Presentation is loading. Please wait.

Presentation is loading. Please wait.

XML CRYPTOGRAPHY CS 795. NET Sunish Kotla

Published byGerard Osborne Modified over 9 years ago

Similar presentations

Presentation on theme: "XML CRYPTOGRAPHY CS 795. NET Sunish Kotla"— Presentation transcript:

1 XML CRYPTOGRAPHY CS 795. NET Sunish Kotla Skotla@cs.odu.edu

2 OUTLINE What is XML Encryption? Approaches to XML Encryption How Encrypted Data is Stored? Types of XML Encryption Benefits of Xml Cryptography

3 XML ENCRYPTION W3C standard for encrypting XML elements. Specification that defines how to encrypt data Provides end-to-end security for applications that require secure exchange of structured data.

4 A PPROACHES TO XML E NCRYPTION Encrypt the xml using symmetric encryption only Encrypt the xml using a combination of asymmetric and symmetric encryption Encrypt the xml using a X.509 Certificate

5 H OW E NCRYPTED D ATA IS S TORED ? Two approaches:  Whole element is replaced with an element named  Only the data in the element is replaced and its name remains readable in the document

6 XML DOCUMENT

7 E NCRYPTED C ODE

8 N AMESPACES System.Xml System.Security.Cryptography System.Security.Cryptography.Xml

9 A SYMMETRIC XML E NCRYPTION P ROCESS Select an element in an XML document (selecting the root will encrypt the whole document). Encrypt the element using a symmetric encryption key, known as the session key. Encrypt the session key using asymmetric encryption (the public key is used). Create an EncryptedData element which will contain the encrypted data and the encrypted session key. Replace the original element with the EncryptedData element.

10

11 A SYMMETRIC XML D ECRYPTION P ROCESS Select the EncryptedData element in an XML document Decrypt the session key using an asymmetric key (the private key is used) Decrypt the cipher data using the unencrypted symmetric encryption. Replace the EncryptedData element with the unencrypted element.

12

13 T YPES OF XML E NCRYPTION Consider the following example: John Smith 4019 2445 0277 5567 Example Bank 04/02

14 E NCRYPTING AN XML E LEMENT John Smith A23B45C56

15 E NCRYPTING XML E LEMENT C ONTENT John Smith A23B45C56

16 E NCRYPTING XML E LEMENT C ONTENT (C HARACTER D ATA ) John Smith A23B45C56 Example Bank 04/02

17 B ENEFITS OF X ML C RYPTOGRAPHY Encrypted data is maintained. Session can be secured on the document level and shared between multiple parties. Sensitive data is easily interchanged between applications.

18 R EFERENCES  XML Encryption by By: Derek Smyth : http://dotnetslackers.com/articles/xml/XMLEncryption. aspxDerek Smyth http://dotnetslackers.com/articles/xml/XMLEncryption. aspx  XML Encryption Syntax and Processing By Takeshi Imamura, Blair Dillaway, Ed Simon  http://www.ibm.com/developerworks/xml/library/x- encrypt2/ http://www.ibm.com/developerworks/xml/library/x- encrypt2/  http://www.devx.com/dotnet/Article/21564 http://www.devx.com/dotnet/Article/21564

19 Thank You!!!

Download ppt "XML CRYPTOGRAPHY CS 795. NET Sunish Kotla"

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Smart Card Authentication. Outline for Today Introduction of Smart Card Authentication Different Authentication Techniques Explain Authentication Techniques.

Smart Card Authentication. Outline for Today Introduction of Smart Card Authentication Different Authentication Techniques Explain Authentication Techniques.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,

Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,
Conventional Encryption: Algorithms

Conventional Encryption: Algorithms
IS 302: Information Security and Trust Week 4: Asymmetric Encryption

IS 302: Information Security and Trust Week 4: Asymmetric Encryption
XML Encryption Prabath Siriwardena Director, Security Architecture.

XML Encryption Prabath Siriwardena Director, Security Architecture.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Cryptography The science of writing in secret code.

Cryptography The science of writing in secret code.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Feb 25, 2003Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.
Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.
CC3.12 Erdal KOSE Privacy & Digital Security Encryption.

CC3.12 Erdal KOSE Privacy & Digital Security Encryption.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Mar 5, 2002Mårten Trolin1 Previous lecture More on hash functions Digital signatures Message Authentication Codes Padding.

Similar presentations

Ads by Google