Analysis of signature wrapping attacks and countermeasures

Sebastian Gajek*, Meiko Jensen, Lijun Liao, Jörg Schwenk

*Kontaktforfatter for dette arbejde

Publikation: Kapitel i bog/rapport/konference-proceedingKonferencebidrag i proceedingsForskningpeer review


In recent research it turned out that Boolean verification, of digital signatures in the context of WSSecurity, is likely to fail: If parts of a SOAP message, are signed and the signature verification applied to, the whole document returns true, then nevertheless the, document may have been significantly altered., In this paper, we provide a detailed analysis on the, possible scenarios that enable these signature wrapping, attacks. Derived from this analysis, we propose, a new solution that uses a subset of XPath instead of, ID attributes to point to the signed subtree, and show, that this solution is both efficient and secure.

Titel2009 IEEE International Conference on Web Services, ICWS 2009
Antal sider8
Publikationsdato19. nov. 2009
ISBN (Trykt)9780769537092
StatusUdgivet - 19. nov. 2009


Dyk ned i forskningsemnerne om 'Analysis of signature wrapping attacks and countermeasures'. Sammen danner de et unikt fingeraftryk.