Download - Project: XML Security
![Page 1: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/1.jpg)
Project: XML Security
CS 259
March, 2004 Jun Yoshida
(Visiting Scholar from Hitachi Ltd.)
![Page 2: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/2.jpg)
Project: XML Security protocol or system
• XML Security (XML Encryption, XML Signature) properties which should be preserved
• XML elements (ex. credit card number) kind of attacks
• Authentication, Secrecy, Replay attack, ... tool or method
• Mur self or team
• myself
![Page 3: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/3.jpg)
XML<?xml version=‘1.0’?><PaymentInfo xmlns=‘http://example.org/paymentv2’> <Name> Alice </Name> <CreditCard Limit=‘5,000’ Currency=‘USD’> <Number> 1234 5678 9012 3456 </Number> <Issuer> Example Bank </Issuer> <Expiration> 01-05 </Expiration> </CreditCard></PaymentInfo>
![Page 4: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/4.jpg)
XML Web Services (XWS)
XML
HTMLUser(Web Browser)
Your Program(.NET, Java)
Ex) Google.com Amazon.com
WebServer
![Page 5: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/5.jpg)
XWS Application Example TouchGraph.com GoogleBrowser
Google.com
XML
![Page 6: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/6.jpg)
System Integration with XWS
Internal Systems
Partners Customers
Your Company/Organization
XML
![Page 7: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/7.jpg)
Getting Started...
AnalysisTool
Informal Protocol
Description
Find error
Specification
Intruder Model
Formal Protocol
![Page 8: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/8.jpg)
Specification XML Encryption: 31 pages
• http://www.w3.org/TR/xmlenc-core/ XML Signature: 47 pages
• http://www.w3.org/TR/xmldsig-core/ WS-Security: 22 pages
• http://www-106.ibm.com/developerworks/webservices/library/ws-secure/
![Page 9: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/9.jpg)
XML on SSL
XMLSSL
XMLSSL
CommerceSite
CreditCompanyUser
![Page 10: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/10.jpg)
XML Encryption --- before ---<?xml version=‘1.0’?><PaymentInfo xmlns=‘http://example.org/paymentv2’> <Name> Alice </Name>
</PaymentInfo>
<CreditCard Limit=‘5,000’ Currency=‘USD’> <Number> 1234 5678 9012 3456 </Number> <Issuer> Example Bank </Issuer> <Expiration> 01-05 </Expiration></CreditCard>
![Page 11: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/11.jpg)
XML Encryption --- after ---<?xml version=‘1.0’?><PaymentInfo xmlns=‘http://example.org/paymentv2’> <Name> Alice </Name>
</PaymentInfo>
<EncryptionData type=‘http://www.w3c.org/2001/04/xmlenc#Element’ xmlns=‘http://www.w3c.org/2001/04/xmlenc#’> <CipherData> <CipherValue> A23B45C56… </CipherValue> </CipherData></EncryptionData>
![Page 12: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/12.jpg)
The Rule of XML Encryption<EncryptionData Id? Type?> <EncryptionMethod/>? <!-- 3DES-CBC, AES128-CBC, ... > (<ds:keyInfo> <EncryptedKey> <!-- shared secret key encrypted with public key > <ds:KeyName>? <ds:RetrievalMethod>? </ds:keyInfo>)? <CipherData> <CipherValue> <!-- data encrypted with shared secret key > </CipherData><EncryptionData>
![Page 13: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/13.jpg)
Basic Example
A
{E1} SSKA1/PKB
B
{E2} SSKB2/PKA
Ex: XML Element, SSKx: Shared Secret Key, PKx: Public Key
. . .
{E3} SSKA3/PKB
{E4} SSKB4/PKA
{En-1} SSKAn-1/PKB
{En} SSKBn/PKA
![Page 14: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/14.jpg)
Shared Secret Key Example
A B
{E1} SSKX1/PKB, {SSKA} PKB
. . .
{E3} SSKB
{E4} SSKA
{En-1} SSKB
{En} SSKA
{E2} SSKX2/PKA, {SSKB} PKA
Ex: XML Element, SSKx: Shared Secret Key, PKx: Public Key
![Page 15: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/15.jpg)
From Spec. to Mur Model
AnalysisTool
Informal Protocol
Description
Find error
Mur codeSpecification
Intruder Model
Formal Protocol
![Page 16: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/16.jpg)
Send XML encrypted with Public Key
ruleset i: ClientId do ruleset j: ServerId do cli[i].state = C_SLEEP & multisetcount (l:net, true) < NetworkSize ==> var outM: Message; -- outgoing message cSSK: SharedSecretKeyId; -- shared secret key for client begin cSSK := GenSharedSecretKey(); -- SSKA
undefine outM; outM.source := i; outM.dest := j; outM.mType := M_PK; outM.element1 := i; outM.enKey1_1 := j; -- {E1} PKB
outM.element2 := cSSK; outM.enKey2 := j; -- {SSKA} PKB
multisetadd (outM, net); cli[i].state := C_WAIT_PK_MESSAGE; cli[i].server := j; cli[i].cSK := cSK; end; end;end;
![Page 17: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/17.jpg)
Send XML encrypted with SSKeyruleset i: ClientId do choose j: net do cli[i].state = C_WAIT_PK_MESSAGE & net[j].dest = i ==> var outM: Message; -- outgoing message inM: Message; -- incoming message sSSK: SharedSecretKeyId; -- shared secret key for Server begin inM := net[j]; multisetremove (j, net); if inM.mType = M_PK then if inM.enKey1_1 = i & inM.enKey2 = i then -- {E2} PKA, {SSKB} PKA
sSSK := inM.element2; -- SSKB
undefine outM; outM.source := i; outM.dest := cli[i].server; outM.mType := M_SSK; outM.element1 := i; outM.enKey1_2 := sSSK; -- {E3} SSKB
multisetadd (outM, net); cli[i].state := C_WAIT_SSK_MESSAGE; cli[i].sSSK := sSSK; end; end; end; end; end;
![Page 18: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/18.jpg)
Intruder Model
AnalysisTool
Informal Protocol
Description
Find error
Mur code Murcode, similar for all
protocolsSpecification
Intruder Model
Formal Protocol
![Page 19: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/19.jpg)
Intruder can Decrypt if Knows Keyruleset i: IntruderId do choose j: net do ruleset intercept : boolean do rule "intruder overhears/intercepts" !ismember(net[j].source, IntruderId) -- not for intruder's message ==> begin alias msg: net[j] do -- message to overhear/intercept -- learn public key based messages if msg.mType = M_PK then if msg.enKey1_1 = i then int[i].elements[msg.element1] := true; end; -- {Ex} PKI
if msg.enKey2 = i then int[i].keys[msg.element2] := true; end; -- {SSKX} PKI
end; -- learn shared secret key based messages if msg.mType = M_SSK & int[i].keys[msg.enKey1_2] = true then -- {Ex} SSKI
int[i].elements[msg.element1] := true; end; end; end; end; end; end;
![Page 20: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/20.jpg)
Intruder can Alter Messagesruleset i: IntruderId do choose j: net do ruleset intercept : boolean do rule "intruder overhears/intercepts and alter ssk" !ismember(net[j].source, IntruderId) -- not for intruder's message ==> var iSSK: SharedSecretKeyId; -- shared secret key for intruder begin alias msg: net[j] do -- message to overhear/intercept if msg.mType = M_PK then iSSK := GenSharedSecretKey(); msg.element2 := iSSK; -- {SSKA} PKB => {SSKI} PKB
int[i].keys[iSSK] := true; end; end; end; end; end; end;
![Page 21: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/21.jpg)
Running Mur Analysis
AnalysisTool
Informal Protocol
Description
Find error
Mur code Mur code, similar for all
protocols
Specify security conditions and run Mur
Specification
Intruder Model
Formal Protocol
![Page 22: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/22.jpg)
Found Error
A B
{E1} SSKX1/PKB, {SSKA} PKB
{E3} SSKI
{E2} SSKX2/PKA, {SSKB} PKA
{E2} SSKX2/PKA, {SSKI} PKA
failed E3
Ex: XML Element, SSKx: Shared Secret Key, PKx: Public Key
![Page 23: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/23.jpg)
XML Signature
Signed Info.<Signature> ...
ReferenceSignature
Value
DetachedSignature
EnvelopedSignature
XML Element XML Element
Signed Info.<Signature> ...
ReferenceSignature
Value
EnvelopingSignature
Signed Info.<Signature> ...
Reference
SignatureValue
XMLElement
![Page 24: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/24.jpg)
The Rule of XML Signature<Signature ID?> <SignedInfo> <CanonicalizationMethod/> <SignatureMethod/> (<Reference (URI=)?> <!-- a data object using a URI-Reference > (<Transforms>)? <DigestMethod><DigestValue> <!-- SHA-1, SHA256, SHA512, ... > </Reference>)+ </SignedInfo> <SignatureValue> <!-- digest encrypted with private key > (<KeyInfo> <KeyValue><X.509Data> <!-- public key and X.509 certificate > </KeyInfo>)</Signature>
![Page 25: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/25.jpg)
A B
{E1} SSKX1/PKB, {SSKA} PKB
. . .
{E3} SSKB
{E4} SSKA
{En-1} SSKB
{En} SSKA
{E2} SSKX2/PKB, {SSKB} PKA
Ex: XML Element, SSKx: Shared Secret Key, PKx: Public Key
Doc1
Doc2
SigA{Doc1}
SigB{Doc2}
SigA{Doc3}
SigA{Docn-1}
SigB{Doc4}
SigB{Docn}
Fixed Shared Secret Key Example
![Page 26: Project: XML Security](https://reader036.vdocument.in/reader036/viewer/2022062323/568167f5550346895ddd6f7a/html5/thumbnails/26.jpg)
Conclusion I couldn’t find any error about
the combination of XML Enc./Sig.
But XML Enc./Sig. have the flexibility to use
It’s important to use correctly