Download chapter 9: 'Securing Web Services'
Excerpted from the book "Building Web Services with Java: Making Sense of XML, SOAP, WSDL, and UDDI, 2nd Edition," ISBN 0672326418, Copyright 2004. Written permission from SAMS Publishing is required for all other uses. Copyright © 2005 SAMS. All rights reserved.
CryptographyCryptography technologies provide a basis for protecting messages exchanged between trading partners. Confidentiality and integrity can be ensured with encryption and digital signature technologies, respectively.These cryptography technologies can be categorized into two types in terms of an orthogonal dimension: symmetric and asymmetric keys.Table 9.1 shows four categories based on the two dimensions; the table classifies widely used algorithms.The following subsections review each category in more detail.
Symmetric encryption requires that you use the same key for encryption and decryption. For example, assume that Alice wants to send data to Bob. According to standard cryptography terminology, the original data is called plaintext and the encrypted data is called ciphertext. As shown in Figure 9.1, Alice encrypts the plaintext with a key to send it to Bob, and Bob decrypts the ciphertext with the same key to extract the plaintext. Because the same keys are used at the both endpoints, this kind of encryptions is referred to as symmetric, and the keys used are often called symmetric keys.
This category of encryption includes Triple DES (3DES), which is a minor variation of the Data Encryption Standard (DES) developed by an IBM team 30 years ago; and the Advanced Encryption Standard (AES), which has been proposed as a replacement for 3DES by the National Institute of Standards and Technology (NIST). RC4, which was designed at RSA Laboratories by Ron Rivest in 1987, is also widely used with SSL.
Asymmetric encryption allows you to make your encryption key public and thus simplifies key distribution.Two different keys are used: a public key and a private key. Assume that Bob has a pair of private and public keys, and he only publishes the public key. Alice encrypts her plaintext with the public key to send it to Bob, and Bob decrypts the ciphertext with his private key (see Figure 9.2).
Unlike symmetric encryption schema, different keys are used at the endpoints.The keys are called asymmetric keys, reflecting their asymmetric nature. An example of an algorithm in this category is RSAES-PKCS1-v1_5 (RSA-15), which is specified in RFC 2437.
Message Authentication Code
Although the next category of security technology is symmetric digital signature, it's called Message Authentication Code (MAC) in cryptography terminology. It relies on mathematical algorithms known as hashing functions to ensure data integrity.A hashing function takes data as input and produces smaller data called a digest as output. If the original data changes even slightly, the digest is different. MAC is an extension of this idea: A digest is created with a key in addition to the input data. Such an extension is necessary because an attacker could otherwise capture both the data and the digest, and then tamper with the data and construct a new digest. As shown in Figure 9.3, MAC requires the same key at both ends; hence Bob can check the integrity of Alice's data with the key.
Keyed-Hashing for Message Authentication Code (HMAC) is an example of MAC. HMAC must be combined with hashing functions such as MD5 and SHA-1.Therefore, the algorithm names are HMAC-SHA1, HMAC-MD5, and so on, as listed in Table 9.1.
The asymmetric digital signature technology is referred to as digital signature.As shown in Figure 9.4, Alice signs the plaintext with her private key. Signing here means creating a signature value that's sent with the original plaintext. Bob can verify the integrity of the incoming message by generating the signature value from the plaintext with Alice's public key; he can compare this value with the signature value that accompanies the incoming plaintext.
Like MAC algorithms, digital signature algorithms are also combined with hashing functions such as SHA-1.Table 9.1 shows an example: in RSA-SHA1, a digest is calculated with SHA-1, and a signature value on the digest is created with a private key.
You can use the digital signature technology to ensure nonrepudiation as well as integrity. In Figure 9.4, Bob can make sure that the incoming plaintext is signed by Alice, because he uses Alice's public key. However, how can he know that Alice is the holder of the public key? Public Key Infrastructure (PKI) provides a solution: An authority issues digital certificates, each of which binds a party to a public key. PKI and X.509 digital certificates are reviewed later in this chapter.
Asymmetric Versus Symmetric Technologies
Asymmetric keys may seem more useful than symmetric ones because the former can solve the issue of key distribution—symmetric keys must be transmitted and managed carefully so that attackers can't steal them. However, asymmetric keys have some limitations. One of their practical problems is performance.Asymmetric operations with private keys (decryption and signing) are a great deal slower than symmetric key operations. Even asymmetric public key operations such as encryption and signature verification are much slower than symmetric key operations. Based on such performance characteristics, it's best to combine asymmetric and symmetric key operations to take advantage of both benefits.
Chapter 9: 'Securing Web Services'
Visit the SAMS Publishing website for a detailed description and to learn how to purchase this title.
This was first published in March 2006