I want to apply web service security according to OWASP Web Service Security. Thereby I stumbled over the two points:
- Message Integrity
- Message Confidentiality
So far there is just a RESTful service which can be directly accessed by a client. For each request the client needs to authenticate by the server. All communication is secured via TLS. I'm now unsure about Message Integrity
since I don't understand the sentence:
When using public key cryptography, encryption does guarantee confidentiality but it does not guarantee integrity since the
receiver's public key is public. For the same reason, encryption does
not ensure the identity of the sender.
Is it also required that the data was signed by the client in order that message integrity is ensured? TLS is only point-to-point, what is about proxies?
Concerning Message Confidentiality
, I understood it as follows.
- Use TLS to ensure message confidentiality over the wire.
- Use a symmetric encryption to encrypt the transmitted data.
- The encrypted data get stored in data base.
Did I understand that right?
From the TLS specification:
The primary goal of the TLS Protocol is to provide privacy and data
integrity between two communicating applications. [...]
The connection is private. Symmetric cryptography is used for
data encryption (e.g., DES [DES], RC4 [SCH] etc.). [...]
The connection is reliable. Message transport includes a message
integrity check using a keyed MAC. Secure hash functions (e.g.,
SHA, MD5, etc.) are used for MAC computations. The Record
Protocol can operate without a MAC, but is generally only used in
this mode while another protocol is using the Record Protocol as a
transport for negotiating security parameters.
So, yes, TLS will provide you with integrity and confidentiality of the message during its transport, provided that it was used correctly.
In particular, the client needs to verify the certificate to ensure it is communicating with the right server (verifying that the certificate is genuine and issued by a trusted party, and issued to the host name it intended to contact).
- Use TLS to ensure message confidentiality over the wire.
- Use a symmetric encryption to encrypt the transmitted data.
TLS will provide confidentiality via encryption. (You need to use an appropriate cipher suite, in particular not a anonymous cipher suite or a cipher suite will null encryption, but that's always the case by default.)
- The encrypted data get stored in data base.
If you want to encrypt the data in your database, that's a different problem. TLS only provides you with integrity and confidentiality during transport. Once it's handled by your web application, it's deciphered.
TLS is only point-to-point, what is about proxies?
HTTP proxies only relay the TLS traffic as-is, without looking into it or altering it. (Some proxy servers can intercept the traffic, but the certificate verification would fail, unless you forget to check the certificate.)
Does TLS ensure message integrity and confidentiality of data transmission
Yes.
in a RESTful Java enterprise
Irrelevant. Answer is still yes.
When using public key cryptography, encryption does guarantee confidentiality but it does not guarantee integrity since the receiver's public key is public. For the same reason, encryption does not ensure the identity of the sender.
Irrelevant. TLS isn't public-key cryptography. I really fail to see the point of these remarks in this context, but they're not correct. No form of encryption alone guarantees either integrity or identity: you need additional measures for that; and the key being public is irrelevant to that as well.
Is it also required that the data was signed by the client in order that message integrity is ensured?
No. A secure HMAC will do as well, and TLS uses one of those. TLS does use digital signatures during the authentication phase.
TLS is only point-to-point, what is about proxies?
Proxies are either trusted TLS endpoints of their own or else transparent byte-passing proxies that therefore preserve the properties of TLS between their peers as endpoints.
Concerning Message Confidentiality, I understood it as follows.
Use TLS to ensure message confidentiality over the wire.
Correct.
Use a symmetric encryption to encrypt the transmitted data.
TLS does that.
The encrypted data get stored in data base.
No. The encrypted data gets descrypted by the peer off the wire. The peer can re-encrypt to the database, or the database can do it, but that's a separate issue.