XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.

Slides:



Advertisements
Similar presentations
Public Key Infrastructure What can it do for you?.
Advertisements

Public Key Infrastructure – tell me in plain English AND THEN deep technical how PKI works Steve Lamb
Cryptography Ch-1 prepared by: Diwan.
PKCS-11 Protocol for Enterprise Key Management
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
OGSA Security Profile 2.0 (a.k.a. Express Authentication Profile) DUANE MERRILL October 18, 2007.
Dynamic Symmetric Key Provisioning Protocol (DSKPP)
UPnP Security Vic Lortz Chair, Security WC Intel Corporation.
Yunling Wang VoIP Security COMS 4995 Nov 24, 2008 XCAP The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)
XML Schema Heewon Lee. Contents 1. Introduction 2. Concepts 3. Example 4. Conclusion.
CT-KIP Magnus Nyström, RSA Security 23 May Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.
CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.
1 May 25, 2005 Security Pki en pkcs. 2 May 25, 2005 Waarom beveiligen? Confidentiality – to keep exchanged information private Integrity – to prove that.
PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.
PKCS #9 v2.0 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format
XML Encryption Prabath Siriwardena Director, Security Architecture.
Secure Systems.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Public-Key Cryptography and RSA CSE 651: Introduction to Network Security.
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
Sorting Out Digital Certificates Bill blog.codingoutloud.com ··· Boston Azure ··· 13·Dec·2012 ···
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.
16.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 16 Security at the Application Layer: PGP and.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
Public-Key Cryptography CS110 Fall Conventional Encryption.
Cryptography and Network Security (SSL)
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.
Cryptography and Network Security (CS435) Part Twelve (Electronic Mail Security)
DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.
DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.
Internet Security. Four Issues of Internet Security Authenticity: Is the sender of a message who they claim to be? Privacy: Are the contents of a message.
Chapter 15: Electronic Mail Security
XML Encryption, XML Signature, and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.
Encryption.
11-Basic Cryptography Dr. John P. Abraham Professor UTPA.
Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.
June 6, CRISP Overview and Update Andrew Newton VeriSign Labs
Secure Systems Research Group - FAU Patterns for Web Services Security Standards Presented by Keiko Hashizume.
Class 4 Asymmetric Cryptography and Trusting Internal Components CIS 755: Advanced Computer Security Spring 2014 Eugene Vasserman
DIGITAL SIGNATURE.
March 2006IETF 65 - Dallas1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Dave Mitton, RSA Security for Magnus Nyström IETF SAAG.
Cryptography Readings Encryption, Decryption, & Digital Certificates.
PKCS #5: Password-Based Cryptography Standard
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.
Public-Key encryption structure First publicly proposed by Diffie and Hellman in 1976First publicly proposed by Diffie and Hellman in 1976 Based on mathematical.
1 Authenticated Key Exchange Rocky K. C. Chang 20 March 2007.
Portable Symmetric Key Container (PSKC) Mingliang Pei Philip Hoyer Dec. 3, th IETF, Vancouver.
PKCS #5 v2.0: Password-Based Cryptography Standard
By Marwan Al-Namari & Hafezah Ben Othman Author: William Stallings College of Computer Science at Al-Qunfudah Umm Al-Qura University, KSA, Makkah 1.
Re-chartering BFD – IETF 78 Jeffrey Haas, Dave Ward,
Security. Cryptography (1) Intruders and eavesdroppers in communication.
Security By Meenal Mandalia. What is ? stands for Electronic Mail. much the same as a letter, only that it is exchanged in a different.
1 CNLab/University of Ulsan Chapter 16 Electronic Mail Security  PGP (Pretty Good Privacy)  S/MIME.
RSA Laboratories’ PKCS Series - a Tutorial
RSA Laboratories’ PKCS Series - a Tutorial
Public-Key Cryptography and RSA
WS-SecureConversation
Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,
Marco Casassa Mont Keith Harrison Martin Sadler
Jim Schaad August Cellars
Presentation transcript:

XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA

EMC Confidential – Do Not Distribute Background RSA Laboratories PKCS #5 deals with password-based cryptography I.e., how to derive keys from shared secrets such as passwords These keys are then used for encryption or message authentication PKCS #5 syntax originally in ASN.1 Natural for use with S/MIME, etc. XML syntax published in

EMC Confidential – Do Not Distribute PKCS #5 XML Syntax (snippet) For use in xenc:EncryptionMethod …

EMC Confidential – Do Not Distribute Whats Missing? An ability to inform a recipient that she should use a key derived from a known pass-phrase (or other shared secret) for multiple encrypted data (or authenticated data) instances A single encrypted (authenticated) data works with current approach (PBES2/PBMAC1) WS-I also recommends forward cross-referencing in this case It was felt this should be an extension to XML Enc rather than PKCS Too generic – Derived Key The current gap causes some issues – e.g. in IETF KEYPROV that leverages PKCS #5 Had to define their own Derived Key key type

EMC Confidential – Do Not Distribute One (out of many!) Possible Way to Do It Modeled after

EMC Confidential – Do Not Distribute Summary There are use cases for a Derived Key key type They are not currently covered by XML Enc (or by PKCS #5) XML Security Group could be natural place to introduce this Would like to contribute in this area of work Happy to take on editing responsibility in this regard

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.