W3C home > Mailing lists > Public > xml-encryption@w3.org > November 2000

Re: Plaintext inference

From: <hal@finney.org>
Date: Wed, 15 Nov 2000 12:56:13 -0800
Message-Id: <200011152056.MAA13349@finney.org>
To: hal@finney.org, steve@myProof.com
Cc: xml-encryption@w3.org
Yes, I think you're right, this kind of situation could be troublesome
as well.  Any time you've got somewhat guessable plaintext, leaking
length information could be a problem.

Hal Finney
PGP Security

> From: Steve Wiley <steve@myProof.com>
>
> Hal,
>
> Thanks for the information and explanations.  They are very helpful.
>
> Could this be a problem as well?
> Even if the plaintext is an entire element and the length would normally 
> considered long enough to not pose a security risk, if the XML schema is 
> know, then most of the plaintext content may be known. In the following 
> example the plaintext is (including white space) 169 characters long.  But, 
> an attacker that knew or inferred the element structure would know what all 
> but 13 of the characters were.  I am not a crypto person but I would guess 
> that this would pose the same risk as encrypting short length plaintext.
>
> <employee>
>     <first-name>Jane</first-name>
>     <last-name>Doe</last-name>
>     <emp-type>sal</emp-type>
>     <job-type>SE</job-type>
>     <job-level>3</job-level>
> </employee>
>
> Thanks,
> Steve Wiley - <steve@myproof.com>
Received on Wednesday, 15 November 2000 15:55:04 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT