Presentation is loading. Please wait.

Presentation is loading. Please wait.

XML Encryption, XML Signature, and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.

Published byRoger Robbins Modified over 8 years ago

Similar presentations

Presentation on theme: "XML Encryption, XML Signature, and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA."— Presentation transcript:

1 XML Encryption, XML Signature, and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA

2 Background RSA Laboratories PKCS #5 deals with “password-based cryptography” I.e., how to derive keys from shared secrets such as passwords These keys are then used for encryption or message authentication PKCS #5 syntax originally in ASN.1 Natural for use with S/MIME, etc. XML syntax published in 2007 http://www.rsa.com/rsalabs/node.asp?id=2127

3 PKCS #5 XML Syntax (snippet) For use in xenc:EncryptionMethod …

4 What’s Missing? An ability to inform a recipient that she should use a key derived from a known pass-phrase (or other shared secret) for multiple encrypted data (or authenticated data) instances A single encrypted (authenticated) data works with current approach (PBES2/PBMAC1) WS-I also recommends forward cross-referencing in this case It was felt this should be an extension to XML Enc/ XML Dsig rather than PKCS Too generic – Derived Key The current gap causes some issues – e.g. in IETF KEYPROV that leverages PKCS #5 Had to define their own Derived Key key type

5 One (out of many!) Possible Way to Do It Modeled after

6 Summary There are use cases for a “Derived Key” key type They are not currently covered by XML Enc, XML Dsig (or by PKCS #5) XML Security Group could be natural place to introduce this Would like to contribute in this area of work Happy to take on editing responsibility in this regard

Download ppt "XML Encryption, XML Signature, and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA."

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Dynamic Symmetric Key Provisioning Protocol (DSKPP)
XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.

XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.
CT-KIP Magnus Nyström, RSA Security 23 May 2005. Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.

CT-KIP Magnus Nyström, RSA Security 23 May Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.
CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.
PKCS #9 v2.0 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.

PKCS #9 v2.0 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Secure E-mail Systems.

Secure Systems.
CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
1 Intro To Encryption Exercise 11. 2 Problem Alice and Bob wish to play the game Paper, Rock and Scissors. What may be the problems with the game? The.

1 Intro To Encryption Exercise Problem Alice and Bob wish to play the game Paper, Rock and Scissors. What may be the problems with the game? The.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.
Lecture 12 e-mail Security. Summary  PEM  secure email  PGP  S/MIME.

Lecture 12 Security. Summary  PEM  secure  PGP  S/MIME.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google