An Analysis of XMPP Security Team “Vision” Chris Nelson Ashwin Kulkarni Nitin Khatri Taulant Haka Yong Chen CMPE 209 Spring 2009
Agenda HISTORY OF XMPP HISTORY OF XMPP INTRODUCTION TO XMPP INTRODUCTION TO XMPP SECURITY IN XMPP SECURITY IN XMPP Use of TLS (Transport Layer Security)Use of TLS (Transport Layer Security) Use of SASL (Simple Authentication and Security Layer)Use of SASL (Simple Authentication and Security Layer) SECURITY CONCERNS IN XMPP SECURITY CONCERNS IN XMPP Conclusion Conclusion
HISTORY OF XMPP 1998-Core technology was invented by Jeremie Miller 1998-Core technology was invented by Jeremie Miller Jeremie Miller Jeremie Miller 1999-Jabber open-source community initially started to developed the protocol 1999-Jabber open-source community initially started to developed the protocol 2000-Instant Messaging and Presence Protocol (IMPP) Working Group published the result 2000-Instant Messaging and Presence Protocol (IMPP) Working Group published the result 2002 and 2003-XMPP protocol was formalized by IETF 2002 and 2003-XMPP protocol was formalized by IETFIETF 2004-The XMPP RFCs were published The XMPP RFCs were published.XMPP RFCsXMPP RFCs 2007-Jabber Software Foundation was renamed XMPP Standards Foundation 2007-Jabber Software Foundation was renamed XMPP Standards Foundation
Application using XMPP Instant messaging Instant messaging Presence Presence Media session management Media session management Shared editing Shared editing Whiteboarding Whiteboarding Collaboration Collaboration Lightweight middleware Lightweight middleware Content syndication Content syndication Generalized XML routing. Generalized XML routing.
The core protocols of Extensible Messaging and Presence Protocol Jabber Client Jabber Client Jabber Client Jabber Client Jabber Server Jabber Server Jabber Server Jabber Server Presence and IM Session Establishment Presence and IM Session Establishment Presence and IM Session Establishment Presence and IM Session Establishment Resource Binding Resource Binding Resource Binding Resource Binding Server Dialback Server Dialback Server Dialback Server Dialback Simple Authentication and Security Layer Simple Authentication and Security Layer Simple Authentication and Security Layer Simple Authentication and Security Layer S/MIME Encryption S/MIME Encryption S/MIME Encryption S/MIME Encryption Stanza Errors Stanza Errors Stanza Errors Stanza Errors Stream Errors Stream Errors Stream Errors Stream Errors Transport Layer Security Transport Layer Security Transport Layer Security Transport Layer Security XML Streams XML Streams XML Streams XML Streams
XMPP Communication XMPP uses XML to communicate between two nodes A client and a server A server and a server A client and another client via one or more servers
XMPP Communication (cont.) simplistic view of one-way communication using XMPP. simplistic view of one-way communication using XMPP. -open connection -open connection close connection close connection and indicate the start and end of the stanza and indicate the start and end of the stanza and information/query (iq) requests and responses and information/query (iq) requests and responses
SECURITY IN XMPP XMPP is built on four layers XMPP is built on four layers TCP as the reliable transport protocolTCP as the reliable transport protocol TLS for encryption of data sent over the TCP connectionTLS for encryption of data sent over the TCP connection SASL for authentication of nodes communicating over TLS and TCPSASL for authentication of nodes communicating over TLS and TCP XMPP as an application communicating over the reliable, authenticated, and encrypted channel XMPP as an application communicating over the reliable, authenticated, and encrypted channel
SECURITY IN XMPP Use of TLS The initiating entity opens a TCP connection including the 'version' attribute The initiating entity opens a TCP connection including the 'version' attribute The receiving entity responds by opening a TCP connection including the 'version' attribute The receiving entity responds by opening a TCP connection including the 'version' attribute The receiving entity offers the STARTTLS extension including a element as a child of the The receiving entity offers the STARTTLS extension including a element as a child of the
SECURITY IN XMPP Use of TLS (Cont) The initiating entity issues the STARTTLS command The initiating entity issues the STARTTLS command The receiving entity MUST reply with either a element or a The receiving entity MUST reply with either a element or a The initiating entity and receiving entity attempt to complete a TLS negotiation The initiating entity and receiving entity attempt to complete a TLS negotiation If the TLS negotiation is unsuccessful, the receiving entity MUST terminate the TCP connection If the TLS negotiation is unsuccessful, the receiving entity MUST terminate the TCP connection
SECURITY IN XMPP Use of SASL The initiating entity requests SASL authentication by including the 'version' The initiating entity requests SASL authentication by including the 'version' The receiving entity advertises a list of available SASL authentication mechanisms The receiving entity advertises a list of available SASL authentication mechanisms The initiating entity selects a mechanism by sending an The initiating entity selects a mechanism by sending an The receiving entity challenges the initiating entity by sending a The receiving entity challenges the initiating entity by sending a The initiating entity responds to the challenge by sending a The initiating entity responds to the challenge by sending a
SECURITY IN XMPP Use of SASL (cont.) If necessary, the receiving entity sends more challenges -- the initiating entity sends more responses until: If necessary, the receiving entity sends more challenges -- the initiating entity sends more responses until: The initiating entity aborts the handshake by sending an The initiating entity aborts the handshake by sending an The receiving entity reports failure of the handshake by sending a The receiving entity reports failure of the handshake by sending a The receiving entity reports success of the handshake by sending a The receiving entity reports success of the handshake by sending a
XMPP Extensions Instant Messaging and Presence -- base XMPP extensions for instant messaging, contact lists, presence, and privacy blocking. (RFC 3921) Instant Messaging and Presence -- base XMPP extensions for instant messaging, contact lists, presence, and privacy blocking. (RFC 3921)RFC 3921RFC 3921 End-to-End Signing and Object Encryption (RFC 3923) End-to-End Signing and Object Encryption (RFC 3923)RFC 3923RFC 3923 XMPP extensions with additional features including XML-RPC and SOAP bindings, in- band registration, extended presence, geolocation, and reliable message delivery (XEP series ) XMPP extensions with additional features including XML-RPC and SOAP bindings, in- band registration, extended presence, geolocation, and reliable message delivery (XEP series )XEP seriesXEP series
XMPP Extensions ( ) XMPP Extensions (XEP series )XEP series Service Discovery -- a robust protocol for determining the features supported by other entities on an XMPP network (XEP-0030) Service Discovery -- a robust protocol for determining the features supported by other entities on an XMPP network (XEP-0030)XEP-0030 Data Forms -- a flexible protocol for forms- handling via XMPP, mainly used in workflow applications and for dynamic configuration (XEP ) Data Forms -- a flexible protocol for forms- handling via XMPP, mainly used in workflow applications and for dynamic configuration (XEP )XEP- 0004XEP File Transfer -- a protocol for transferring files from one XMPP entity to another (XEP-0096) File Transfer -- a protocol for transferring files from one XMPP entity to another (XEP-0096)XEP-0096 HTTP Binding -- a binding of XMPP to HTTP rather than TCP, mainly used for devices that cannot maintain persistent TCP connections to a server (XEP-0124 ) HTTP Binding -- a binding of XMPP to HTTP rather than TCP, mainly used for devices that cannot maintain persistent TCP connections to a server (XEP-0124 )XEP-0124
SECURITY CONCERNS IN XMPP Security depend on user Security depend on user User trust a certificate from an unknown sourceUser trust a certificate from an unknown source And/Or implementation And/Or implementation Performing SASL negotiations before securing the channel with TLSPerforming SASL negotiations before securing the channel with TLS sending message, presence, or iq data before completing the TLS or SASL negotiationssending message, presence, or iq data before completing the TLS or SASL negotiations
Conclusion XMPP was designed with security in mind XMPP was designed with security in mind Its architecture is solid Its architecture is solid The implementation is secure The implementation is secure Susceptible to careless users Susceptible to careless users
References Summary of XMPP. (2007, January 16). Retrieved March 8, 2008, from Extensible Messaging and Presence Protocol. Retrieved March 8, 2008, from Extensible Messaging and Presence Protocol (XMPP): Core. (2004, October). Retrieved March 8, 2008, from Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence. (2004, October). Retrieved March 8, 2008, from 6 End-to-End Signing and Object Encryption for the Extensible Messaging and Presence Protocol (XMPP). (2004, October). Retrieved March 8, 2008, from End-to-End Signing and Object Encryption for the Extensible Messaging and Presence Protocol (XMPP). (2004, October). Retrieved March 8, 2008, from The XMPP Federation. Retrieved March 8, 2008 from Simple Authentication and Security Layer (SASL). (2006, June). Retrieved March 8, 2008, from Extensible Messaging and Presence Protocol (XMPP): Core. (2004, October). Retrieved March 8, 2008, from
Questions and Answers Thank You!