Hack Proofing XML

Overview

XML is quickly becoming the universal protocol for transferring information from site to site via HTTP. Whereas HTML will continue to be the language for displaying documents on the Internet, developers will find new and interesting ways to harness the power of XML to transmit, exchange, and manipulate data using XML. Validation of the XML document and of the messages going to that document is the first line of defense in hack proofing XML. The same properties that make XML a powerful language for defining data ...
See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (23) from $1.99   
  • New (10) from $9.94   
  • Used (13) from $1.99   
Close
Sort by
Page 1 of 1
Showing 1 – 9 of 10
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$9.94
Seller since 2006

Feedback rating:

(58)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
PAPERBACK New 1931836507 Brand new soft cover book. ***NO CD*** Soft cover books may show light shelf wear. Item ships within 24 hours with Free Tracking. Please ask about ... Expedited shipping. Read more Show Less

Ships from: Foley, AL

Usually ships in 1-2 business days

  • Canadian
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$9.94
Seller since 2006

Feedback rating:

(58)

Condition: New
PAPERBACK New 1931836507. Brand new soft cover book. Book may have shelf wear, due to handling. Book may have remainder mark on it. Book ships within 24 hrs with free Tracking. ... Please ask about Expedited shipping. Read more Show Less

Ships from: Foley, AL

Usually ships in 1-2 business days

  • Canadian
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$9.94
Seller since 2006

Feedback rating:

(58)

Condition: New
PAPERBACK New 1931836507. Brand new soft cover book. Book may have shelf wear, due to handling. Book may have remainder mark on it. Book ships within 24 hrs with free Tracking. ... Please ask about Expedited shipping. Read more Show Less

Ships from: Foley, AL

Usually ships in 1-2 business days

  • Canadian
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$9.94
Seller since 2006

Feedback rating:

(58)

Condition: New
PAPERBACK New 1931836507. Brand new soft cover book. Book may have shelf wear, due to handling. Book may have remainder mark on it. Book ships within 24 hrs with free Tracking. ... Please ask about Expedited shipping. Read more Show Less

Ships from: Foley, AL

Usually ships in 1-2 business days

  • Canadian
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$9.94
Seller since 2006

Feedback rating:

(58)

Condition: New
PAPERBACK New 1931836507. New, Unused, Soft-cover Book with minor cover wear and/or page damage (cut, tear or bend/crease typically). ***CD-ROM NOT INCLUDED*** Book may have ... remainder mark on it. Does NOT affect book content! Items ship within 24 hours with FREE tracking. Read more Show Less

Ships from: Foley, AL

Usually ships in 1-2 business days

  • Canadian
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$23.44
Seller since 2014

Feedback rating:

(0)

Condition: New
2002 Paperback New *****PLEASE NOTE: This item is shipping from an authorized seller in Europe. In the event that a return is necessary, you will be able to return your item ... within the US. To learn more about our European sellers and policies see the BookQuest FAQ section***** Read more Show Less

Ships from: SHEFFIELD, United Kingdom

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$38.13
Seller since 2014

Feedback rating:

(273)

Condition: New
Brand New Item.

Ships from: Chatham, NJ

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$50.00
Seller since 2014

Feedback rating:

(164)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
$50.00
Seller since 2014

Feedback rating:

(164)

Condition: New
Brand new.

Ships from: acton, MA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
Page 1 of 1
Showing 1 – 9 of 10
Close
Sort by
Sending request ...

Overview

XML is quickly becoming the universal protocol for transferring information from site to site via HTTP. Whereas HTML will continue to be the language for displaying documents on the Internet, developers will find new and interesting ways to harness the power of XML to transmit, exchange, and manipulate data using XML. Validation of the XML document and of the messages going to that document is the first line of defense in hack proofing XML. The same properties that make XML a powerful language for defining data across systems make it vulnerable to attacks. More important, since many firewalls will pass XML data without filtering, a poorly constructed and invalidated document can constitute a serious system-level vulnerability. Hack Proofing® XML will show you the ins and outs of XML and .NET security.

About the Authors:
Curtis Franklin, Jr. is President and Editorial Director of CF2 Group. CF2 Group is a technology assessment and communications firm headquartered in Gainesville, FL. Curtis is the Founder of two major industry testing labs, the BYTE Testing Lab and Client/Server Labs. He has published over 1,400 articles in his career, and has led performance and technology assessment projects for clients including IBM, Intel, Microsoft, and H-P.

Dr. Everett F. (Skip) Carter, Jr. is President of Taygeta Network Security Services (a division of Taygeta Scientific Inc.). He is also CEO/CTO of CaphNet, Inc. Skip holds both a Ph.D. and master’s in Applied Physics from Harvard University. Skip has authored several articles for Dr. Dobb’s Journal, and Computer Language magazines as well a numerous scientific articles and is a past columnist for Forth Dimensions magazine.

'ken'@FTU has helped suppliers to conduct B2B XML transactions with large e-commerce portals including Ariba, as well as others. He is also credited with discovering security vulnerabilities in software products by major vendors such as Microsoft and IBM. Currently he works at a bank doing technical auditing and penetrating testing of their networks, systems and applications.

Larry Loeb is the Principal of pbc enterprises in Wallingford, CT, a consulting firm specializing in IT matters. He has been a Consulting Editor for BYTE magazine, Contributing Editor for Circuit Cellar Ink, Senior Editor for WebWeek, Editor of the Macintosh Exchange on BIX, and a columnist for ITworld. He currently writes a monthly column for IBM’s online developer Works.

Read More Show Less

Product Details

  • ISBN-13: 9781931836500
  • Publisher: Syngress Publishing
  • Publication date: 7/1/1902
  • Edition description: with CDROM
  • Pages: 377
  • Product dimensions: 7.44 (w) x 9.22 (h) x 0.90 (d)

Read an Excerpt

Encryption Methods

There are various algorithms and techniques to perform encryption. Let’s take a look at a few of them.

AES

Advanced Encryption Standard (AES) is also known as Rijndael. It is the choice of the U.S. federal government for information processing to protect sensitive (read: classified) information. The government chose AES for the following reasons: security, performance, efficiency, ease of implementation, and flexibility. It is also unencumbered by patents that might limit its use. The government agency responsible for the choice calls it a "very good performer in both hardware and software across a wide range of computing environments".

In 1997, as the fall of DES loomed ominously closer (challenges to crack DES were becoming common and were indeed cracking it faster than anyone had previously thought possible), the National Institute for Standards and Technology (NIST) announced the search for AES, the successor to DES. Once the search began, most of the big-name cryptography players submitted their own AES candidates. Among the requirements of AES candidates were:

  • AES would be a private key symmetric block cipher (similar to DES).
  • AES needed to be stronger and faster then 3-DES.
  • AES required a life expectancy of at least 20 to 30 years.
  • AES would support key sizes of 128 bits, 192 bits, and 256 bits.
  • AES would be available to all—royalty free, nonproprietary, and unpatented.

Within months, NIST had a total of 15 different entries, six of which were rejected almost immediately on grounds that they were considered incomplete. By 1999, NIST had narrowed the candidates down to five finalists: MARS, RC6, Rijndael, Serpent,and Twofish.

Selecting the winner took approximately another year because each of the candidates needed to be tested to determine how well it performed in a variety of environments. After all, applications of AES would range anywhere from portable smart cards to standard 32-bit desktop computers and high-end optimized 64-bit computers. Since all the finalists were highly secure, the primary deciding factors were speed and ease of implementation (which in this case meant memory footprint).

Rijndael was ultimately announced as the winner in October 2000 because of its high performance in both hardware and software implementations and its small memory requirement. The Rijndael algorithm, developed by Belgian cryptographers Dr. Joan Daemen and Dr. Vincent Rijmen, also seems resistant to power- and timing-based attacks.

So how does AES/Rijndael work? Instead of using Feistel cycles in each round, as DES does, AES/Rijndael uses iterative rounds like IDEA (discussed in the next section). Data is operated on in 128-bit chunks, which are grouped into four groups of 4 bytes each. The number of rounds is also dependent on the key size, such that 128-bit keys have 9 rounds, 192-bit keys have 11 rounds, and 256-bit keys require 13 rounds. Each round consists of a substitution step of one S-box per data bit followed by a pseudo-permutation step in which bits are shuffled between groups. Then each group is multiplied out in a matrix fashion and the results are added to the subkey for that round.

How much faster is AES than 3-DES (discussed in the following section)? It’s difficult to say, because implementation speed varies widely depending on the type of processor performing the encryption and whether or not the encryption is being performed in software or running on hardware specifically designed for encryption. However, in similar implementations, AES is always faster than its 3-DES counterpart. One test performed by Brian Gladman has shown that on a Pentium Pro 200 with optimized code written in C, AES/Rijndael can encrypt and decrypt at an average speed of 70.2Mbps, versus DES’s speed of only 28Mbps. You can read his other results at fp.gladman.plus.com/cryptography_technology/aes.

DES and 3-DES

One of the oldest and most famous encryption algorithms is the Data Encryption Standard (DES), which was developed by IBM and was the U.S. government standard from 1976 until about 2001. The algorithm at the time was considered unbreakable and therefore was subject to export restrictions and then subsequently adapted by the U.S. Department of Defense. Today companies that use the algorithm apply it three times over the same text, hence the name 3-DES.

DES was based significantly on the Lucifer algorithm invented by Horst Feistel, which never saw widespread use. Essentially, DES uses a single 64-bit key—56 bits of data and 8 bits of parity—and operates on data in 64-bit chunks. This key is broken into 16 separate 48-bit subkeys, one for each round, which are called Feistel cycles. Figure 6.1 gives a schematic of how the DES encryption algorithm operates.

Figure 6.1 Diagram of the DES Encryption Algorithm

Each round consists of a substitution phase, wherein the data is substituted with pieces of the key, and a permutation phase, wherein the substituted data is scrambled (reordered). Substitution operations, sometimes referred to as confusion operations, are said to occur within S-boxes. Similarly, permutation operations, sometimes called diffusion operations, are said to occur in P-boxes. Both of these operations occur in the F module of the diagram. The security of DES lies mainly in the fact that since the substitution operations are nonlinear, the resulting cipher text in no way resembles the original message. Thus, language-based analysis techniques (discussed later in this chapter) used against the cipher text reveal nothing. The permutation operations add another layer of security by scrambling the already partially encrypted message.

SECURITY ALERT

How can symmetric algorithms such as DES be made more secure? Theoretically, there are two ways: either the key length needs to be increased or the number of rounds in the encryption process needs to be increased. Both of these solutions tend to increase the processing power required to encrypt and decrypt data and slow the encryption/decryption speed because of the increased number of mathematical operations required. Examples of modified DES include 3-DES (a.k.a. Triple DES) and DESX. Triple DES uses three separate 56-bit DES keys as a single 168-bit key, though sometimes Keys 1 and 3 are identical, yielding 112-bit security. DESX adds an additional 64 bits of key data. Both 3-DES and DESX are intended to strengthen DES against brute-force attacks.

Every five years from 1976 until 2001, NIST reaffirmed DES as the encryption standard for the U.S. government. However, by the 1990s the aging algorithm had begun to show signs that it was nearing its end of life. New techniques that identified a shortcut method of attacking the DES cipher, such as differential cryptanalysis, were proposed as early as 1990, though it was still computationally unfeasible to do so.

Significant design flaws such as the short 56-bit key length also affected the longevity of the DES cipher. Shorter keys are more vulnerable to brute-force attacks. Although Whitfield Diffie and Martin Hellman were the first to criticize this short key length, even going so far as to declare in 1979 that DES would be useless within 10 years, DES was not publicly broken by a brute-force attack until 1997.

The first successful brute-force attack against DES took a large network of machines over four months to accomplish. Less than a year later, in 1998, the Electronic Frontier Foundation (EFF) cracked DES in less than three days using a computer specially designed for cracking DES. This computer, code-named Deep Crack, cost less than $250,000 to design and build. The record for cracking DES stands at just over 22 hours and is held by Distributed.net, which employed a massively parallel network of thousands of systems (including Deep Crack). Add to this the fact that Bruce Schneier has theorized that a machine capable of breaking DES in about six minutes could be built for a mere $10 million. Clearly, NIST needed to phase out DES in favor of a new algorithm.

RSA and RC4

In the year following the Diffie-Hellman proposal, Ron Rivest, Adi Shamir, and Leonard Adleman proposed another public key encryption system. Their proposal is now known as the Rivest-Shamir-Adleman (RSA) algorithm, based on the last names of the researchers. It was developed in 1977 and is normally used for either digitally signing a message and/or general encryption. RSA shares many similarities with the Diffie-Hellman algorithm in that RSA is also based on multiplying and factoring large integers. However, RSA is significantly faster than Diffie-Hellman, leading to a split in the asymmetric cryptography field that refers to Diffie-Hellman and similar algorithms as public key distribution systems (PKDS) and RSA and similar algorithms as public key encryption (PKE). PKDS systems are used as session-key exchange mechanisms; PKE systems are generally considered fast enough to encrypt reasonably small messages. However, PKE systems such as RSA are not considered fast enough to encrypt large amounts of data such as entire file systems or high-speed communications lines.

NOTE

RSA, Diffie-Hellman, and other asymmetric algorithms use much larger keys than their symmetric counterparts. Common key sizes include 1024 bits and 2048 bits; the keys need to be that large because factoring, although still a difficult operation, is much easier to perform than the exhaustive key search approach used with symmetric algorithms. The relative slowness of PKE systems is also due in part to these larger key sizes. Since most computers can handle only 32 bits of precision, different "tricks" are required to emulate the 1024-bit and 2048-bit integers. However, the additional processing time is somewhat justified, since for security purposes 2048-bit keys are considered to be secure "forever"—barring any exponential breakthroughs in mathematical factoring algorithms, of course. Because of the former patent restrictions on RSA, the algorithm saw only limited deployment, primarily from products by RSA Security, until the mid-1990s. Now you are likely to encounter many programs that make extensive use of RSA, such as Pretty Good Privacy (PGP) and Secure Shell (SSH). The RSA algorithm has been in the public domain since RSA Security placed it there two weeks before the patent expired in September 2000. Thus the RSA algorithm is now freely available for use by anyone, for any purpose. RC4 is stream cipher originally used exclusively by RSA. The algorithm was not patented and kept a trade secret until it was posted anonymously to the Internet in 1994. One rumor has it that the U.S. Government believed the algorithm was too good to be made public, so RSA could not patent RC4. Another rumor proposed the possibility that the laws dealing with cryptology and exportation made patenting RC4 too much of a hassle.

Stream and Block Ciphers

A cipher involves a process of taking plain text and scrambling it. Ciphers do not operate based on the content of what needs to be scrambled. Rather, it operates on each specific bit, regardless of the content or context. A given number of bits taken together constitute and define a block. A block cipher, therefore, is designed to operate on a specific number of bits at a time. In contrast to this is a stream cipher, which works by scrambling individual elements.

Key Management Schemes

The ability to exchange the key by which two parties will scramble their clear text is essential to the security of the document. We will look at a few methods by which two parties coordinate how they will encrypt and decrypt the data they transfer. Without proper key management schemes, third parties could both read and alter confidential information without the sender and recipient knowing.

Public and Private Keys

Until the 1970s, there was only one way to encrypt and decrypt messages. Each party needed the same secret key to create and unlock the cipher text. This system was quite cumbersome. Consider this: If you are one side of the country (or the world, for that matter) and I am on the other, how would we make sure that we can share the secret key without another party discovering it? Should someone get their hands on our single key, that party would have just as much control over the message as we did.

Diffie-Hellman changed that. This system splits the key into a pair. With this idea, we can exchange half of our key (the public one) and use that to encrypt our message. Since we keep the other half secret, no one can decrypt the message.

Key Agreement: Diffie-Hellman

Without going into the mathematics, Diffie-Hellman allows parties to create and share a private key from a public one. Unfortunately, it is vulnerable to a man-in-the-middle attack. In 1992, Diffie worked with van Oorschot and Wiener to combine the authentication mechanisms in public and private keys to withstand man-in-the-middle attacks. Ultimately, it is the private key from the public/private key pair that allows you to sign messages that allow Diffie-Hellman to withstand the attack.

As mentioned earlier in the chapter, in 1976, after voicing their disapproval of DES and the difficulty in handling secret keys, Whitfield Diffie and Martin Hellman published the Diffie-Hellman algorithm for key exchange. This was the first published use of public key cryptography and arguably one of the cryptography field’s greatest advances. Because of the inherent slowness of asymmetric cryptography, the Diffie-Hellman algorithm was not intended for use as a general encryption scheme—rather, its purpose was to transmit a private key for DES (or some similar symmetric algorithm) across an insecure medium. In most cases, Diffie-Hellman is not used for encrypting a complete message because it is 10 to 1000 times slower than DES, depending on implementation.

Prior to publication of the Diffie-Hellman algorithm, it was quite painful to share encrypted information with others because of the inherent key storage and transmission problems (as discussed later in this chapter). Most wire transmissions were insecure, since a message could travel between dozens of systems before reaching the intended recipient and any number of snoops along the way could uncover the key. With the Diffie-Hellman algorithm, the DES secret key (sent along with a DES-encrypted payload message) could be encrypted via Diffie-Hellman by one party and decrypted only by the intended recipient.

In practice, this is how a key exchange using Diffie-Hellman works:

  • The two parties agree on two numbers; one is a large prime number, the other is an integer smaller than the prime. They can do this in the open and it doesn’t affect security.
  • Each of the two parties separately generates another number, which they keep secret. This number is equivalent to a private key. A calculation is made involving the private key and the previous two public numbers. The result is sent to the other party. This result is effectively a public key.
  • The two parties exchange their public keys. They then privately perform a calculation involving their own private key and the other party’s public key. The resulting number is the session key. Each party will arrive at the same number.
  • The session key can be used as a secret key for another cipher, such as DES. No third party monitoring the exchange can arrive at the same session key without knowing one of the private keys.

The most difficult part of the Diffie-Hellman key exchange to understand is that two separate and independent encryption cycles are happening. As far as Diffie-Hellman is concerned, only a small message is being transferred between the sender and the recipient. It just so happens that this small message is the secret key needed to unlock the larger message.

Diffie-Hellman’s greatest strength is that anyone can know either or both of the sender and recipient’s public keys without compromising the security of the message. Both the public and private keys are actually just very large integers. The Diffie-Hellman algorithm takes advantage of complex mathematical functions known as discrete logarithms, which are easy to perform forward but extremely difficult to find inverses for. Even though the patent on Diffie-Hellman has been expired for several years now, the algorithm is still in wide use, most notably in the Internet Protocol Security (IPSec) protocol. IPSec uses the Diffie-Hellman algorithm in conjunction with RSA authentication to exchange a session key that is used for encrypting all traffic that crosses the IPSec tunnel.

Read More Show Less

Table of Contents

Chapter 1   The Zen of Hack Proofing
Chapter 2 Classes of Attack
Chapter 3 Reviewing the Fundamentals of XML
Chapter 4 Document Type: The Validation Gateway
Chapter 5 XML Digital Signatures
Chapter 6 Encryption in XML
Chapter 7 Role-Based Access Control
Chapter 8 Understanding .NET and XML Security
Chapter 9 Reporting Security Problems
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)