- From: Amir Herzberg <AMIR@newgenpay.com>
- Date: Tue, 17 Apr 2001 12:18:45 +0300
- To: "Xml Encrypt (E-mail)" <xml-encryption@w3.org>
Jeremy, > But my main point remains.... how feasible is it for an > attacker (be they a > dishonest signer, a dishonest recipient, or > an attacker in the middle who's trying to foul the > relationship between the > two) to mount such an attack presuming the types of > cryptosystems proposed > for this standard? This depends mostly on the encryption scheme used. Some schemes which are fine for encryption, including some `modes` are completely volunerable against this attack (which is against the signature properties when the verification of the signature is by showing the plaintext and encryption key/process). So the caution is simply to warn the implementors not to use such a system. I guess this means that if they want to use this mode, they should understand a bit in cryptography to be sure they use an appropriate encryption function (if we care to we can explicitly say that certain encryption functions we specify seem to have this property). Best regards, Amir Herzberg CTO, NewGenPay Inc. See our demo and overview/tutorials on secure e-commerce in http://www.NewGenPay.com
Received on Tuesday, 17 April 2001 05:15:27 UTC