----BEGIN PGP SIGNED MESSAGE----
Hash: SHA1

Note on CVE-2011-1096: XML Encryption flaw / Character pattern encoding attack

A new attack on the XML Encryption standard has recently emerged and
is described by the security advisory CVE-2011-1096:

https://bugzilla.redhat.com/show_bug.cgi?id=681916

Tibor Jager, Juraj Somorovsky, Meiko Jensen, and Jorg Schwenk
described an attack technique against W3C XML Encryption Standard,
when the block ciphers were used in cipher-block chaining (CBC)
mode of operation. A remote attacker, aware of a cryptographic
weakness of the CBC mode could use this flaw to conduct
chosen-ciphertext attacks, leading to the recovery of the entire
plaintext of a particular cryptogram by examining of the differences
between SOAP responses, sent from JBossWS, J2EE Web Services server.

There is no (immediate) security "fix" for this issue, as it is an
attack on the standard itself. However, the attack can be prevented by
using a symmetric algorithm such as AES-128 or AES-256 with GCM. Until
the WS-SecurityPolicy specification is updated to support GCM, Apache
CXF has defined its own AlgorithmSuite policies to use GCM algorithms.
These AlgorithmSuites are called "Basic128GCM", "Basic192GCM" and
"Basic256GCM" in the namespace
"http://cxf.apache.org/custom/security-policy". See here for more
details about how to use these policies:

http://coheigea.blogspot.com/2012/04/note-on-cve-2011-1096.html

----BEGIN PGP SIGNATURE----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJPlR+yAAoJEGe/gLEK1TmDXTAH/05JOBp2mqn9QAvBHtYPOk6c
+C8jaJZFJG0vBB1BO7l0bRUUVp3giHeCP20uTMX6n/eLphwQ4kfO7kvJQ/BMLfW1
CWXbc70khLJEMG9u0p4QZtmC+bftTvrecZFSe+yt52tQM0+55a1WjVdOrb7yCu2R
sgZCYACNCn+Bx5u/BSWBpfaOz4FLiFssagZlw8LdQT67WiAXa4HXRmD+Q5fyr0LA
zvvG030UlxpR7r5W5I2gBswtzJL4CV7IBSaomXmQhTXVJ4pbHfkqY/ShO8kHGBnZ
wsRN3NQipuci1kyAI8o6ksIRyEua+M7yHwGRsOxCaZJU/bJtcgnRmiJCY6xcAgg=
=1y0o
----END PGP SIGNATURE----