XML Encryption

XML Encryption

Prabath SiriwardenaDirector, Security Architecture

XML Security• Integrity and non-repudiation

XML Signature by W3C http://www.w3.org/TR/xmldsig-core/

• Confidentiality of XML documents XML Encryption by W3C http://www.w3.org/TR/xmlenc-core/

http://www.w3.org/TR/xmldsig-core/

XML-Encryption

• A W3C standard which followed XML Signatures, for encrypting all of an XML document, part of it or an external object.

• XML Signature points to what is being signed – while in XML Encryption, <EncryptedData> element contains what is being encrypted.

• XML Encryption shares the <KeyInfo> element with XML Signature – which is defined under XML Signature namespace.

XML-Encryption

• Encrypts XML with a symmetric key• Symmetric key encryption is much efficient

than asymmetric key encryption

QUESTION 1

What are the differences between Symmetric key encryption and Asymmetric key encryption ?

XML-Encryption (Example)

<PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <CreditCard Limit='5,000' Currency='USD'> <Number>4019 2445 0277 5567</Number> <Issuer>Example Bank</Issuer> <Expiration>04/02</Expiration> </CreditCard> </PaymentInfo>


<PaymentInfo xmlns='http://example.org/paymentv2'> <Name>John Smith</Name> <EncryptedData Type='http://www.w3.org/2001/04/xmlenc#Element' xmlns='http://www.w3.org/2001/04/xmlenc#'> <CipherData> <CipherValue>A23B45C56</CipherValue> </CipherData> </EncryptedData> </PaymentInfo>

XML-Encryption<EncryptedData > <EncryptionMethod/> <KeyInfo /> <CipherData /> <EncryptionProperties/></EncryptedData>

<EncryptionMethod/>

• Specify the encryption algorithm to be used.– http://www.w3.org/2001/04/xmlenc#tripledes-cbc – http://www.w3.org/2001/04/xmlenc#aes128-cbc – http://www.w3.org/2001/04/xmlenc#aes256-cbc – http://www.w3.org/2001/04/xmlenc#aes192-cbc

<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Element'/> <EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc'/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:KeyName>John Smith</ds:KeyName> </ds:KeyInfo> <CipherData> <CipherValue>DEADBEEF</CipherValue> </CipherData> </EncryptedData>


QUESTION 2

Explain different types of cipher modes.


<CipherData/>

Either contains encrypted information inside <CipherValue> or a reference to the resource being encrypted inside <CipherReference>.

<EncryptedData > <EncryptionMethod/> <KeyInfo /> <CipherData> <CipherValue />

<CipherReference URI=“” /> </CipherData>

<EncryptionProperties/></EncryptedData>

<CipherData/>

<CipherValue/>

Contains Base-64 encoded encrypted information.

<EncryptedData > <EncryptionMethod/> <KeyInfo /> <CipherData> <CipherValue />

<CipherReference URI=“” /> </CipherData>

<EncryptionProperties/></EncryptedData>

<CipherData/>

<CipherReference/>• If the encrypted resource information is located in

a URI – addressable location this element is being used.

• URI attribute is used just like the way it’s being used in <Reference URI> in XML Signature

• This also includes <Transforms> element which contain a pipeline of <Transform> elements – as in the case of XML Signature.

• <Transform> element defined under XML Signature namespace

<CipherReference/>

<CipherReference URI="http://www.example.com/CipherValues.xml">

<Transforms> <ds:Transform Algorithm=“../xmldsig#base64"/> </Transforms> </CipherReference>

<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Element'/> <EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc'/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:KeyName>John Smith</ds:KeyName> </ds:KeyInfo> <CipherData> <CipherValue>DEADBEEF</CipherValue> </CipherData> </EncryptedData>


<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Element'/> <CipherData>

<CipherReference URI="http://…CipherValues.xml"> <Transforms> <ds:Transform Algorithm=”.."> <ds:XPath xmlns:rep=“..”></ds:XPath> </ds:Transform> <ds:Transform Algorithm=”..#base64"/> </Transforms> </CipherReference> </CipherData> </EncryptedData>


QUESTION 3

How can we use XML Encryption to encrypt non-xml attachments ?


<EncryptionProperties/>

• Almost similar to <SignatureProperties/>• Holds useful information about the

encryption

<EncryptData Id=“100”><EncryptionProperties Id=“101”>

<EncryptionProperty Target=“100”> <EncryptionDate>.....</EncryptionDate> </ EncryptionProperty>

</EncryptionProperties></EncryptData>


<KeyInfo/>• KeyInfo in XML Signature is about providing the

public key to verify the signature.• In XML Encryption KeyInfo is about providing an

encryption key, that is almost always a shared key.• In XML Signature we can directly include the key

in it. But in XML Encryption we should NOT.• XML Encryption extends the XML Signature

KeyInfo with two new elements <EncryptedKey> and <AgreementMethod>

<KeyInfo/>

Locating the Encryption key• Leave out the key – assuming the receiving end

is aware of the encryption key.• Provide a name or pointer, where the receiving

end locate the key.• Encrypt the key using the public key of the

receiving end and include the encrypted ‘encryption’ key inside KeyInfo.


<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#' Type='http://www.w3.org/2001/04/xmlenc#Element'/> <EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc'/> <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'> <ds:KeyName>John Smith</ds:KeyName> </ds:KeyInfo> <CipherData><CipherValue>DEADBEEF</CipherValue></CipherData> </EncryptedData>

<AgreementMethod />

• A strategy for safely communicating a secret key.

• <AgreementMethod> refers to a key agreement protocol that is used to generate the encryption key.

• Not commonly used – an optional element

<AgreementMethod/> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <AgreementMethod Algorithm="example:Agreement/Algorithm"> <KA-Nonce>Zm9v</KA-Nonce> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha1"/> <OriginatorKeyInfo> <ds:KeyValue>....</ds:KeyValue> </OriginatorKeyInfo> <RecipientKeyInfo> <ds:KeyValue>....</ds:KeyValue> </RecipientKeyInfo> </AgreementMethod> </ds:KeyInfo>

<EncryptedKey/>

• <EncryptedKey> is simple another <EncryptedData> element.

• Both extends <EncryptedType>• Both do encryption - <EncryptedKey> encrypts

the shared key used to encrypt the message.• Digital Enveloping / Key transport strategy

<EncryptedKey/>We will have multiple <EncryptedData> elements within the same XML document and they all will be referred by a standalone <EncryptedKey> element.

<EncryptedKey> <ReferenceList> <DataReference URI=“100” /> <DataReference URI=“101” /> </ReferenceList> <EncryptedKey>

< ReferenceList />• <ReferenceList> is a child element of

<EncryptedKey>• <ReferenceList> refers to the

<EncryptedData> elements which use the same key to encrypt

<CarriedKeyName />

• With <ReferenceList> multiple <EncryptedData> elements are referred by a single <EncryptedKey> key element.

• The CarriedKeyName element is used to identify the encrypted key value which may be referenced by the KeyName element in ds:KeyInfo

XML-Encryption - Processing

• Choose an encryption algorithm <EncryptionMethod/>

• Obtain an encryption key and may represent it• Serialize message data to octets [ a stream of

bytes]• Encrypt the data• Specify the <EncryptedData Type=“”>• Complete the <EncryptedData> structure

Decryption Process

• Get algorithm, parameters and KeyInfo• Locate the encryption key• Decrypt data• Process XML Elements and XML Element

Content• If no <EncryptionData Type=“”> specified

then the result of encryption is passed back to the application.

lean . enterprise . middleware

XML Encryption

Education

xml encryption keyinfo

encrypted encryption

asymmetric key encryption

xml signatures

encryption algorithm

result of encryption

xml signature keyinfo

xml element content