How to Break XML Encryption - Automatically

Presented at Black Hat Europe 2015, Unknown date/time (Unknown duration).

In recent years, XML Encryption has become a target of several new attacks. These attacks belong to the family of adaptive chosen-ciphertext attacks, and allow an adversary to decrypt symmetric and asymmetric XML ciphertexts, without knowing the secret keys. In order to protect XML Encryption implementations, the World Wide Web Consortium (W3C) published an updated version of the standard. Unfortunately, most of the current XML Encryption implementations do not support the newest XML Encryption specification and offer different XML Security configurations to protect confidentiality of the exchanged messages. Resulting from the attack complexity, evaluation of the security configuration correctness becomes tedious and error prone. Validation of the applied countermeasures can only be made with numerous XML messages provoking incorrect behavior by decrypting XML content. Up to now, this validation was only manually possible. In this talk, we give an overview on the analysis of chosen-ciphertext attacks on XML Encryption and design an algorithm to perform a vulnerability scan on arbitrary encrypted XML messages. The algorithm can automatically detect a vulnerability and exploit it to retrieve the plaintext of a message protected by XML Encryption. To assess practicability of our approach, we implemented an open source attack plugin for Web Service attacking tool called WS-Attacker. With the plugin, we discovered new vulnerabilities in four out of five analyzed Web Service implementations, including IBM Datapower or Apache CXF.


Presenters:

  • Juraj Somorovsky - 3curity / Ruhr University Bochum
    Juraj Somorovsky finished his PhD in the area of XML Security in 2013. In his thesis, "On the Insecurity of XML Security" he analyzes various cryptographic attacks on Web Services and presents practical countermeasures against these attacks. He has presented his work at many scientific and industry conferences, including Usenix Security or OWASP Germany. Currently, he works as a Postdoc at the Ruhr University Bochum, and as a security specialist for his co-founded company 3curity GmbH.

Links:

Similar Presentations: