Loading ...
Sorry, an error occurred while loading the content.

9615Re: [soapbuilders] Re: Super-Encryption AND Digital Signatures

Expand Messages
  • mlong@bridgetonconsulting.com
    Dec 2, 2003
    • 0 Attachment
      Here's the scenario.

      (1) Sender generates an RC2 key-pair.
      (2) Sender encrypts the RC2 Key (not the IV) via RSA using the sender's RSA
      private key.
      (3) Sender then generates the RC2 cipher value.
      (4) Sender generates a second RC2 key-pair
      (5) Sender encrypts the RC2 Key via RSA using the receivers RSA public key.
      (6) Sender then generates the cipher value based on the previous cipher value.

      (7) send the message ...
      (8) Receiver decrypts the outer cipher value using the receiver's RSA private
      key, yielding IV and decrypted KEY for RC2 decryption. (Only the receiver can
      decrypt the message).
      (9) Receiver decrypts the inner cipher value using the sender's RSA public key,
      yielding IV and decrypted KEY for RC2 decryption. (Only the sender could have
      sent the message).

      WS-Security comes into play because an authenticated sender enables a quick
      lookup of the sender's public key and encryption algorithm from the pov of the
      receiver.

      Is this clearer?

      Thx,

      -Matt


      Quoting Rich Salz <rsalz@...>:

      > > If it is modified in transit, would it not fail to decrypt from the
      > > receiver's pov.
      >
      > But if it's typical XML-Encryption, then anyone can create new fake
      > content. Data is encrypted with a bulk key (3DES or AES), and that
      > session key is encrypted with the reciever's public key, so only the
      > receiver can get the key and do the bulk decrypt. But since it's a
      > public key, anyone can generate content.
      >
      > > With the caveat that WS-Security is used to
      > > identity the sender and thus obtain the sender's public key. (Replay
      > > attacks excluded via wsu:Nonce).
      >
      > But the Sender's keys do not normally enter into encryption at all.
      >
      > How are you planning on super-encrypting? Super-encryption typically
      > means its encrypted twice. The goal is to make it harder for the adversary
      > to get to the plaintext -- they have twice as many keys to crack, and
      > getting that first one doesn't give them plaintext, it only gives them
      > hihg-entropy encrypted text, that they THEN need to crack to get the
      > plaintext.
      >
      > Super-encryption doesn't make it hard to generate bogus content, and it
      > does nothing to verify the source of the content. Unless you're doing
      > something I'm missing, which is quite possible. So, how are you
      > doing to do this?
      >
      > Make sense?
      > /r$
      >
      > --
      > Rich Salz Chief Security Architect
      > DataPower Technology http://www.datapower.com
      > XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
      > XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
      >
      >
      >
    • Show all 22 messages in this topic