OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   Re: [xml-dev] The sky is falling! XML's dirty secret! Go back! It's a

[ Lists Home | Date Index | Thread Index ]

On Thursday 30 May 2002 9:28 pm, Seairth Jacobs wrote:
> Okay, maybe I am slow to see what's wrong here, but I don't see what's
> wrong here.  I have questions about the security solution presented, but
> isn't the problem itself legitimate?  If it isn't, would someone be kind
> enough to educate me why a self-describing data file is not an easier
> target for data theft?

If somebody's already managed to somehow foil a trusted server to divulge the 
encrypted information and work around the encryption, then yeah, figuring out 
the meaning of what they've obtained is easier with self-describing data.

However, that change in ease is quite negligible compared to the rest of the 

If you're transmitting sensitive information without proper precautions so 
that figuring out which bit of it's the credit card information is the main 
problem facing an invader, then there's something terribly terribly wrong.

Not that it's *bad* to put extra obstacles in an attacker's way - but there's 
many orders of magnitude of difference in the difficulty of extracting credit 
card numbers from strange message formats and breaking a cryptosystem.

One angle is that XML documents usually start with a <, and often a <?xml 
verison='1.0'?>, and that kind of information can be used to help break 
cryptosystems. Which is why, if somebody sensible was setting up that system, 
they would encrypt 16 bytes of random numbers followed by the gzipped XML, 
maybe with that 16 bytes of random numbers XORed into the first 16 bytes of 
the file in case the structure of the headers at the start of the gzip stream 
provides a lever into the cryptosystem (albeit at an offset into the stream 
after random data, and if it's a decent cryptosystem setup it'll be feeding 
cyphertext or plaintext back into the later stages anyway).

So to conclude, the underlying data format matters only if your security's 
already lame to start with...


                               Alaric B. Snell
 http://www.alaric-snell.com/  http://RFC.net/  http://www.warhead.org.uk/
   Any sufficiently advanced technology can be emulated in software  


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS