1 / 41

XML Encryption and Authentication

Digital Signatures and Encryption. CanonicalizationA standard form of dataDigital SignaturesProvides proof of identity and authenticity which the sender cannot deny.EncryptionProtection of data from being accessed by unauthorized parties.. Existing Tools/Technologies. Secure Sockets Layer (SSL)

pepin
Download Presentation

XML Encryption and Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. XML Encryption and Authentication March 30, 2006 Robert Richards

    2. Digital Signatures and Encryption Canonicalization A standard form of data Digital Signatures Provides proof of identity and authenticity which the sender cannot deny. Encryption Protection of data from being accessed by unauthorized parties.

    3. Existing Tools/Technologies Secure Sockets Layer (SSL) Transport Layer Security (TLS) Pretty Good Privacy (PGP) GNU Privacy Guard (GnuPG) OpenPGP S/MIME x.509

    4. XML Security Standards Canonical XML http://www.w3.org/TR/xml-c14n/ Exclusive XML Canonicalization http://www.w3.org/TR/xml-exc-c14n/ XML Signature http://www.w3.org/TR/xmldsig-core/ XML Encryption http://www.w3.org/TR/xmlenc-core/ XML Key Management http://www.w3.org/TR/xkms2/

    5. Transmitting Data Over SSL/TLS

    6. Encrypted Document using GPG -----BEGIN PGP MESSAGE----- Version: GnuPG v1.2.4 (GNU/Linux) hQEOA0vM7Sf46MPAEAP/ajYbYuhRB7E8tbg1HpG0g3Ez1io/mn5amGlPJcsjR0T2 VrWGcJZjriUCqTEeRbAKMcvtI/RRLdhE0f9xGtFpmKTBFfYPQ/Jh+0+Nhzdjcfaz scY9vkWvIRopvYnxXnso6OXHoNBGDcYNcCing/I7Vl/Mr6fgG+4w+wqGbhYVKwAD /A/9Vwq6K6HcHpA2BdCbXfC2lwFgxEQmTolSK47PNM3kNb6X6UDTsB2rCJcVHG1O 7VmNhRlZfM00q79C9MelmTb+4dSbr9BXImFBvKXbIImCEOAzokj0rC9ntTnSFsJr Xc+xjS/SyJ9TjEOfs44LHCEjXCs10jsS7nW44dabOMy/0sByAasUfuRnUOAafoEw 7PraKOgPolCS8EkHik1Zt3+KsjPWBcDRHCWRBTtzJPqAcEMX0oL3DX2AiAnl5QUz M1pCv4eG5tE4u2tkPmywG2jrJSQH7sa2/5zwonaMSH5F+/N3rHk8+LAswqEJkl/j BJOU+BcH8A/sG9hOH3DOHixMTDkOVb3tYXASGUVqmR9AQU3/14Oc8wMGw6GXb MxuNs6gtZIdF2dRilu+EXvR41ytRR08HIwhi0VTRtF1gFoqLWK3J7De8Bbqejx9D YvQKr4xgKGkrSdTQyBldvoVdRJ/7ZFLVdQyrVJlFABeli87QkWfMtO8exr7raEvp J+ha+c1qWC87xpDZHfv0yatSKYt+8NxvwoXx9Kk1jx046sBQ+CjO26P/fe+plHOB mvEm/p1m =6HEC -----END PGP MESSAGE-----

    7. Benefits of XML Security Standards XML is a structured format Allows for secure storage of documents Leverages existing technologies Provides granularity

    8. XML Canonicalization A standard serialization of an XML document or XPath node set

    9. Canonical XML (C14N) The document is encoded in UTF-8 Line breaks normalized to #xA (linefeed) on input, before parsing The XML declaration and DTD are removed Empty elements are converted to start-end tag pairs Whitespace outside of the document element and within start and end tags is normalized Attribute value delimiters are set to double quotes Superfluous namespace declarations are removed from each element Lexicographic order is imposed on the namespace declarations and attributes of each element

    10. Canonical XML Example #1

    11. Canonical XML Example #1

    12. Canonical XML Example #1

    13. Canonical XML Example #1

    14. Canonical XML Example #2

    15. Canonical XML Example #2

    16. Canonical XML Example #2

    17. Problem with Re-Enveloping <d:e2 xmlns:d="http://www.example.org/d">content</d:e2> <!-- Document wrapped within ns0:e1 element --> <ns0:e1 xmlns:ns0="www.example.org/ns0"> <d:e2 xmlns:d="http://www.example.org/d">content</d:e2> </ns0:e1> <!-- Canonical Form --> <d:e2 xmlns:d="http://www.example.org/d" xmlns:ns0="www.example.org/ns0">content</d:e2> <!-- Document wrapped within ns1:e1 element --> <ns1:e1 xmlns:ns0="www.example.org/ns1"> <d:e2 xmlns:d="http://www.example.org/d">content</d:e2> </ns1:e1> <!-- Canonical Form --> <d:e2 xmlns:d="http://www.example.org/d" xmlns:ns1="www.example.org/ns1">content</d:e2>

    18. Exclusive XML Canonicalization Follows the same rules as Canonical XML, except… Attributes in the xml namespace are not imported into orphan nodes Namespaces not specially told to be added are only added on the starting element for which they are visible and not currently in scope within the output.

    19. Re-Enveloping using Exclusive <d:e2 xmlns:d="http://www.example.org/d">content</d:e2> <!-- Document wrapped within ns0:e1 element --> <ns0:e1 xmlns:ns0="www.example.org/ns0"> <d:e2 xmlns:d="http://www.example.org/d">content</d:e2> </ns0:e1> <!-- Canonical Form --> <d:e2 xmlns:d="http://www.example.org/d">content</d:e2> <!-- Document wrapped within ns1:e1 element --> <ns1:e1 xmlns:ns0="www.example.org/ns1"> <d:e2 xmlns:d="http://www.example.org/d">content</d:e2> </ns1:e1> <!-- Canonical Form --> <d:e2 xmlns:d="http://www.example.org/d">content</d:e2>

    20. Exclusive Canonical XML Example

    21. XML Digital Signature (XMLDSIG) Insure that a message has not been altered or tampered with. (integrity) Protection against attacks that alter a message but maintain integrity. (message authentication) Provide a means for message auditing so that messages may not be repudiated. (signer authenticity)

    22. XML Signature: Types of Signatures Enveloping Signature Data lives within the XML Signature structure Good for signing data being packaged within an XML payload Enveloped Signature Data lives outside of and contains the XML Signature structure Good for signing an entire XML document Detached Signature Data lives outside and DOES NOT contain the XML Signature structure Data may reside at a remote location addressable by URI

    23. Enveloping Signature <?xml version="1.0"?> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> <Reference URI="#myobj"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>C2g9BLcGyGPCVKuF2byR1Ym+6pE=</DigestValue> </Reference> </SignedInfo> <SignatureValue>+R/XEOHDvR/jbmmpiuH4ZcRqC6c=</SignatureValue> <Object Id="myobj">Hello World!</Object> </Signature>

    24. Enveloped Signature <?xml version="1.0"?> <Envelope> <Data>content</Data> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> <Reference> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>MMMkB0ZPp82XrUvJMFqDIEuXy0o=</DigestValue> </Reference> </SignedInfo> <SignatureValue>mVPvfcVSXi9elKL+IcSCAzD4Jbk=</SignatureValue> </Signature></Envelope>

    25. Detached Signature <?xml version="1.0"?> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> <Reference URI="http://www.ctindustries.net/text.txt"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>oLZZOWcLwsAQ9NXWoLPk5FkPuSs=</DigestValue> </Reference> </SignedInfo> <SignatureValue>O9ykpFMXmkddzJ3CySrpzHBUW/Q=</SignatureValue> </Signature>

    26. XML Signature Example <?xml version="1.0"?> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> <Reference URI="#myobj"> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>C2g9BLcGyGPCVKuF2byR1Ym+6pE=</DigestValue> </Reference> </SignedInfo> <SignatureValue>+R/XEOHDvR/jbmmpiuH4ZcRqC6c=</SignatureValue> <Object Id="myobj">Hello World!</Object> </Signature>

    27. XML Signature Generation Apply any transforms to the data Calculate the digest value Create the Reference Element Create SignedInfo element with SignatureMethod, CanonicalizationMethod and Reference elements Canonicalize the SignedInfo element Calculate the SignatureValue over the canonicalized SignedInfo based the SignatureMethod Assemble the Signature element

    28. XML Signature Validation Obtain the verification keying information. Apply the CanonicalizationMethod to the SignedInfo element. Verify the SignatureValue using the canonical form of the SignatureMethod. For each Reference element within SignedInfo: Obtain the data to be digested. Digest the data using the DigestMethod within its Referece element. Compare the computed value to that of the un-encoded value from the DigestValue element.

    29. XML Encryption (XMLENC) Encrypted data is maintained. All information needed to decrypt a document is contained within the document. Session can be secured on the document level and shared between multiple parties. Sensitive data is easily interchanged between applications.

    30. XML Encryption Example

    31. XML Encryption Example Element with Shared Secret Key

    32. XML Encryption Example Element Content with Shared Secret Key

    33. XML Encryption Example Arbitrary Data with Shared Secret Key

    34. XML Encryption Example Unsupported

    35. XML Encryption: Encrypting Select the algorithm (and parameters) to use in encrypting the item. Obtain the key and create ds:KeyInfo if necessary Encrypt the data and prepend any appropriate initialization vector (IV). Build CipherData element If to be stored within CipherValue element, then encrypted data is base64 encoded. If encrypted data is external, then create CipherReference with URI and any transforms. Build EncryptedData or EncryptedKey structure

    36. XML Encryption: Decrypting Determine encryption algorithm and parameters. Obtain the decryption key information. Obtain the data to decrypt. If CipherData has a CipherValue child then base-64 decode its contents. If CipherData has a CipherReference child, retrieve the data and apply any Transforms. Depending upon algorithm and parameters, strip any IV from the data to use for decryption. Decrypt the cipher data with the encryption algorithm, parameters, and keying material.

    37. Signing and Encrypting Sign and then Encrypt Provides signature protection Allows for encryption algorithm to be changed without affecting signature Incurs additional overhead as you must decrypt before you can verify Encrypt and then Sign Immediately know if data has been tampered with Document can no longer be shared with other parties without revealing decryption key Sender identity is revealed

    38. XML Signature in WS-Security <env:Envelope xmlns:env="http://www.w3.org/2001/12/soap-envelope"> <env:Header> <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <dsig:Reference URI=""> <dsig:Transforms> …</dsig:Transforms> <DigestMethod Algorithm= "http://www.w3.org/2001/04/xmldsig-more#md5"/> <DigestValue>qZk+NkcGgWq6PiVxeFDCbJ==</DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue><dsig:SignatureValue> <dsig:KeyInfo>...</dsig:KeyInfo> </dsig:Signature> </wsse:Security> </env:Header> <env:Body><payment>...</payment></env:Body> </env:Envelope>

    39. XML Encryption in WS-Security <env:Envelope xmlns:env="http://www.w3.org/2001/12/soap-envelope" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <env:Header> <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"> <xenc:ReferenceList> <xenc:DataReference URI="#encryptedID"/> </xenc:ReferenceList> </wsse:Security> </env:Header> <env:Body> <xenc:EncryptedData Id="encryptedID"> <xenc:CipherData> <xenc:CipherValue>...</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </env:Body> </env:Envelope>

    40. Questions?

    41. XML Signature using Digital Certificate <Envelope xmlns="urn:envelope"> <Data> Hello, World! </Data> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <Reference> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <DigestValue>HjY8ilZAIEM2tBbPn5mYO1ieIX4=</DigestValue> </Reference> </SignedInfo> <SignatureValue>SIaj/6KY3C . . .</SignatureValue> <KeyInfo> <X509Data> <X509Certificate>MIIE3zCCBEjAUB9 . . .</X509Certificate> </X509Data> </KeyInfo> </Signature></Envelope>

    42. XML Encryption w/ Digital Certificate <EncryptedData xmlns="http://www.w3.org/2001/04/xmlenc#" Type="http://www.w3.org/2001/04/xmlenc#Element"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#"> <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <KeyName>rsakey.pem</KeyName> </KeyInfo> <CipherData> <CipherValue>IPiEu9Nv+EsGyvV . . .</CipherValue> </CipherData> </EncryptedKey> </KeyInfo> <CipherData> <CipherValue>xrfPSA+BEI+8 . . .</CipherValue> </CipherData> </EncryptedData>

More Related