[OpenSAML] Question related to Sharing same private key

131 views
Skip to first unread message

shri kanth s

unread,
May 3, 2011, 4:28:11 PM5/3/11
to mace-open...@internet2.edu
Hi,

     I just had a question related to signing SAML Messages using OpenSaml.

We are IDP provider and there are several vendors who uses IDP services. When a message is initiated from IDP , IDP signs the message using a private key and the requestor in question validates it using the public key provided to them. When the ServiceProvider posts the SAML message, they will sign using a private key and the IDP/ other Service provider verifies the message usign a public key.

My question relates to

1) Can we use the same keystore at the IDP as well at the service provider end? Which ideally means sharing same private and public key,  What are security implications you can foresee in this scenario?



Thanks,

rangeli nepal

unread,
May 3, 2011, 5:21:26 PM5/3/11
to mace-open...@internet2.edu
I think this will defeat the purpose of asymmetric key encryption.
Just my one penny.
Santos

Brent Putman

unread,
May 4, 2011, 10:44:17 AM5/4/11
to mace-open...@internet2.edu

On 5/3/11 4:28 PM, shri kanth s wrote:
> Hi,
>
> I just had a question related to signing SAML Messages using
> OpenSaml.
>
> We are IDP provider and there are several vendors who uses IDP
> services. When a message is initiated from IDP , IDP signs the message
> using a private key and the requestor in question validates it using
> the public key provided to them. When the ServiceProvider posts the
> SAML message, they will sign using a private key and the IDP/ other
> Service provider verifies the message usign a public key.


Just a technical point, but at least as far as SAML is concerned, SP's
typically don't send messages to other SP's, at least not in the common
and widely used profiles like the Web SSO profile.


>
> My question relates to
>
> 1) Can we use the same keystore at the IDP as well at the service
> provider end?


If you mean literally *can* you, yes. Technologically and
cryptographically it would work. If you mean *should* you do this,
absolutely not. This is especially true if the IdP and SP are not
owned/run by the same organization, which I'd gather is the case since
you imply that vendors are running the SP's.

> Which ideally means sharing same private and public key, What are
> security implications you can foresee in this scenario?


Keypairs are usually associated, one way or another, with a single
owning logical entity. Knowledge of the private key half of a keypair
means that that party can act as the owner of the keypair. In a SAML
context, this means they can issue protocol messages, assertions, etc as
if they are coming from the "real" owner of the keypair. It would allow
the SP for example to impersonate the IdP by issuing Assertions that
appear to come from the IdP. This means you've lost the fundamental
cryptographic properties of signer authentication and non-repudiation.
Also, if multiple SP's are using the same keypair, SP 1 would be able to
decrypt data that was encrypted for SP 2 by the IdP and vice versa.
That means a loss of the cryptographic property of confidentiality.

So no, you should not do this. You can consult any number of books,
references on the Internet, etc on the basics of asymmetric key
cryptography, how it works and the kinds of problems it is intended to
solve.


--Brent

Gina Choi

unread,
May 12, 2011, 2:30:32 PM5/12/11
to mace-open...@internet2.edu, Gina Choi

I am getting SAML response token from ADFS using request:get-parameter("SAMLResponse", "") method. My question here is if parameter name - "SAMLResponse" is standard? Or it can be different depends on identity provider? I try to figure out if it is ok to harcode "SAMLResponse" or make it configurable.

 

Thanks.

 

Gina

 

Brent Putman

unread,
May 12, 2011, 3:12:12 PM5/12/11
to mace-open...@internet2.edu
Something like that is going to be defined by the binding in use. If
it's one of the bindings defined by the SAML specification (which it
probably is), you can see the SAML Bindings spec for all the details[1].
If it's HTTP-POST or HTTP-Redirect DEFLATE, then yes, that is the name
defined by the spec. If you're implementing an SP, you should really
take a look at these specs, though.

Also, OpenSAML makes doing this manual processing unnecessary. We have
components called decoders (and encoders) that handle all of this for you.


1. http://saml.xml.org/saml-specifications

Gina Choi

unread,
May 12, 2011, 6:49:13 PM5/12/11
to mace-open...@internet2.edu, Gina Choi
Hi Brent,

Thanks for your response and link to saml specifications. We are using HTTP
POST binding and as you said, according to the spec, it must use
"SAMLResponse". I have Assertions and Protocols for the OASIS Security
Assertion Markup Language (SAML) V2.0 OASIS Standard, 15 March 2005, but I
don't remember that it mention about form control name.

Thanks again.

Gina

Brent Putman

unread,
May 13, 2011, 12:34:11 AM5/13/11
to mace-open...@internet2.edu
Right, it's not in the Assertions and Protocols document, it's in the
Bindings document. The SAML spec consists of several documents, not
just the Assertions and Protocols one. They are all linked from the
page I earlier sent.
Reply all
Reply to author
Forward
0 new messages