parts:

  • JS/HTML front-end
  • PNaCl module containing
    • Sesto code
    • WebThemis as crypto library for Sesto

Security model

Communication

All client-server communication between running sesto app and server happens via websocket, over which we establish secure session with shared keys.

Each time server restarts, it regenerates keypair and shares public key with client via new HTML.

HTML part does not work with anything related to cryptography (here's why), all cryptographic transformations happen within PNaCl module, which then just uses JS to transmit strings to put into interface.

Storage

(see storage model below)

Sesto stores a tree of records, each record is either a folder or a file. Each file is encrypted with unique random 64-byte key, these keys are held in folders (parent nodes), this way only those having access to folder nodes are able to decrypt them and see the files.

Sesto sends to the client only selected nodes of the tree, thus minimizing potential leakage scope. All records are decrypted on client, and sequence of chunks necessary to reconstruct end-node's random password is unknown to Sesto itself since even to decrypt the root node (which lists all folders and files), Sesto needs user password, which user never sends.

Storage model

All data is stored in a tree of "folders and files" in SQLite database in two tables: data and users:

data table contains pairs of id:data, where data is Secure Cell Seal Mode JSON container, encrypted by user's password for corresponding root_id. It can be either:

  • folder, containing list of files with their random passwords
  • file, encrypted with random password

1. Folder with links to other containers:

{ "type":"folder",
   "name": <name>,
   "desc": <description>
   "context": [<id>:<password>,
                        <id>:<password>,
                         .....
                        <id>:<password>]
}

name and description are values for the interface. context carries list of id:password pairs, where each id is a link to id column value of some other object, whose data field is encrypted with password.

2. The file itself

{
    "type":"file",
    "name":<name>,
    "desc":<description>
    "context":[{"key":<name>,
                          "val":<data>,
                          "txt":<is text field>,
                          "sec":<is addition encrypted field>},
                          ....]
}

sec flag denoted whether the data field is additionaly encrypted by user password.

Installing and running

Prerequisites

  • Your machine has to have Python3 and pip3 to use python part
  • You have to install libssl-dev

Installing


git clone https://github.com/cossacklabs/themis
cd themis 
make SECURE_COMPARATOR=enable 
sudo make SECURE_COMPARATOR=enable install 
cd .. 
git clone https://github.com/cossacklabs/sesto 
cd sesto 
pip3 install -r requirements.txt 
python3 add_user.py test_user test_pass 

Running

python3 server.py

or add -v to get into verbose mode.

Server will run on port 5103 of the machine you've launched it on.

Now just go do http://serveraddr:5103 and you should see a login screen.

Tweaking Sesto (for developers)

Sesto is open-source under Apache2 license and we'll be glad if someone tries to build something interesting and sophisticated on top of this simple PoC code.

Web part

Web part consists of PNaCl object doing all security stuff and JS/HTML part. They communicate via _client JS object.

Web part consists of Sesto code, which is in sesto_pnacl_module.cc, which:

  • sets up WebSocket connection to server
  • establishes Secure Session connection over it
  • authenticates users via Secure Comparator
  • provides chunks of encrypted database to user on-demand by id.

...and WebThemis library itself with code in /webthemis/ folder.

To rebuild it after tweaking, you will need:

  1. themis installed with Secure Comparator enabled (see Installing section)
  2. NaCl SDK
  3. create environment variable PNACL_ROOT with path to installed SDK files.

Now, clone repository with all submodules and build WebThemis and Sesto:

git clone https://github.com/cossacklabs/sesto
cd sesto
git submodules update --init --recursive
cd webthemis
make
cd ..
make

You might want to refer to webthemis documentation for some additional details on how WebThemis works.

Server part

Server.py is very simple Python Server, doing 4 things:

  1. Serving Sesto binaries and design to HTTP customers
  2. Establishing Secure Session over websockets
  3. Authenticating the user
  4. Giving the user object by id, and handling edit/update operations.

Good Luck!

And if you'd like to get in touch, drop us a line by any convenient method

Copyright © 2014-2017 Cossack Labs Limited
Cossack Labs is a privately-held British company with a team of data security experts based in Kyiv, Ukraine.