Wednesday, August 15, 2012

More security improvements

Photo by buschap
Following up on changes making the upload control safer, we recently committed improvements to cryptography-related features within Orbeon Forms.

Orbeon Forms doesn't rely very much on encryption in the first place. That's because a lot of information is created and stays on the server, without ever making it to the client.

But there are a few instances where some data is encrypted on the server and sent to the client. For example, when an upload is terminated, the server tells the client to dispatch an event back to the server. That event should not be tampered with.

Besides encryption, there are cases where hash algorithms are used. Some are purely internal, for example for caching within the XForms engine. Others are mostly cosmetic, for example to make unique random document ids look nice (still, in general you want to use a proper hash algorithm as an added layer of safety on top of a random generator).

So we have reviewed the cryptographic algorithms we are using. Some of them were no longer current and we have upgraded them and made some aspects configurable. For example, you can specify the length of the AES encryption key and specify the hash algorithm to use.

Due to some export restrictions from the US, the strongest encryption algorithms are by default not available in the JVM (see the Unlimited Strength Jurisdiction Policy Files provided by Oracle to enable stronger algorithms). So by default, we choose reasonable strength and algorithms, but you can specify stronger keys and algorithms via properties.

Besides the algorithms, we have also taken some steps to follow good encryption practices. For example, we now make better use of salting to generate the encryption key, to make sure that it is different every time the applications is restarted.

Finally, we have made changes related to XForms selection controls item values. The XForms engine used to encrypt item values before sending them to the client. This way item values remain confidential by default (even though in many cases item values are not private information).

However, it is not trivial to do encryption right in this case, without giving away some information about the items (for example, if your encryption algorithm is not initialized properly, one might figure out that two items have the same value).

The good news is that here we can avoid encryption altogether by sending item positions instead! This is not confidential information, the server already knows items by position, and we avoid complex encryption logic.

For more information, see the new configuration properties.

Stay tuned for more security-related features for Orbeon Forms 4.0!

No comments:

Post a Comment