Presentation is loading. Please wait.

Presentation is loading. Please wait.

XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.

Published byDavid Sutherland Modified over 11 years ago

Similar presentations

Presentation on theme: "XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA."— Presentation transcript:

1 XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA

2 EMC Confidential – Do Not Distribute Background RSA Laboratories PKCS #5 deals with password-based cryptography I.e., how to derive keys from shared secrets such as passwords These keys are then used for encryption or message authentication PKCS #5 syntax originally in ASN.1 Natural for use with S/MIME, etc. XML syntax published in 2007 http://www.rsa.com/rsalabs/node.asp?id=2127

3 EMC Confidential – Do Not Distribute PKCS #5 XML Syntax (snippet) For use in xenc:EncryptionMethod … http://www.w3.org/2001/04/xmlenc#aes128-cbc

4 EMC Confidential – Do Not Distribute Whats Missing? An ability to inform a recipient that she should use a key derived from a known pass-phrase (or other shared secret) for multiple encrypted data (or authenticated data) instances A single encrypted (authenticated) data works with current approach (PBES2/PBMAC1) WS-I also recommends forward cross-referencing in this case It was felt this should be an extension to XML Enc rather than PKCS Too generic – Derived Key The current gap causes some issues – e.g. in IETF KEYPROV that leverages PKCS #5 Had to define their own Derived Key key type

5 EMC Confidential – Do Not Distribute One (out of many!) Possible Way to Do It Modeled after

6 EMC Confidential – Do Not Distribute Summary There are use cases for a Derived Key key type They are not currently covered by XML Enc (or by PKCS #5) XML Security Group could be natural place to introduce this Would like to contribute in this area of work Happy to take on editing responsibility in this regard

Download ppt "XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA."

Similar presentations

Public Key Infrastructure What can it do for you?.

Public Key Infrastructure What can it do for you?.
Public Key Infrastructure – tell me in plain English AND THEN deep technical how PKI works Steve Lamb stephlam@microsoft.com http://blogs.technet.com/steve_lamb.

Public Key Infrastructure – tell me in plain English AND THEN deep technical how PKI works Steve Lamb
Cryptography Ch-1 prepared by: Diwan.

Cryptography Ch-1 prepared by: Diwan.
PKCS-11 Protocol for Enterprise Key Management

PKCS-11 Protocol for Enterprise Key Management
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
OGSA Security Profile 2.0 (a.k.a. Express Authentication Profile) DUANE MERRILL October 18, 2007.

OGSA Security Profile 2.0 (a.k.a. Express Authentication Profile) DUANE MERRILL October 18, 2007.
Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Dynamic Symmetric Key Provisioning Protocol (DSKPP)
UPnP Security Vic Lortz Chair, Security WC Intel Corporation.

UPnP Security Vic Lortz Chair, Security WC Intel Corporation.
Yunling Wang VoIP Security COMS 4995 Nov 24, 2008 XCAP The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)

Yunling Wang VoIP Security COMS 4995 Nov 24, 2008 XCAP The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)
XML Schema 2005. 7. 14 Heewon Lee. Contents 1. Introduction 2. Concepts 3. Example 4. Conclusion.

XML Schema Heewon Lee. Contents 1. Introduction 2. Concepts 3. Example 4. Conclusion.
CT-KIP Magnus Nyström, RSA Security 23 May 2005. Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.

CT-KIP Magnus Nyström, RSA Security 23 May Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.
CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.
1 May 25, 2005 Security Pki en pkcs. 2 May 25, 2005 Waarom beveiligen? Confidentiality – to keep exchanged information private Integrity – to prove that.

1 May 25, 2005 Security Pki en pkcs. 2 May 25, 2005 Waarom beveiligen? Confidentiality – to keep exchanged information private Integrity – to prove that.
PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.

PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.
PKCS #9 v2.0 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.

PKCS #9 v2.0 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format

Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format
XML Encryption Prabath Siriwardena Director, Security Architecture.

XML Encryption Prabath Siriwardena Director, Security Architecture.
Secure E-mail Systems.

Secure Systems.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.

Apr 4, 2003Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication.

Similar presentations

Ads by Google