W3C home > Mailing lists > Public > xml-encryption@w3.org > December 2000

Re: Combining signing and encrypting

From: <hal@finney.org>
Date: Fri, 1 Dec 2000 13:59:31 -0800
Message-Id: <200012012159.NAA20077@finney.org>
To: hal@finney.org, priewe@darmstadt.gmd.de, xml-encryption@w3.org
Arne Priewe, priewe@darmstadt.gmd.de, writes:
> hal@finney.org wrote:
> >One approach would be, when signing before encrypting, to always encrypt
> >the signature block along with the data being encrypted. 
>
> We support this approach for sign/crypt, because we think that it is a 
> kind of attack if a signature
> for enrypted data can be removed without being noticed. 
> (See 6.1 of our Req-Doc: 
> http://lists.w3.org/Archives/Public/xml-encryption/2000Nov/att-0004/01-enc-requirements_2000-10-31.html)

It's not clear that an encryption transform can provide this.  Encryption
is meant to keep data secret, not necessarily to prevent modification
of data.  Depending on the chaining mode used, it may be possible to make
various modifications to encrypted data with limited ability to detect it.

Hal Finney
Received on Friday, 1 December 2000 16:58:22 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT