• 'Share' link to a website

• Access is normally password protected

• We want to give (limited) access to non-users

• non-user = no password (or user...)

• Normal access: http://bla.com/report/xyz/

• Shared access via:
  http://bla.com/share/report/xyz/kutfuauLw61xx3dTFXjw

• is this secure?

• Requirement 1: Do NOT store extra stuff in the database

• Requirement 2: Only allow existing users to generate a shared link

• Requirement 3: Shared link expires after 24 hours

• Use SSL

• http://bla.com/report/xyz/ => https://bla.com/...

• is this secure?

share link

• Generate a timestamp
• Encrypt timestamp => token
• append token to url

verify link

• decrypt token
• verify timestamp
• if (now - timestamp) < 24 hours, allow access

• http://bla.com/share/report/xyz/kutfuauLw61xx3dTFXjw

• http://bla.com/share/report/abc/kutfuauLw61xx3dTFXjw

• http://bla.com/share/report/xyz/kutfuauLw61xx3dTFXjw

• http://bla.com/share/report/xyz/kutfuauLw61xx3dTFXjwkutfuauLw61xx3dTFXjw

• encrypt the entire path? (share/report/xyz/{timestamp})

• check the length of the encrypted string?

• Hide the timestamp between lots of noise?

• Add a salt / initialization-vector (IV)?

• Use RSA/AES/Blowfish?

• Only Encrypt when there is a secret

• If there is no secret, there is no need for encryption

• timestamp is NOT a secret

• URL path is NOT a secret

• We need to validate/authenticate the request, not hide it

• We need to detect or prevent modification

• We need a secure 'signature' (e.g. HMAC, Oauth)

• Don't re-invent the wheel

• Try to use a protocol rather than an algorithm or a cryptographic primitive (SHA1 < HMAC-SHA1 < OAUTH)

• What is a cryptographic hash function and what can you do with it?

• What makes crypto hashes secure?

• What are collisions and do they really hurt?

• How to turn your hash into cash? or how to become rich in 21 days?