Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
A “practical attack against XML’s cipher block chaining (CBC) mode” has been demonstrated:
http://www.informationweek.com/news/security/vulnerabilities/231901532
My question is this: Does this affect WCF’s X.509 certificate-based message-level security?
Thanks in advance.
I had posed this very question to MS Support. The Q&A is http://social.msdn.microsoft.com/Forums/en-US/wcf/thread/a1e74f4b-9469-43bb-9e91-4d524bee6ceb. Scroll to the end, where I was able to enlist the support people to specifically answer publicly.
The short answer is NO, the technique described in the paper does NOT affect X.509 certificate-based message-level security.
Indeed, the WCF stack is specifically protected from the attack because it is not possible to Encrypt-Only traffic. The vulnerability affects Encrypt-Only, but does not affect Encrypted-And-Signed. The description at http://msdn.microsoft.com/en-us/library/system.net.security.protectionlevel.aspx describes what MS WCF allows. WCF will not even accept Encrypted-Only traffic.
Though there seeems to be a problem with the base W3C Encryption Spec in not being tight enough, I think the real in-our-face vulnerability is in the Axis2 space – where it is possible to Encrypt-Only.
I do wish MS would let WCF encrypt via the AES-GCM instead of AES-CBC. Given the success of the CBC attack, it does seem like CBC’s days should be numbered in production systems.