Loading ...
Sorry, an error occurred while loading the content.

9628Re: [soapbuilders] Re: Super-Encryption AND Digital Signatures

Expand Messages
  • mlong@bridgetonconsulting.com
    Dec 4, 2003
    • 0 Attachment
      Allow me to try this will a little pseudo-math.

      Encryption for Sender:

      SymmetricKey1 = TripleDES(IV1,Key1)
      CipherValue1 = Encrypt[TripleDES(MyMessage)]
      InnerEncryptedKey = RSA_Encrypt(Key1) [using sender's RSA private key]

      SymmetricKey2 = TripleDES(IV2,Key2)
      CipherValue2 = Encrypt[TripleDES(CipherValue1)]
      OuterEncryptedKey = RSA_Encrypt(Key2) [using receiver's RSA public key]


      Decryption for Receiver:

      Key2 = RSA_Decrypt[OuterEncryptedKey] [using receiver's RSA private key]
      CipherValue1 = Decrypt[TripleDES(CipherValue2)]
      Key1 = RSA_Decrypt[InnerEncryptedKey] [using sender's RSA public key]
      MyMessage = Decrypt[TripleDES(CipherValue1)]

      Naturally, IV1 and IV2 are the first 8 octets of their respective cipher
      values. (omitted for brevity).

      (1) You could decrypt MyMessage and send it two someone else.
      (a) But you couldn't impersonate the sender (the senders private key is
      not available)
      (2) You could decrypt CipherValue2 and re-encrypt CipherValue1 which something
      akin to CipherValue2' and forward the message.
      (a) But the decryption of CipherValue1 now yields a sender not from the
      source of the message sent, i.e. public key of forwarding sender cannot be
      used to decrypt the Key1 of CipherValue1.

      More thoughts and comments, please.

      Thx,

      -Matt









      Quoting Rich Salz <rsalz@...>:

      > > Hmmm...under my scenario the content can be duplicated, but not altered.
      > > Because the receiver does not have the private key of the sender, i.e., the
      >
      > > receiver cannot re-encrypt the inner cipher value identically (to spoof the
      >
      > > original sender) due to the fact that the original sender's private key is
      > not
      > > known to the receiver.
      >
      > Perhaps I don't understand. I was talking about re-using the cipher to
      > create a modified message. The adversary (compromised recipient)
      > doesn't need to generate a new inner key, he just re-uses it generate a
      > new messsage. Now the original sender can't prove the receiver wrong.
      > /r$
      >
      > --
      > Rich Salz, Chief Security Architect
      > DataPower Technology http://www.datapower.com
      > XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
      > XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
      >
      >
      >
    • Show all 22 messages in this topic