사용자 인증 시 고민하게 되는 비밀번호 암호화와 데이터 암호화 도구에 대해 순수 웹 결제 플랫폼을 지향하는 시럽페이에 반영된 One Password Protocol (by Mozilla)과 JOSE(by Web Payment Group in W3C) 기술에 대해 간략하게 설명합니다.

1. Syrup Pay 인증 모듈 개발 사례
Syrup Pay 개발에 관한 짧은 회고

2. 임형태
2013 ~
SK PLANET Fintech Dev. Team
2006 ~ 2013
ESTsoft 알약서버 Dev. Team
Leader

3. Syrup Pay is 간편결제?

4. 안전함 과 편리함 100% Pure WEB
https://www.flickr.com/photos/11325321

5. 개. 발. 일. 정 이라 쓰고 수팩스라 읽는다.
https://www.flickr.com/photos/bionicteaching/6057415565

7. Syrup Pay at NOW
• 총 361 만명 사용자
• 총 24 개 가맹점
• 일 5만6천여 건, 약 25억 원 결제
2016.11.17 기준

8. 목차
• 시럽페이의 패스워드 암호화 과정
• 시럽페이의 암호화 도구
https://www.flickr.com/photos/manchesterlibrary/3128145925

9. 사용자 인증 with ID/PW One Password Protocol of FF
https://www.flickr.com/photos/marcobellucci/3534516458

10. ­ translate by translate.google.com
“이 문서는 FxA 클라이언트 (FF 동기화 클라이언
트 포함)와 https://github.com/mozilla/fxa-
auth-server에서 구현 된 키 서버에 사용되는 프
로토콜에 대해 설명합니다. 클라이언트는이 프로
토콜을 사용하여 account password에 대한 지
식(knowledge)을 증명합니다.이 정보는
sessionToken을받으며 서명 된 BrowserID 인증
서 (계정을 제어하는 후속 신뢰 당사자를 설득하
는 데 사용할 수 있음)를 얻는 데 사용할 수 있습
니다. 이 프로토콜은 또한 동기화 데이터를 암호
화하는 데 사용될 암호화 키 쌍 (kA 및 kB)을 검
색하는 데 사용됩니다.”

11. What is One PW Protocol 해치지 않아요

12. Password Encryption (as One PW Protocol)
HMAC(Email, Password) PBKDF2 + Salt SHA512
Scrypt + Salt SHA512 Verify Hash(saved)
via SSL/TLS

13. Password Encryption (as One PW Protocol)
HMAC_SHA256("", "") =
0xb613679a0814d9ec772f95d778c35fc5ff1697c4937156
53c6c712144292c5ad
HMAC_SHA256("key", "The quick brown fox jumps over
the lazy dog") =
0xf7bc83f430538424b13298e6aa6fb143ef4d59a1494617
5997479dbc2d1a3cd8

14. Password Encryption (as One PW Protocol)
HMAC_SHA256("Email", “Password")

15. MDN(MSISDN) 로그인 핸드폰 번호로도 로그인 할수 있게 기능 추가해주세요
https://www.flickr.com/photos/yoshimov/45834378

16. Password Encryption (as One PW Protocol)
HMAC_SHA256(“Email”, “Password")

17. {
"password": [{
"algorithm": "WITH_INTEGRITY",
"digest":
"86bc634b816a4209407cfd4cf8fb5f97f0eb9e57a26dd28d64ca868a
cb9148f380883348c7c2d7dde2eb7c902268b930a84610d59f3b53a
f2383a7ecfd7f0e5e"
}, {
"algorithm": "WITHOUT_INTEGRITY",
"digest":
"234fcfdd69628cfc203e2630f7f4743dbfd0b3f903444124a99d00ef
bc736e35e4ceab4938412199dad65d48594cfdd6df10bf700965937
64d9c7ebc3c85199b"
}]
}

18. 저기….
웹 페이지(클라이언트)
에서도 비밀번호를 해
시 암호화 해야 하나요?
https://www.flickr.com/photos/135427078@N04/24004429616

19. 기밀성과 무결성 by Cryptography
https://www.flickr.com/photos/tomicpasko/14970085833

20. Transport Layer Security Version 1.2

21. ‘The five cryptographic operations -- digital signing, stream
cipher encryption, block cipher encryption, authenticated
encryption with additional data (AEAD) encryption, and
public key encryption -- are designated digitally-signed,
stream-ciphered, block-ciphered, aead- ciphered, and
public-key-encrypted, respectively. A field's cryptographic
processing is specified by prepending an appropriate key
word designation before the field's type specification.
Cryptographic keys are implied by the current session
state’
–TheTransport Layer Security (TLS) Protocol
Section 4.7 Cryptographic Attributes

22. 서버 개발자를 믿습니까?
‘사용자 로그인 로그에 남겨야지’
‘임시적으로 글로벌 캐시에서 공유할
까’
‘메모리에 들고 있어야지’
https://www.flickr.com/photos/jfgornet/4766586021

23. (아무도 안믿는) 시럽페이에서는? 조오시(?) 를 사용합니다.
https://www.flickr.com/photos/christawatson/4772884239

24. Javascript Object Signing and Encryption
Web Payment Group in W3C

25. Javascript Object Signing and Encryption
• JSON Web Algorithms (JWA)
• JSON Web Key (JWK)
• JSON Web Token (JWT)
• JSON Web Encryption (JWE)
• JSON Web Signature (JWS)

26. JSON Web Algorithms (JWA)
• This specification registers cryptographic algorithms
and identifiers to be used with the JSON Web
Signature (JWS), JSON Web Encryption (JWE), and
JSON Web Key (JWK) specifications. It defines
several IANA registries for these identifiers.
• JWS uses cryptographic algorithms to digitally sign
or create a MAC of the contents of the JWS
Protected Header and the JWS Payload.
• JWE uses cryptographic algorithms to encrypt or
determine the Content Encryption Key (CEK).
https://tools.ietf.org/html/rfc7518

27. JWA 다음은?

28. JSON Web Key (JWK)
• A JSON Web Key (JWK) is a JavaScript Object
Notation (JSON) data structure that represents a
cryptographic key. This specification also defines a
JWK Set JSON data structure that represents a set of
JWKs. Cryptographic algorithms and identifiers for
use with this specification are described in the
separate JSON Web Algorithms (JWA) specification
and IANA registries established by that specification.

29. {
"keys":
[
{"kty":"EC",
"crv":"P-256",
"x":"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4",
"y":"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM",
"use":"enc",
"kid":"1"},
{"kty":"RSA",
"n": "0vx7agoebGcQSuuPiLJXZptN9nndrQmbXEps2aiAFbWhM78LhWx
4cbbfAAtVT86zwu1RK7aPFFxuhDR1L6tSoc_BJECPebWKRXjBZCiFV4n3oknjhMs
tn64tZ_2W-5JsGY4Hc5n9yBXArwl93lqt7_RN5w6Cf0h4QyQ5v-65YGjQR0_FDW2
QvzqY368QQMicAtaSqzs8KJZgnYb9c7d0zgdAZHzu6qMQvRL5hajrn1n91CbOpbI
SD08qNLyrdkt-bFTWhAI4vMQFh6WeZu0fM4lFd2NcRwr3XPksINHaQ-G_xBniIqb
w0Ls1jF44-csFCur-kEgU8awapJzKnqDKgw",
"e":"AQAB",
"alg":"RS256",
"kid":"2011-04-29"}
]
}

30. JSON Web Encryption (JWE Compact Serialization)
• Assemble the final representation: The Compact Serialization of this
result is the string BASE64URL(UTF8(JWE Protected Header)) || '.' ||
BASE64URL(JWE Encrypted Key) || '.' || BASE64URL(JWE Initialization
Vector) || '.' || BASE64URL(JWE Ciphertext) || ‘.' || BASE64URL(JWE
Authentication Tag)
• eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.OKOawDo13g
Rp2ojaHV7LFpZcgV7T6DVZKTyKOMTYUmKoTCVJRgckCL9kiMT03JG
eipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-
StnImGyFDbSv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp
5XnZAYpQdb76FdIKLaVmqgfwX7XWRxv2322i-
vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je81860ppamav
o35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi6
UklfCpIMfIjf7iGdXKHzg.48V1_ALb6US04U3b.
5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFSh
S8iB7j6jiSdiwkIr3ajwQzaBtQD_A.XFBoMYUZodetZdvTiFvSkQ

32. JSON Web Signature (JWS)
• JSON Web Signature (JWS) represents content
secured with digital signatures or Message
Authentication Codes (MACs) using JSON-based
data structures. Cryptographic algorithms and
identifiers for use with this specification are
described in the separate JSON Web Algorithms
(JWA) specification and an IANA registry defined by
that specification. Related encryption capabilities are
described in the separate JSON Web Encryption
(JWE) specification.

33. JSON Web Signature (JWS)
• BASE64URL(UTF8(JWS Protected Header)) || '.' ||
BASE64URL(JWS Payload) || '.' || BASE64URL(JWS
Signature)
• eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.
eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODA
sDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ij
p0cnVlfQ.dBjftJeZ4CVP-
mB92K27uhbUJU1p1r_wW1gFWFOEjXk

36. JSON Web Token (JWT)
• JSON Web Token (JWT) is a compact, URL-safe
means of representing claims to be transferred
between two parties. The claims in a JWT are
encoded as a JSON object that is used as the payload
of a JSON Web Signature (JWS) structure or as the
plaintext of a JSON Web Encryption (JWE) structure,
enabling the claims to be digitally signed or integrity
protected with a Message Authentication Code
(MAC) and/or encrypted.

37. JSON Web Token (JWT)
• "iss" (Issuer)
• "sub" (Subject)
• "aud" (Audience)
• "exp" (Expiration Time)
• "nbf" (Not Before)
• "iat" (Issued At)
• "jti" (JWT ID)

38. JWT with Syrup Pay
• Web Communication (MIME :
application/jose, JWE/JWS)
over TLS
• 결제 데이터 (JWS, from 가맹점)
• 서버 인증 (via OAuth 2.0 JWT)
• 결제 인증 데이터(JWS, to 가맹
점)
• 임시 데이터(JWE, in 글로벌 캐시)

39. 여러분은 … 있는거 쓰세요 ㅠㅠ

40. https://jwt.io/ https://github.com/SKplanet/syruppay-java/tree/master/
syruppay-jose

41. 그리고 시럽페이는… 앗 시간이!!!
https://www.flickr.com/photos/saechang/7005515228/

42. with Authentications
• HTTP Basic Authorization
• 2 Factor Authentication
(ARS, SMS-OTP, Email)
• SSO (Single Sign On for 가맹점)
• FIDO
• OAuth2 (11st, Google, Facebook)
https://www.flickr.com/photos/oimax/3711838748/

43. 감사합니다. And Q&A
https://www.flickr.com/photos/orinrobertjohn/239595034