Security Assertion Markup Language (SAML) employs robust security mechanisms to ensure secure identity federation. This post examines SAML’s cryptographic foundations, focusing on XML Digital Signatures, XML Encryption, X.509 certificate verification, and defenses against replay attacks.

1. XML Digital Signatures in SAML

SAML messages utilize XML Digital Signature (XML DSig) to guarantee message integrity and authenticity through asymmetric cryptography.

Implementation Details:

  • Signature Generation:
    1. Apply canonicalization (typically Exclusive XML Canonicalization) to normalize the XML structure
    2. Generate a message digest using SHA-256 or stronger algorithms
    3. Encrypt the digest with the sender’s private key
    4. Embed the signature in a <ds:Signature> element containing:
      • SignedInfo (canonicalization method, signature algorithm, references)
      • SignatureValue
      • KeyInfo (optional X.509 certificate)

Verification Process:

  1. Validate the certificate chain and revocation status
  2. Re-canonicalize the signed elements
  3. Recompute the digest and compare with the decrypted signature
  4. Verify the signature covers all required elements

2. XML Encryption in SAML

SAML implements XML Encryption to protect sensitive assertion data through a hybrid encryption approach.

Encryption Workflow:

  1. Generate a random symmetric key (AES-256 recommended)
  2. Encrypt the payload data with the symmetric key
  3. Encrypt the symmetric key with the recipient’s public key (RSA-OAEP preferred)
  4. Structure the encrypted data as:
    • <EncryptedData> containing:
      • Encryption method
      • CipherValue
      • KeyInfo with encrypted key
    • Optional <EncryptedKey> for key transport

Decryption Considerations:

  • Implement proper key wrapping for symmetric key protection
  • Support multiple encryption algorithms for interoperability
  • Validate encrypted data size limitations

3. X.509 Certificate Validation

Proper certificate handling is critical for SAML security operations.

Comprehensive Validation Checklist:

  1. Chain Validation:

    • Verify root CA trust
    • Check intermediate certificates
    • Validate path constraints

  2. Certificate Properties:

    • Confirm valid time window
    • Verify key usage extensions
    • Check subject alternative names

  3. Revocation Checking:

    • Implement OCSP stapling
    • Support CRL distribution points
    • Enforce revocation checking policies

Operational Best Practices:

  • Maintain separate certificates for signing and encryption
  • Implement certificate pinning where appropriate
  • Enforce strong cryptographic algorithms (minimum RSA-2048, ECDSA-256)

4. Replay Attack Mitigation

SAML implementations must incorporate multiple defenses against message replay.

Defensive Strategies:

  1. Temporal Controls:

    • Enforce strict <Conditions> time windows (recommended ≤5 minutes)
    • Validate <IssueInstant> timestamps
    • Implement clock synchronization (NTP)

  2. Message Tracking:

    • Maintain an assertion ID registry
    • Implement sliding window expiration
    • Log all processed assertions

  3. Protocol Enhancements:

    • Require <SubjectConfirmation> elements
    • Implement signed audience restrictions
    • Enforce one-time-use policies

  4. Operational Safeguards:

    • Monitor for duplicate message IDs
    • Implement rate limiting
    • Conduct regular security audits

Security Implementation Checklist

For production SAML deployments:

  • Enforce XML signature verification
  • Implement mandatory element encryption
  • Configure strict certificate validation
  • Deploy replay protection mechanisms
  • Maintain comprehensive security logging

These security measures form the foundation of trustworthy SAML implementations, ensuring secure identity propagation across organizational boundaries while maintaining compliance with security best practices.