Signature tools using SHA-256, ECC, etc.

["Anders Rundgren" <anders.rundgren@telia.com>]

It is occasionally claimed that SHA-1 is insufficient and should be replaced with SHA-256 and up.  Recently we heard that NSA is recommending ECC over RSA as well.

 

This is hard to cope with for S/MIME (e-mail) systems since you may not always know the capabilities of the relying party's software.  For on-line signature systems using WASP (Web Activated Signature Protocol), such consideration do not apply since the requester (which is also the relying party), can specify a number of acceptable signature profiles and the client software will select the first one matching its own capabilities.  By specifying both newer and older algorithm profiles, a "soft" (migrative) approach to the introduction of new cryptographic algorithms, including ECC, is facilitated.  Below is an authentic WASP signature using SHA-256 and RSAwithSHA-256

<?xml version="1.0" encoding="UTF-8"?>
<SignatureResponse xmlns="http://xmlns.ws-mobile.org/20060301/wasp#core">
    <pr:XMLDSig.Profile.0.Signature ClientTime="2006-05-27T13:56:59+02" ID="_10b75b44e0d78cfd7d58a613b50" RequestURL="http://arport2/wasp/SignUsingStrongerCrypto" SubmitURL="http://arport2/wasp/SignUsingStrongerCrypto" xmlns:pr="http://xmlns.ws-mobile.org/20060301/wasp#xmldsigprofile0">
        <DocumentReferences>
            <MainDocument MimeType="text/html" cid="cid:d0@arport2"/>
        </DocumentReferences>
        <DocumentSignatures CanonicalizationAlgorithm="http://xmlns.ws-mobile.org/20060301/wasp#cn-std" DigestAlgorithm="http://www.w3.org/2001/04/xmlenc#sha256">
            <Digest cid="cid:d0@arport2">MSmcjH567Tr9Dlu+VfPg37g7mcCWqWDYAk+kNlZGc8Y=</Digest>
        </DocumentSignatures>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
            <ds:SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                <ds:Reference URI="#_10b75b44e0d78cfd7d58a613b50">
                    <ds:Transforms>
                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <ds:DigestValue>JA0FK0bL8O7vSs/cJV7GnHvoWxtXEFHALjwqBK0f374=</ds:DigestValue>
                </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>Dk+YOZ/IjWgikTVlYQBmJI2HlMo4nDfq2jeyBBUVqPYZ/ZDIfyJ65BWDng3h2vd+jI77RN5LPPK0KKtsraM1OV8qe0C6mqUuEwcOs8U5xcNGhz2dLaWgrOd315p6grp6fwrviwGo+YkLhhSFys8U05Z/Wdzivp7O1Qpmd8TjLYA=</ds:SignatureValue>
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509IssuerSerial>
                        <ds:X509IssuerName>CN=Demo Sub CA,O=example.com,C=US</ds:X509IssuerName>
                        <ds:X509SerialNumber>123456790</ds:X509SerialNumber>
                    </ds:X509IssuerSerial>
                    <!-- Signer DN: "CN=Marion Anderson, serialNumber=19750710-1518" -->
                    <ds:X509Certificate>MIIB7TCCAVigAwIBAgIEB1vNFjALBgkqhkiG9w0BAQUwOTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC2V4YW1wbGUuY29tMRQwEgYDVQQDEwtEZW1vIFN1YiBDQTAeFw0wMzExMjAyMDM1MDZaFw0wODExMTgyMDM1MDZaMDIxFjAUBgNVBAUTDTE5NzUwNzEwLTE1MTgxGDAWBgNVBAMTD01hcmlvbiBBbmRlcnNvbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr1nhR7brtuFJex6IAWEp1XChlzXfGqpStdaei1MRov3LaFdh3fIacba9lT00BG2xTawgBpvtAh3MfC+WrmUjt158gzGhrVqqowR+eHOXtKo/WVld0Krw8UyVcQxAIB8u3Aiuq0JLfoMrqC+HED4WUrUZJBgysakZ+2wqAgD5Qt8CAwEAAaMNMAswCQYDVR0TBAIwADALBgkqhkiG9w0BAQUDgYEAap6CgqXfnRsJ/Uk2Gm28WbpMwVqeh9tFM5nll1RvQR4Nyi2PfnT/GsPgHxPidsqH58E0xXbFS61fHN+GEBz5IWQxNOaAjF2THoI24RwTZEsOpA0N86shZ+o6yFdDIueDnJGAWWE4BN9MP2biyo78T6QdG9+Wq31BjtY972pCK/s=</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </ds:Signature>
    </pr:XMLDSig.Profile.0.Signature>
    <DocumentData>
        <Text cid="cid:d0@arport2"><![CDATA[<html><head><style type="text/css">
body {margin: 25px; font-weight: normal;font-family: arial, helvetica, sans-serif;font-size: 10pt}
</style></head><body><h2>Using SHA256 and RSA/SHA256 Algorithms</h2>This is a simple document that is to be signed using SHA256 and RSA/SHA256 crypto-algorithms.  In addition, the document data is also copied to the resulting signature blob.<p>Click on the XML icons to view the enhanced signature request and response messages!</body></html>]]></Text>
    </DocumentData>
</SignatureResponse>

 

 

BTW, after 3+ years of "moonshine" work, the WASP specification is finally getting ready for publishing.

 

Regards

Anders Rundgren