Begin forwarded message: -------- Original Message -------- Subject: [ws-sx-comment] Adding AlgorithmSuite using GCM to WS-SecurityPolicy Date: Mon, 08 Oct 2012 18:18:40 +0200 From: Alessio Soldano <asoldano@redhat.com> To: ws-sx-comment@lists.oasis-open.org CC: Colm O hEigeartaigh <coheigea@apache.org>, Juraj Somorovsky <juraj.somorovsky@rub.de>
Hi, as you certainly know, on October 2011 an effective attack against XML Encryption has been found by some researcher in Germany [1]. The attack is described in the security advisory CVE-2011-1096 [2] and is basically constructed on specific properties of the cipher-block chaining (CBC) mode. The W3C recommendation [1] for preventing this vulnerability is to choose an encryption mode like AES-GCM, which guarantees confidentiality and integrity and is supported in the xmlenc core spec [3].
From a WS-SecurityPolicy point of view, though, using a GCM algorithm is not that straightforward, as there's no Algorithm Suite already defined for that [4] (only AES-CBC 128/192/256). As a consequence, there's no standard / vendor neutral way of specifying such policy requirements in wsdl contracts.
Hence the question, can the TC please evaluate adding new algorithm suites covering the AES-GCM algorithms?
As an example of what would be needed, please have a look at [5] and [6]: Apache CXF implementation has defined its own AlgorithmSuite policies (in different namespace) "Basic1268GCM", "Basic192GCM" and "Basic256GCM" that work the same as the standard Basic128/192/256 ones except they GCM instead of CBC. That of course works, but is not standard.
I'm cc-ing Juraj Somorovsky, who is part of the researcher team that found the vulnerability, and Colm O hEigeartaigh, who worked on the Apache CXF / WSS4J / Santuario implementation.
Thanks
[1] http://www.w3.org/QA/2011/10/some_notes_on_the_recent_xml_e.html [2] https://bugzilla.redhat.com/show_bug.cgi?id=681916 [3] http://www.w3.org/TR/xmlenc-core1/#sec-AES-GCM [4] http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.3/os/ws-securitypolicy-1.3-spec-os.html#_Toc212617835 [5] http://cxf.apache.org/note-on-cve-2011-1096.html [6] http://coheigea.blogspot.ie/2012/04/note-on-cve-2011-1096.html
-- Alessio Soldano Web Service Lead, JBoss
--- Mark Little
JBoss, by Red Hat Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod Street, Windsor, Berkshire, SI4 1TE, United Kingdom. Registered in UK and Wales under Company Registration No. 3798903 Directors: Michael Cunningham (USA), Charlie Peters (USA), Matt Parsons (USA) and Brendan Lane (Ireland).
|