Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Question related to Sharing same private key

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Question related to Sharing same private key


Chronological Thread 
  • From: Brent Putman <>
  • To:
  • Subject: Re: [OpenSAML] Question related to Sharing same private key
  • Date: Wed, 04 May 2011 10:44:17 -0400



On 5/3/11 4:28 PM, shri kanth s wrote:
> Hi,
>
> I just had a question related to signing SAML Messages using
> OpenSaml.
>
> We are IDP provider and there are several vendors who uses IDP
> services. When a message is initiated from IDP , IDP signs the message
> using a private key and the requestor in question validates it using
> the public key provided to them. When the ServiceProvider posts the
> SAML message, they will sign using a private key and the IDP/ other
> Service provider verifies the message usign a public key.


Just a technical point, but at least as far as SAML is concerned, SP's
typically don't send messages to other SP's, at least not in the common
and widely used profiles like the Web SSO profile.


>
> My question relates to
>
> 1) Can we use the same keystore at the IDP as well at the service
> provider end?


If you mean literally *can* you, yes. Technologically and
cryptographically it would work. If you mean *should* you do this,
absolutely not. This is especially true if the IdP and SP are not
owned/run by the same organization, which I'd gather is the case since
you imply that vendors are running the SP's.



> Which ideally means sharing same private and public key, What are
> security implications you can foresee in this scenario?


Keypairs are usually associated, one way or another, with a single
owning logical entity. Knowledge of the private key half of a keypair
means that that party can act as the owner of the keypair. In a SAML
context, this means they can issue protocol messages, assertions, etc as
if they are coming from the "real" owner of the keypair. It would allow
the SP for example to impersonate the IdP by issuing Assertions that
appear to come from the IdP. This means you've lost the fundamental
cryptographic properties of signer authentication and non-repudiation.
Also, if multiple SP's are using the same keypair, SP 1 would be able to
decrypt data that was encrypted for SP 2 by the IdP and vice versa.
That means a loss of the cryptographic property of confidentiality.

So no, you should not do this. You can consult any number of books,
references on the Internet, etc on the basics of asymmetric key
cryptography, how it works and the kinds of problems it is intended to
solve.


--Brent




Archive powered by MHonArc 2.6.16.

Top of Page