Alternative to PKI digital signature

Question

I'm looking for a way of transforming an xml document in a way that achieves the following goals:

• It can be distributed to known applications across the internet and managed by them without any special storage requirements
• The applications can determine the source of the document
• The applications can determine if it has been tampered with or altered since it was generated
• The document is encrypted, but for obfuscation purposes rather than because it contains sensitive information
• The application can programmatically read the contents of the xml

This sounds like a classic digital signature scenario. However, I do not want the source and recipient applications to have to deal with the logistical issues associated with managing public and private keys.

So, my question is: is there any way of meeting these requirements reliably without the use of digital certificates?

Answer 1

If you do not really look for security - especially in the forging/alteration aspects, a secret symmetric key embedded in the application would be enough to satisfy alteration detection and encryption aspects. Just use a standard block cipher, and MAC (Message Authentication Code (wikipedia)). Of course, it would be relatively simple to extract the key and alter these documents.

Unfortunately, identifying the source is a little trickier. Identity comes implicitly when you use PKI, because each private key implicitly identifies an entity. Since you do not have such a natural identifier, you will now need to define your own identification scheme: perhaps a MAC address of the first network adapter you see on the machine that runs it, or perhaps a more elaborate scheme where you explicitly assign identities to individual applications, or the individuals that use the application. Once you have some sort of identity definition, it would be a simple matter to add this identification string at the start of your document before encrypt/sign operation as a separate XML field.

Answer 2

For authentication you need to have some key scheme that ensures this authentication. If you don't like certificates in particular, the alternative is to use OpenPGP keys for XML (XMLDSig supports OpenPGP keys).

Answer 3

[Disclosure: I work for CoSign by ARX]

However, I do not want the source and recipient applications to have to deal with the logistical issues associated with managing public and private keys.

Another way to herd the cats is use PKI but minimize the usual PKI logistical issues by using a centralized SSCD (Secure Signature Creation Device).

Couple it with the ability to automatically generate certs that are already in the trust chain of the recipient's machines. CoSign and others do this.

The resulting digitally signed XML files can be easily verified for identity/authenticity and integrity by the recipients while minimizing the administrative burdens of signing the XML files.