An Analysis of XMPP An Analysis of XMPP SecuritySecurity

Team “Vision” Team “Vision” Chris Nelson Chris Nelson Ashwin Kulkarni Ashwin Kulkarni Nitin Khatri Nitin Khatri Taulant Haka Taulant Haka Yong ChenYong Chen

CMPE 209 Spring 2009

AgendaAgenda

HISTORY OF XMPP HISTORY OF XMPP INTRODUCTION TO XMPP INTRODUCTION TO XMPP SECURITY IN XMPP SECURITY IN XMPP

• Use of TLS (Transport Layer Security)Use of TLS (Transport Layer Security)• Use of SASL (Simple Authentication and Use of SASL (Simple Authentication and

Security Layer)Security Layer) SECURITY CONCERNS IN XMPP SECURITY CONCERNS IN XMPP ConclusionConclusion

HISTORY OF XMPPHISTORY OF XMPP 1998-Core technology was invented by 1998-Core technology was invented by

JeremieJeremie Miller Miller 1999-Jabber open-source community 1999-Jabber open-source community

initially started to developed the protocolinitially started to developed the protocol 2000-Instant Messaging and Presence 2000-Instant Messaging and Presence

Protocol (IMPP) Working Group published Protocol (IMPP) Working Group published the result the result

2002 and 2003-XMPP protocol was 2002 and 2003-XMPP protocol was formalized by formalized by IETFIETF

2004-The 2004-The XMPP XMPP RFCsRFCs were published. were published. 2007-Jabber Software Foundation was 2007-Jabber Software Foundation was

renamed XMPP Standards Foundation renamed XMPP Standards Foundation

Application using XMPP Application using XMPP Instant messagingInstant messaging PresencePresence Media session managementMedia session management Shared editingShared editing WhiteboardingWhiteboarding CollaborationCollaboration Lightweight middlewareLightweight middleware Content syndicationContent syndication Generalized XML routing. Generalized XML routing.

The core protocols of Extensible The core protocols of Extensible Messaging and Presence Protocol Messaging and Presence Protocol

Jabber ClientJabber Client Jabber ServerJabber Server Presence and IM Session EstablishmentPresence and IM Session Establishment Resource BindingResource Binding Server Server DialbackDialback Simple Authentication and Security LayerSimple Authentication and Security Layer S/MIME EncryptionS/MIME Encryption Stanza ErrorsStanza Errors Stream ErrorsStream Errors Transport Layer SecurityTransport Layer Security XML StreamsXML Streams

XMPP CommunicationXMPP Communication XMPP uses XML to communicate between two nodes

A client and a serverA server and a serverA client and another client via one or more servers

XMPP Communication XMPP Communication (cont.)(cont.)

simplistic view of one-way simplistic view of one-way communication using XMPP.communication using XMPP.

<stream> -open connection<stream> -open connection</stream> close connection</stream> close connection

<presence> and </presence> <presence> and </presence> indicate the start and end of the indicate the start and end of the stanzastanza

<iq> and </iq> <iq> and </iq> information/query (iq) requests information/query (iq) requests and responsesand responses

SECURITY IN XMPP SECURITY IN XMPP XMPP is built on four layersXMPP is built on four layers

• TCP as the reliable transport protocolTCP as the reliable transport protocol• TLS for encryption of data sent over the TLS for encryption of data sent over the

TCP connectionTCP connection• SASL for authentication of nodes SASL for authentication of nodes

communicating over TLS and TCPcommunicating over TLS and TCP• XMPP as an application communicating XMPP as an application communicating

over the reliable, authenticated, and over the reliable, authenticated, and encrypted channel encrypted channel

SECURITY IN XMPP Use of TLS SECURITY IN XMPP Use of TLS

The initiating entity opens a TCP The initiating entity opens a TCP connection including the 'version' attribute connection including the 'version' attribute

The receiving entity responds by opening The receiving entity responds by opening a TCP connection including the 'version' a TCP connection including the 'version' attribute attribute

The receiving entity offers the STARTTLS The receiving entity offers the STARTTLS extension including a <required/> extension including a <required/> element as a child of the <starttls/> element as a child of the <starttls/>

SECURITY IN XMPP Use of TLS SECURITY IN XMPP Use of TLS (Cont) (Cont)

The initiating entity issues the STARTTLS The initiating entity issues the STARTTLS command command

The receiving entity MUST reply with The receiving entity MUST reply with either a <proceed/> element or a either a <proceed/> element or a <failure/> <failure/>

The initiating entity and receiving entity The initiating entity and receiving entity attempt to complete a TLS negotiation attempt to complete a TLS negotiation

If the TLS negotiation is unsuccessful, the If the TLS negotiation is unsuccessful, the receiving entity MUST terminate the TCP receiving entity MUST terminate the TCP connection connection

SECURITY IN XMPP Use of SASL SECURITY IN XMPP Use of SASL

The initiating entity requests SASL The initiating entity requests SASL authentication by including the 'version'authentication by including the 'version'

The receiving entity advertises a list of The receiving entity advertises a list of available SASL authentication mechanisms available SASL authentication mechanisms

The initiating entity selects a mechanism The initiating entity selects a mechanism by sending an <auth/> by sending an <auth/>

The receiving entity challenges the The receiving entity challenges the initiating entity by sending a <challenge/> initiating entity by sending a <challenge/>

The initiating entity responds to the The initiating entity responds to the challenge by sending a <response/> challenge by sending a <response/>

SECURITY IN XMPP Use of SASL SECURITY IN XMPP Use of SASL (cont.) (cont.)

If necessary, the receiving entity If necessary, the receiving entity sends more challenges -- the sends more challenges -- the initiating entity sends more initiating entity sends more responses until:responses until:• The initiating entity aborts the The initiating entity aborts the

handshake by sending an <abort/> handshake by sending an <abort/> • The receiving entity reports failure of The receiving entity reports failure of

the handshake by sending a <failure/> the handshake by sending a <failure/> • The receiving entity reports success of The receiving entity reports success of

the handshake by sending a <success/> the handshake by sending a <success/>

XMPP Extensions XMPP Extensions Instant Messaging and Presence -- base Instant Messaging and Presence -- base

XMPP extensions for instant messaging, XMPP extensions for instant messaging, contact lists, presence, and privacy contact lists, presence, and privacy blocking. (RFC 3921)blocking. (RFC 3921)

End-to-End Signing and Object Encryption End-to-End Signing and Object Encryption (RFC 3923)(RFC 3923)

XMPP extensions with additional features XMPP extensions with additional features including XML-RPC and SOAP bindings, in-including XML-RPC and SOAP bindings, in-band registration, extended presence, band registration, extended presence, geolocation, and reliable message delivery geolocation, and reliable message delivery (XEP series ) (XEP series )

XMPP Extensions XMPP Extensions ((XEP series ) )

Service Discovery -- a robust protocol for Service Discovery -- a robust protocol for determining the features supported by other determining the features supported by other entities on an XMPP network (XEP-0030)entities on an XMPP network (XEP-0030)

Data Forms -- a flexible protocol for forms-Data Forms -- a flexible protocol for forms-handling via XMPP, mainly used in workflow handling via XMPP, mainly used in workflow applications and for dynamic configuration (XEP-applications and for dynamic configuration (XEP-0004 ) 0004 )

File Transfer -- a protocol for transferring files from File Transfer -- a protocol for transferring files from one XMPP entity to another (XEP-0096)one XMPP entity to another (XEP-0096)

HTTP Binding -- a binding of XMPP to HTTP rather HTTP Binding -- a binding of XMPP to HTTP rather than TCP, mainly used for devices that cannot than TCP, mainly used for devices that cannot maintain persistent TCP connections to a server maintain persistent TCP connections to a server (XEP-0124 ) (XEP-0124 )

SECURITY CONCERNS IN XMPP SECURITY CONCERNS IN XMPP

Security depend on user Security depend on user • User trust a certificate from an unknown User trust a certificate from an unknown

sourcesource And/Or implementationAnd/Or implementation

• Performing SASL negotiations before Performing SASL negotiations before securing the channel with TLSsecuring the channel with TLS

• sending message, presence, or iq data sending message, presence, or iq data before completing the TLS or SASL before completing the TLS or SASL negotiationsnegotiations

ConclusionConclusion XMPP was designed with security in XMPP was designed with security in

mindmind Its architecture is solidIts architecture is solid The implementation is secureThe implementation is secure Susceptible to careless usersSusceptible to careless users

ReferencesReferences Summary of XMPP. (2007, January 16). Retrieved March 8, 2008, from Summary of XMPP. (2007, January 16). Retrieved March 8, 2008, from

http://www.xmpp.org/about/summary.shtml http://www.xmpp.org/about/summary.shtml Extensible Messaging and Presence Protocol. Retrieved March 8, 2008, Extensible Messaging and Presence Protocol. Retrieved March 8, 2008,

from from http://en.wikipedia.org/wiki/Extensible_Messaging_and_Presence_Protocol http://en.wikipedia.org/wiki/Extensible_Messaging_and_Presence_Protocol

Extensible Messaging and Presence Protocol (XMPP): Core. (2004, Extensible Messaging and Presence Protocol (XMPP): Core. (2004, October). Retrieved March 8, 2008, from http://tools.ietf.org/html/rfc3920 October). Retrieved March 8, 2008, from http://tools.ietf.org/html/rfc3920

Extensible Messaging and Presence Protocol (XMPP): Instant Messaging Extensible Messaging and Presence Protocol (XMPP): Instant Messaging and Presence. (2004, October). Retrieved March 8, 2008, from and Presence. (2004, October). Retrieved March 8, 2008, from http://tools.ietf.org/html/rfc3921 http://tools.ietf.org/html/rfc3921

6 End-to-End Signing and Object Encryption for the Extensible Messaging 6 End-to-End Signing and Object Encryption for the Extensible Messaging and Presence Protocol (XMPP). (2004, October). Retrieved March 8, 2008, and Presence Protocol (XMPP). (2004, October). Retrieved March 8, 2008, from http://tools.ietf.org/html/rfc3923 from http://tools.ietf.org/html/rfc3923

End-to-End Signing and Object Encryption for the Extensible Messaging and End-to-End Signing and Object Encryption for the Extensible Messaging and Presence Protocol (XMPP). (2004, October). Retrieved March 8, 2008, Presence Protocol (XMPP). (2004, October). Retrieved March 8, 2008, from http://tools.ietf.org/html/rfc3923 from http://tools.ietf.org/html/rfc3923

The XMPP Federation. Retrieved March 8, 2008 from The XMPP Federation. Retrieved March 8, 2008 from https://www.xmpp.net https://www.xmpp.net

Simple Authentication and Security Layer (SASL). (2006, June). Retrieved Simple Authentication and Security Layer (SASL). (2006, June). Retrieved March 8, 2008, from http://tools.ietf.org/html/rfc4422 March 8, 2008, from http://tools.ietf.org/html/rfc4422

Extensible Messaging and Presence Protocol (XMPP): Core. (2004, Extensible Messaging and Presence Protocol (XMPP): Core. (2004, October). Retrieved March 8, 2008, from http://tools.ietf.org/html/rfc3920 October). Retrieved March 8, 2008, from http://tools.ietf.org/html/rfc3920

Questions and AnswersQuestions and Answers

Thank You!Thank You!