xml-dev - Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a

Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a

[ Lists Home | Date Index | Thread Index ]

To: "Seairth Jacobs" <seairth@seairth.com>, <xml-dev@lists.xml.org>
Subject: Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a trap!
From: Alaric Snell <alaric@alaric-snell.com>
Date: Thu, 30 May 2002 23:18:11 +0100
In-reply-to: <006e01c20818$812220d0$6800a8c0@seairthlaptop>
References: <200205240339.XAA19934@mail.reutershealth.com> <3CF59E14.4000006@textuality.com> <006e01c20818$812220d0$6800a8c0@seairthlaptop>

On Thursday 30 May 2002 9:28 pm, Seairth Jacobs wrote:
> Okay, maybe I am slow to see what's wrong here, but I don't see what's
> wrong here.  I have questions about the security solution presented, but
> isn't the problem itself legitimate?  If it isn't, would someone be kind
> enough to educate me why a self-describing data file is not an easier
> target for data theft?

If somebody's already managed to somehow foil a trusted server to divulge the 
encrypted information and work around the encryption, then yeah, figuring out 
the meaning of what they've obtained is easier with self-describing data.

However, that change in ease is quite negligible compared to the rest of the 
effort.

If you're transmitting sensitive information without proper precautions so 
that figuring out which bit of it's the credit card information is the main 
problem facing an invader, then there's something terribly terribly wrong.

Not that it's *bad* to put extra obstacles in an attacker's way - but there's 
many orders of magnitude of difference in the difficulty of extracting credit 
card numbers from strange message formats and breaking a cryptosystem.

One angle is that XML documents usually start with a <, and often a <?xml 
verison='1.0'?>, and that kind of information can be used to help break 
cryptosystems. Which is why, if somebody sensible was setting up that system, 
they would encrypt 16 bytes of random numbers followed by the gzipped XML, 
maybe with that 16 bytes of random numbers XORed into the first 16 bytes of 
the file in case the structure of the headers at the start of the gzip stream 
provides a lever into the cryptosystem (albeit at an offset into the stream 
after random data, and if it's a decent cryptosystem setup it'll be feeding 
cyphertext or plaintext back into the later stages anyway).

So to conclude, the underlying data format matters only if your security's 
already lame to start with...

ABS

-- 
                               Alaric B. Snell
 http://www.alaric-snell.com/  http://RFC.net/  http://www.warhead.org.uk/
   Any sufficiently advanced technology can be emulated in software

References:
- Re: [xml-dev] DTDs, W3C Schemas, RELAX NG, Schematron?
  - From: John Cowan <jcowan@reutershealth.com>
- The sky is falling! XML's dirty secret! Go back! It's a trap!
  - From: Tim Bray <tbray@textuality.com>
- Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a trap!
  - From: "Seairth Jacobs" <seairth@seairth.com>

Prev by Date: RE: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a trap!
Next by Date: Re: RE: [xml-dev] The sky is falling! XML's dirty secret! Go back!It's a trap!
Previous by thread: Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It'sa trap!
Next by thread: RE: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a trap!
Index(es):
- Date
- Thread