The Overlap with XML Signature

Previous page
Table of content
Next page


Encryption does not guarantee the integrity of data. We saw earlier in this chapter that if the initialization vector (IV) for a symmetric algorithm is manipulated, the ciphertext will not decrypt to the original plaintext.

We have also seen that the KeyInfo structure from XML Signature is reused in XML Encryption. In addition, asymmetric encryption algorithms, used for XML Signature, are used in XML Encryption for key transport—sending a secret key.

Let’s look at the two cases when XML Encryption and XML Signature are used together on the same document.

Using XML Encryption on a Signed Document

If a document has a digital signature expressed using XML Signature, and it is to be encrypted, then certain caveats must be kept in mind. If a document is digitally signed, that means a digest of the document is enclosed in the digital signature. In an XML Signature structure, this digest is located in the DigestValue element. If the signed data is encrypted, the digest value is valuable information for an attacker who wishes to guess it. The attacker can use the digest algorithm as a tool for guessing the plaintext. Once the attacker obtains a digest that matches the digest in the digital signature, the encryption is broken.

This back door can be blocked by encrypting the digital signature as well as the plaintext. The disadvantage of this approach is that there may be no way of knowing that the data was digitally signed, because the signature is encrypted. An alternative approach, which avoids this problem, is to encrypt only the digest value of the signature.

Using XML Signature on an Encrypted Document

The problem with signing an encrypted document revolves around the question, “What are you signing?” Signing ciphertext is not the same as signing the original plaintext, even though the two are linked by the encryption process. Therefore, the signing of ciphertext has no value as a tool to implement nonrepudiation. However, digital signatures are also used to implement integrity, and in this case they can be used to ensure that the XML Encryption data has not changed. This is useful to deter attacks that change the IV, for example.

Sign-Encrypt-Sign

“Sign-encrypt-sign” (that is, sign first, then encrypt, then sign the encrypted signature) is a useful strategy. The first signature signs the plaintext (since signing ciphertext has no value for nonrepudiation). The encryption step hides the signature from prying eyes, and also encrypts the plaintext. The final signature step ensures that if the ciphertext is changed (maliciously or by accident) as it is sent, this tampering will be noticed.


Previous page
Table of content
Next page
Web Services Security
Web Services Security
ISBN: 0072224711
EAN: 2147483647
Year: 2003
Pages: 105
Authors: Mark ONeill
BUY ON AMAZON
ERP and Data Warehousing in Organizations: Issues and Challenges
C++ GUI Programming with Qt 3
Cisco CallManager Fundamentals (2nd Edition)
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy