Analysis of Signature Wrapping Attacks and Countermeasures

被引:14
|
作者
Gajek, Sebastian [1 ]
Jensen, Meiko [1 ]
Liao, Lijun [1 ]
Schwenk, Joerg [1 ]
机构
[1] Ruhr Univ Bochum, Horst Gortz Inst IT Secur, Bochum, Germany
来源
2009 IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES, VOLS 1 AND 2 | 2009年
关键词
D O I
10.1109/ICWS.2009.12
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In recent research it turned out that Boolean verification of digital signatures in the context of WS-Security is likely to fail: If parts of a SOAP message are signed and the signature verification applied to the whole document returns true, then nevertheless the document may have been significantly altered. In this paper, we provide a detailed analysis on the possible scenarios that enable these signature wrapping attacks. Derived from this analysis, we propose a new solution that uses a subset of XPath instead of ID attributes to point to the signed subtree, and show that this solution is both efficient and secure.
引用
收藏
页码:575 / 582
页数:8
相关论文
共 50 条
  • [31] Attacks and countermeasures in the internet of vehicles
    Sun, Yunchuan
    Wu, Lei
    Wu, Shizhong
    Li, Shoupeng
    Zhang, Tao
    Zhang, Li
    Xu, Junfeng
    Xiong, Yongping
    Cui, Xuegang
    [J]. ANNALS OF TELECOMMUNICATIONS, 2017, 72 (5-6) : 283 - 295
  • [32] SIDE CHANNEL ATTACKS AND COUNTERMEASURES
    [J]. China Communications, 2015, (06) : 6 - 7
  • [33] Overview of SIP Attacks and Countermeasures
    El-moussa, Fadi
    Mudhar, Parmindher
    Jones, Andy
    [J]. INFORMATION SECURITY AND DIGITAL FORENSICS, 2010, 41 : 82 - +
  • [34] DDoS Attacks and Countermeasures in Cyberspace
    Zeb, Khan
    Baig, Owais
    Asif, Muhammad Kamran
    [J]. 2015 2ND WORLD SYMPOSIUM ON WEB APPLICATIONS AND NETWORKING (WSWAN), 2015,
  • [35] Securing MAODV: Attacks and countermeasures
    Roy, S
    Addada, VG
    Setia, S
    Jajodia, S
    [J]. 2005 SECOND ANNUAL IEEE COMMUNICATIONS SOCIETY CONFERENCE ON SENSOR AND AD HOC COMMUNICATIONS AND NETWORKS, 2005, : 521 - 532
  • [36] Attacks and countermeasures in the internet of vehicles
    Yunchuan Sun
    Lei Wu
    Shizhong Wu
    Shoupeng Li
    Tao Zhang
    Li Zhang
    Junfeng Xu
    Yongping Xiong
    Xuegang Cui
    [J]. Annals of Telecommunications, 2017, 72 : 283 - 295
  • [37] Attacks and Countermeasures on AES and ECC
    Tange, Henrik
    Andersen, Birger
    [J]. 2013 16TH INTERNATIONAL SYMPOSIUM ON WIRELESS PERSONAL MULTIMEDIA COMMUNICATIONS (WPMC), 2013,
  • [38] Countermeasures to Replay Attacks: A Review
    Singh, Madhusudan
    Pati, Debadatta
    [J]. IETE TECHNICAL REVIEW, 2020, 37 (06) : 599 - 614
  • [39] Survey of Attacks and Countermeasures for SDN
    BAI Jiasong
    ZHANG Menghao
    BI Jun
    [J]. ZTE Communications, 2018, 16 (04) : 3 - 8
  • [40] Hardware Covert Attacks and Countermeasures
    Phukan, Jahnabi
    Li, Kin Fun
    Gebali, Fayez
    [J]. IEEE 30TH INTERNATIONAL CONFERENCE ON ADVANCED INFORMATION NETWORKING AND APPLICATIONS IEEE AINA 2016, 2016, : 1051 - 1054
12345