XML Security Suite: Increasing the Security of E-Business

Listing 10. custorder.xml

  

    

      Turnip Twaddler

      3

      9.95

    

    

      Snipe Curdler

      1

      19.95

    

  

  

    Doug Tidwell

    1234 Main Street

    Raleigh

    11111

  

  

    American Express

    1234 567890 12345

    

  

There are three sections to the document, an element that lists all the items ordered by the customer, a element that contains information about the customer, and a element that describes the credit card used to pay for this order. (Note to apprentice cyberthieves: The information above is not, in fact, my credit card number. If you are able to purchase goods and services using this information, please let me know.)

When early Internet users were reluctant to use credit cards to shop online, many e-business proponents pointed out that all credit card purchases have a level of risk. I commonly give my credit card to a waiter in a restaurant; I trust that my card won't be used for anything other than the meal I've just eaten. Likewise, when I buy something online, I'm trusting the merchant not to use my credit card for unauthorized purchases.

With the element-level encryption feature of the XML Security Suite, you could encrypt the sensitive information so that even the merchant couldn't see it. The merchant would pass the encrypted information on to the credit card processing agency, which would have the proper keys to decrypt the sensitive information. This would enable a greater level of security than the typical transactions of today.

To demonstrate element-level encryption, I've slightly modified the CipherTest.java file that ships with the XML Security Suite. (Here is the source for the modified file.) I'll review the changes I made, then illustrate how element-level encryption works.

The first change I made to CipherTest.java was to import the OpenJCE libraries, then define the ABAProvider class as a cryptography provider:

Listing 11. CipherTest.java change (import OpenJCE libraries)

import au.net.aba.crypto.*;

import au.net.aba.crypto.provider.*;

import au.net.aba.crypto.spec.*;

...

public class CipherTest {

  public static void main(String[] args) {

    if (args.length < 3) {

      System.err.println("Usage: CipherTest -e|-d passphrase infile outfile");

      return;

    }

        

    java.security.Security.

         addProvider(new au.net.aba.crypto.provider.ABAProvider());

Instead of calling the java.security.Security.addProvider method, you could modify the java.security file (in JavaHome/lib/security), replacing this line:

"security.provider.1=sun.security.provider.Sun"

with this one:

"security.provider.1=au.net.aba.crypto.provider.ABAProvider"

The only other change is to modify the code so that it will encrypt any elements:

Listing 12. CipherTest.java change (encrypt elements)

if (n.getNodeType() == Node.ELEMENT_NODE) {

    //System.out.println(((Element)n).getTagName());

    if ((ne != null && 

        ((Element)n).getTagName().equals("credit_payment"))

        || 

        (nd != null && 

        ((Element)n).getTagName().equals("EncryptedElement"))) {

        child = n;

        break;

To illustrate this function, run CipherTest against the original XML file. The CipherTest application uses a password on the command line:

Listing 13. CipherTest application

java CipherTest -e security custorder.xml encrypted-custorder.xml

This creates the file

encrypted-custorder.xml

Listing 14. encrypted-custorder.xml

  

    

      Turnip Twaddler

      3

      9.95

    

    

      Snipe Curdler

      1

      19.95

    

  

  

    Doug Tidwell

    1234 Main Street

    Raleigh

    11111

  

  vJqNpDrQT1vmCVbyGJfIwdIDBYoGXGmutgz6TVGoPuKVG7I

  xNEN50iKw8pmtxFixz5hOChOXgTtPqktQhEHO5+vLOLAFgIioDIRQGHHmHng3CLd+8tvrT8wxPBCRSMUpx4

  d2TGXW2tqSepam0ZxdmwUXwNSAgaR8hmiromD+bh+tDomPv7eFZ4no5ft3JG3t0trLlwVupF/5vaIJimUSm

  uUkkgyG8x9AcS/kXJxHpmM=peqGzIMf+8A=

In the encrypted XML document, the element is replaced by an element. Nothing in the document indicates how many elements are encrypted, the names of the encrypted elements, or the structure or sequence of those elements. To preserve the security of the encrypted document, we don't use a declaration in our source document. The encrypted document wouldn't follow the DTD, and including any reference to it would indicate the structure of the encrypted elements. If you do encrypt an XML document with a declaration, the decryption process won't work. (The error message you'll get won't help you much; it'll say, java.lang.NullPointerException at CipherTest.main(CipherTest.java:83), or something equally useless.)

To restore the original document, use the -d (decrypt) option instead of the -e (encrypt) option. Be sure the password you use is the same.

Listing 15. CipherTest application (-d option)

java CipherTest -d security encrypted-custorder.xml restored-custorder.xml

This restores the encrypted file to its original state. Be aware that element-level encryption uses Canonical XML, so the restored file may not have the exact same syntax as the original. Any differences that do appear will not be semantically significant, however.

 |