XML Encryption - PowerPoint PPT Presentation
1 / 10
Title:
XML Encryption
Description:
The data can be an XML document, an XML element, or XML element content. ... EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc' ... – PowerPoint PPT presentation
Number of Views:212
Avg rating:3.0/5.0
Title: XML Encryption
1
XML Encryption
- Xuemei Li
- Old Dominion University
- 11/02/2005
2
Outline
- W3C XML encryption recommendation
- http//www.w3.org/TR/xmlenc-core/
- Apache XML security
- http//xml.apache.org/security/index.html
- Demo
- XML encryption
- decryption
3
W3C Encryption Recommendation
- W3C Recommendation 10 December 2002
- The data can be an XML document, an XML element,
or XML element content. - The result of encrypting data is an XML
Encryption EncryptedData element which contains
or identifies (via a URI reference) the cipher
data.
4
Encryption Syntax
- ltEncryptedData Id? Type? MimeType? Encoding?gt
- ltEncryptionMethod/gt?
- ltdsKeyInfogt
- ltEncryptedKeygt?
- ltAgreementMethodgt?
- ltdsKeyNamegt?
- ltdsRetrievalMethodgt? ltdsgt?
- lt/dsKeyInfogt?
- ltCipherDatagt
- ltCipherValuegt?
- ltCipherReference URI?gt?
- lt/CipherDatagt
- ltEncryptionPropertiesgt?
- lt/EncryptedDatagt
5
Sample XML Document
- ltPaymentInfo xmlns'http//example.org/paymentv2'gt
- ltNamegtJohn Smithlt/Namegt
- ltCreditCard Limit'5,000' Currency'USD'gt
- ltNumbergt4019 2445 0277 5567lt/Numbergt
ltIssuergtExample Banklt/Issuergt
ltExpirationgt04/02lt/Expirationgt - lt/CreditCardgt
- lt/PaymentInfogt
6
XML Document Encrypted with a Common Secret Key
- ltPaymentInfo xmlns'http//example.org/paymentv2'gt
- ltNamegtJohn Smithlt/Namegt
- ltEncryptedData Type'http//www.w3.org/2001/04/xm
lencElement' xmlns'http//www.w3.org/2001/04/xm
lenc'gt - ltEncryptionMethod Algorithm'http//www.w3.org/2
001/04/xmlenctripledes-cbc'/gt ltKeyInfo
xmlns'http//www.w3.org/2000/09/xmldsig'gt
ltKeyNamegtJohn Smithlt/KeyNamegt - lt/KeyInfogt
- ltCipherDatagt
- ltCipherValuegtydUNqHkMrD...lt/CipherValuegt
- lt/CipherDatagt
- lt/EncryptedDatagt
- lt/PaymentInfogt
7
XML Document Encrypted with Encrypted Secret Key
- ltPaymentInfo xmlns'http//example.org/paymentv2'gt
- ltNamegtJohn Smithlt/Namegt
- ltEncryptedData Type'http//www.w3.org/20
01/04/xmlencElement' xmlns'http//www.w3.org
/2001/04/xmlenc'gt - ltEncryptionMethod Algorithm'http//www.w3.org/2
001/04/xmlenctripledes-cbc'/gt - ltKeyInfo xmlns'http//www.w3.org/2000/09/xm
ldsig'gt - ltEncryptedKey xmlns'http//www.w3.org/2
001/04/xmlenc'gt
ltEncryptionMethod Algorithm'http//www.w3
.org/2001/04/xmlencrsa-1_5' - ltKeyInfo xmlns'http//www.w3.or
g/2000/09/xmldsig'gt - ltKeyNamegtSally Doelt/KeyNamegt
- lt/KeyInfogt
- ltCipherDatagt
- ltCipherValuegtyMTEyOTA1M...lt/CipherValuegt
- lt/CipherDatagt
- lt/EncryptedKeygt
- lt/KeyInfogt
- ltCipherDatagt
- ltCipherValuegtydUNqHkMrD...lt/CipherVa
luegt - lt/CipherDatagt
- lt/EncryptedDatagt
- lt/PaymentInfogt
8
Apache XML Security Project
- The WebSig project (in Europe)
- Started in January 2000 and ended up in September
2001 - For XML Signature standard
- Aimed at providing implementation of security
standards for XML - Currently the focus is on the W3C standards
9
Apache XML Security Library
- Two libraries are available
- Java library
- A mature Digital Signature implementation
- Encryption is currently under development
- C library
- Functionality is more basic than that provided by
the Java library
10
Demo
- Using Apache XML Security library
- Java API
