Last Updated: 3 Jan 2017

Crypto Engineering Projects

Our team's major projects are broken down by module:

NSS

NSS is the cryptography and transport security library that powers Firefox.

• 2017 Q2: [MWOS] Add new NSS demonstration code to show how to use NSS in a modern way.
• 2017 Q2: [MWOS] Implement Argon2 to provide a basis to modernize the Master Password in Firefox.
• 2017 Q2: Implement hardware crypto accelerations on OSX and ARM
• 2017 Q3: Integrate BoGo's integration tests into NSS builds.
  • The automated tests for NSS are mostly unit tests. Integration testing was historically assumed to happen at Firefox, but that's limited. BoGo is a rich set of integration tests that can diagnose protocol issues during automated testing.
• 2017 Q4: Post-Quantum Research and Development.
  • Mozilla is intending to join the efforts in developing cryptography that will remain secure once quantum computers come online. This is expected to be a long-duration R&D effort.

PSM

PSM performs the business logic of deciding whether a given secure network connection is actually trustworthy. It applies logic from the user's choices, the Mozilla Root Program, and the platform in order to make a trust determination. E.g., whether to show a connection as secure.

• 2016 Q4 / 2017 Q1: Re-architect PSM/NSS interaction to eliminate shutdown crashes.
  • The interaction between PSM and NSS is extremely old, and doesn't follow the modern methods Gecko uses to initialize and shutdown modules. As such, NSS sometimes crashes when shutting down; this is a leading crash on Android. Fixing this is a substantial architectural change.
  • Details here: Platform Use of NSS
• 2017 Q2: Speed up TLS handshakes
• 2017 Q2: Continue work on our Certificate Transparency implementation and test infrastructure
• 2017 Q3: Move error-string formatting for our error pages into the front-end JavaScript
• 2017 Q3: Retool the "See more" sections of error pages using JavaScript to provide more help

Web Authentication

Password authentication is known to be a security liability on the Web. The W3C Web Authentication Working Group is developing a specification for using Scoped Credentials to supplement or replace passwords. Mozilla intends to implement Web Authentication (WebAuthn) specification.

• 2016 Q2: FIDO U2F v1.1 JS API landed, hidden behind preferences.
  • You can test a "Soft Token" using any recent version of Firefox using the instructions at https://u2f.bin.coffee/
• 2017 Jan: Draft WebAuthn JS API available, hidden behind a pref, using the Soft Token from U2F.
  • Intent to Implement Announcement
  • Ready For Experiment Announcement
• 2017 Q2: Support USB HID U2F devices on Linux, Mac OS X, and Windows. rust u2f-hid-rs library
• 2017 Q2-3: Integrate USB HID U2F devices with the WebAuthn JS API.
  • Bug 1380270: Add libudev support to the tree
  • Bug 1388843: Add u2f-hid-rs rust library to the tree
  • Bug 1388851: Tie u2f-hid-rs rust library into WebAuthn's U2F HID Manager
  • Currently expected to land in Firefox 58.
• 2017 Q2-3: Update to Working Draft 5 of the WebAuthn JS API.
  • Done in Firefox 56
• 2017 Q3: Integrate USB HID U2F devices with the WebAuthn JS API.
  • Bug 1245527: Tie U2F JS API into WebAuthn's U2F HID Manager
    • This will enable hardware support when Bug 1388851 lands.
• 2017 (late): Update to the Candidate Recommendation of the WebAuthn JS API.
• 2017 (late) / 2018: Support USB HID CTAP devices on desktop platforms. (Exact version TBD)
• 2018: Support U2F hardware for Firefox for Android.

All of the above dates are for landing in Firefox Nightly.

Goal: permit use of U2F tokens via a user-controllable preference (not on by default) in Firefox 56 or 57, and Web Authentication (on by default) in Firefox 57 or 58. (See RapidRelease/Calendar)

Unstable Build: 30 August 2017

This build contains all of the above patches for Bug 1380270, Bug 1388843, Bug 1388851, and Bug 1245527. It also generally has some small fixups that will also make it somewhere or other.

• OSX: https://queue.taskcluster.net/v1/task/IMBLy88oQf29Aa2xI5kucQ/runs/0/artifacts/public/build/target.dmg
• Windows 64: https://queue.taskcluster.net/v1/task/O8mFlCIISO-A8ej1uo8TQg/runs/0/artifacts/public/build/target.zip
• Linux: Unavailable at TaskCluster for now, due to libudev not being available to the rust compiler

Enabling debugging (example for OSX):

  MOZ_LOG="webauthnmanager:5, webauth_u2f:5, webauth_u2f:5, u2fkeymanager:5, u2fhidtoken:5, u2fmanager:5" ~/Desktop/NightlyDebug.app/Contents/MacOS/firefox

This build supports WebAuthn WD-05 and U2F v1.1 using hardware tokens. It has been tested at:

• https://u2fdemo.appspot.com/
• https://github.com/
• https://u2f.bin.coffee/
• https://demo.yubico.com/u2f
• https://webauthn.bin.coffee/wd-05/

It does not work on Facebook; there are issues beyond browser detection that haven't been analyzed yet.

DOM Security

• 2017 Q2: Enable HSTS Priming in Firefox Beta
• 2017 Q2: Update our Mixed Content Blocking implementation to the W3C Candidate Recommendation
• 2017 Q3: Release paper on HSTS Priming approach