1 / 19

XML Cryptography

Krishna Sattiraju CS 792 .NET. XML Cryptography. Overview. What is XML Encryption Methods for Encryption Storage of Encrypted Data Benefits of XML Secure Storage Types of XML Encryption. XML Encryption. Specification that defines how to encrypt data

amable
Download Presentation

XML Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Krishna Sattiraju CS 792 .NET XML Cryptography

  2. Overview • What is XML Encryption • Methods for Encryption • Storage of Encrypted Data • Benefits of XML Secure Storage • Types of XML Encryption

  3. XML Encryption • Specification that defines how to encrypt data • Used to encrypt data, keying information and algorithms

  4. Methods for encryption • Using Symmetric Encryption • Combination of Symmetric and Asymmetric Encryption • X.509 Certificates

  5. Storage of Encrypted Data • Whole element is replaced with an element named <EncryptedData> • Only the data in the element is replaced and its name remains readable in the document

  6. XML Document Code

  7. Encrypted Code

  8. Asymmetric XML Encryption and Decryption • Select XML Element • Encrypt element • Encrypt Session Key • Create Encrypted Data element • Replace Original element • Select Encrypted Data element • Decrypt Session Key • Decrypt Cipher Data using unencrypted symmetric • Replace the Encrypted Data Element

  9. Name Spaces • System. XML • System.Security. Cryptography • System.Security.Cryptography.xml

  10. Benefits of XML Secure Storage • XML Is Structured Format • Allows for secure storage of documents • Provides granularity • Leverages Existing technologies

  11. XML Encryption • Encrypted data is maintained. • All information needed to decrypt a document is contained within the document. • Session can be secured on the document level and shared between multiple parties. • Sensitive data is easily interchanged between applications.

  12. XML Encryption of Element <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith </Name> <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element' xmlns='http://www.w3.org/2001/04/xmlenc#'> <CipherData> <CipherValue>A23B45C56 </CipherValue> </CipherData> </EncryptedData> </PaymentInfo>

  13. XML Encryption using Content <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith </Name> <CreditCard Limit='5,000' Currency='USD'> <EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Content'> <CipherData> <CipherValue>A23B45C56 </CipherValue> </CipherData> </EncryptedData> </CreditCard> </PaymentInfo>

  14. Encrypting XML Content (Character Data) <?xml version='1.0'?> <PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <CreditCard Limit='5,000' Currency='USD'> <Number> <EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Content'> <CipherData> <CipherValue>A23B45C56</CipherValue> </CipherData> </EncryptedData> </Number> <Issuer>Example Bank</Issuer> <Expiration>04/02</Expiration> </CreditCard> </PaymentInfo>

  15. XML Encryption in WS-Security <env:Envelope xmlns:env="http://www.w3.org/2001/12/soap-envelope" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <env:Header> <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"> <xenc:ReferenceList> <xenc:DataReference URI="#encryptedID"/> </xenc:ReferenceList> </wsse:Security> </env:Header> <env:Body> <xenc:EncryptedData Id="encryptedID"> <xenc:CipherData> <xenc:CipherValue>...</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </env:Body> </env:Envelope>

  16. XML Encryption w/ Digital Certificate <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>rsakey.pem</KeyName> </KeyInfo> <CipherData> <CipherValue>IPiEu9Nv+EsGyvV . . .</CipherValue> </CipherData> </EncryptedKey> </KeyInfo> <CipherData><CipherValue>xrfPSA+BEI+8 . . .</CipherValue> </CipherData></EncryptedData>

  17. XML Signing AND XML Encryption • Order of Cryptographic operations matters • Signing and Encrypting • Encrypting and Signing • Change of the order while Decrypting - Danger

  18. References • XML Encryption by By: Derek Smyth : http://dotnetslackers.com/articles/xml/XMLEncryption.aspx • XML Encryption Syntax and Processing By Takeshi Imamura , Blair Dillaway, Ed Simon • http://www.ibm.com/developerworks/xml/library/x-encrypt2/ • http://www.devx.com/dotnet/Article/21564

  19. Thank You!!!

More Related