New York University

Computer Science Department

Courant Institute of Mathematical Sciences

 

Secure Message Exchange on the Internet

 

Course Title: Application Servers                                           Course Number: g22.3033-011

Instructor: Jean-Claude Franchitti                                            Session: 12

 

 

XML and Security Standards

 

Various widely accepted security standards are available today to secure communication on the Internet. The most relevant standards, which include IPSec, Secure Socket Layer, S/MIME, and Pretty Good Privacy. IPS Security (IPSec) provides IP-level security and is widely used for Virtual Private Networks (VPNs). Secure Socket Layer (SSL) provides transport-level security and has become a de facto standard for secure HTTP connections. SSL uses X.509 certificates for authentication. SSL is a secure protocol in the session layer, and is being standardized by the IETF as the Transport Layer Security (TLS). Secure/Multipurpose Internet Mail Exchange (S/MIME) is the secure mail standard, and it also used X.509 certificates for authentication. Pretty Good Privacy (PGP) is the de facto standard for e-mail security. It can be used to send encrypted digital signatures and to encrypt stored files.

 

SSL Secure Messaging

 

Native SSL supports three of the four aspects of secure messaging including confidentiality, integrity, and authentication. SSL supports confidentiality via the use of a symmetric cryptosystem such as the Data Encryption Standard, and Ron’s Code (i.e., RC-4). While DES uses a 56-bit key, RC-4 uses a 40-128 bits variable key length. SSL supports integrity via Message Authentication Code (MAC). MAC is based on a secure hash function such as Message Digest 5 (i.e., MD5) and Secure Hash Algorithm 1 (i.e., SHA 1). SSL client authentication is optional and supported via HTTP/SSL or SSL Certificate-Based methods). SSL server authentication is mandatory, and supported via Server digital certificates issues by a Certificate Authority (CA) such as Verisign, Inc. The digital certificate format used in SSL is X.509 as defined by the International Telecommunications Union-Telecommunication Standardization Sector (i.e., ITU-T). We refer students to sections 7.5.2 and 7.5.3 of “XML and Java”for additional details on SSL Secure Messaging (H. Maruyama and al., AW, ISBN 0-201-48543-5). Relevant information includes the steps to follow to obtain a server certificate from Verisign, a detailed description of server and client authentication processes, and SSL-Based web applications implementation guidelines.

 

XML Signatures

 

XML digital signatures are required for SSL to satisfy non-repudiatability, which corresponds to the fourth secure messaging requirement. There are several standard digital signature formats among which PKCS#7 is the most widely used. Digitally signing an XML document requires the computation of the hash value of the document. However, there may be very many physical representations of the same logical XML document that only differ due to XML’s flexibility regarding character encoding, handling of whitespaces, presence of attribute default values, and expression of empty elements. As a result of these differing physical representations, the same logical XML document may have  various character string representations. In order to solve this issue, it is necessary to recourse to canonicalization of XML documents. Canonicalization guarantees that two XML representations are logically equal if and only if their canonical forms are identical. We refer students to section 7.6 of “XML and Java” for additional information on hash and digital signatures of XML documents. In particular, section 7.6.2 describes the use of a hash value based on the DOM structure (i.e., DOMHash) and illustrates the use the Java Cryptography Architecture (JCA) to sign and verify and XML document using a Digital Signature based on DOMHash.