Streaming Validation Model for SOAP Digital Signature

1
Streaming Validation Model for SOAP Digital
Signature

• Wei Lu, Kenneth Chiu, Aleksander Slominski,
  Dennis Gannon
• welu_at_cs.indiana.edu
• Extreme! Lab, Indiana University

2
Outline

• Quick review of XML Signature and SOAP Digital
  Signature
• Streaming model for SOAP signature validation
• Performance measurement
• Conclusion

3
XML

• What is XML essentially?
• tree (XML Infoset or XQDM)
• XML 1.0 syntax
• the rules to serialize the tree
• Formal representation (from Tulafale)
• Element sub-tree
• bytes xml_1_0_serialize(e Element)

ltcontract noFE233E date2005/01/01gt ltcust
omergt Tom lt/customergt lt/contractgt
4
Various representations
ltcontract noFE233E date2005/01/01gt ltcust
omergt Tom lt/customergt ltdealergt Jerry
lt/dealergt ltpricegt lt/pricegt lt/contractgt
ltcontract date2005/01/01 noFE233E
gt ltcustomergt Tom lt/customergt ltdealer gt Jerry
lt/dealergt ltprice/gt lt/contractgt
5
Canonicalization (C14N)

• Purpose
• to build 1-1 relationship between XML data and
  its serialized representation.
• bytes c14n(e Element)
• A set of encoding rules
• Empty elements are converted to start-end tag
  pairs
• Normalize white space
• Attribute value delimiters are set to quotation
  marks (double quotes)
• Lexicographic order is imposed on the namespace
  declarations and attributes of each element

6
Canonicalization (C14N)

• Why do we need it? Equivalence
• c14n(Element A) c14n(Element B) ? A B
• Digest of a xml element
• bytesdigest hmac(c14n(Elemente))
• hmac(c14n(ElementA)) hmac(c14n(ElementB)) ?
  A B
• C14N is unavoidable theoretically

7
XML Signature SOAP msg signature

• Syntax to associate between the signature and the
  XML data
• Transform
• Referred data signed data can be different
• XPath, XSLT
• SOAP signature
• Apply the XML Signature syntax in SOAP message.
• Signature element has to be in the SOAP header

8
Validation of a XML signature

• Reference validation
• Locating the referred data
• (Apply transformations on the referred data)
• C14N over the result to get canonical form
• Calculate digest from the canonical form
• Signature validation
• C14N over ltSignedInfogt to get canonical form
• Verify the signature value of canonical form

9
Motivation for optimization

• Memory requirement (at least)
• 1 DOM 1 Node-set
• 2 canonical octet streams
• Computation requirement (at least)
• Dom building Parsing
• Node-set building
• 2 C14N digest calculating
• Message Based Security is not cheap!
• GT4 set SSL be default security mechanism
• C14N is the bottleneck (Satoshi Shirasuna)

10
Outline

• Quick introduction of XML Signature and SOAP
  Digital Signature
• Streaming model for SOAP signature validation
• Performance measurement
• Conclusion

11
Streaming validation model

• Streaming C14N GHPX
• Embed the C14N processing in the XML parser
• No DOM
• SOAP-specific signature validation SSSV
• Streaming-able Template (most cases)
• Only invocation/result in the body will be
  signed,
• signature precedes the signed data
• Without transformations (most likely)
• works on SAX events, no explicit XPath Node Set

12
Streaming C14N

• C14N conversion rules
• Syntax based rule
• Line-break normalization,attribute value
  normalization and empty element conversion
• Context based rule
• (Namespace,DTD)
• the lexicographical ordering of the attributes
  etc.
• Utilize the context of XML parsing
• XML parser has all the needed information.
• Doing C14N conversion as soon as the information
  is available.
• Canonical octet stream is the byproduct of parsing

13
XML Parser with Streaming C14N

• GHPX
• Transition diagram for production rules
• element EmptyElemTag STag content Etag
• EmptyElemTag lt Name (S Attribute) S? /gt
• STag lt Name (S Attribute) S? gt
• Associate transition with C14N action

14
C14N Session

• Duration when parser is doing C14N
• Open/close
• Session option DIGEST-ONLY
• Need digest over the canonical stream , instead
  of the canonical stream
• Calculate the digest incrementally without need
  of the holding entire canonical stream, a small
  chunk is enough

15
Streaming SOAP Signature Validation (SSSV)
Streaming-able template
16
Outline

• Quick introduction of XML Signature and SOAP
  Digital Signature
• Streaming model for SOAP signature validation
• Performance measurement
• Conclusion

17
Measurements

• GHPX vs. Libxml2
• Parsing With SAX API
• Similar!
• Streaming C14N vs. DOM based C14N
• Libxml2 needs two separate stages
• Parsing and DOM tree building(yellow)
• C14N(blue)
• GHPX (red)
• Combines both stages into one pipeline
• DOM based C14N take more time than creating DOM !

18
Measurements Performance Evaluation

• GHPX/SSSV vs. XML Security lib
• Performance of signature validation
• Linear to number of elements
• Memory usage
• GHPX memory usage is constant
• Streaming advantage!

19
How much we have to pay in minimum?

• Comparing 1) DOM based validation (libxml2) 2)
  streaming validation (GHPX) 3) PGP
  signature validation

20
Conclusion and future work

• DOM and XPath Node set based DOM are expensive
• C14N over the DOM is even more expensive,
• Bad scalability for memory usage
• Parser supports streaming canonicalization
• Specific implementation for common case is good
  enough
• Planned to support the streaming XPath query
  based on streaming C14N.
• Planned to merge streaming validation within our
  Web service security toolkit

21
Question?

• Extreme! Lab, Indiana University
• www.extreme.indiana.edu