W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2001

Re: Signing and Encryption

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Thu, 01 Feb 2001 13:21:27 -0500
Message-Id: <4.3.2.7.2.20010201131955.02b24310@rpcp.mit.edu>
To: hal@finney.org
Cc: IMAMU@jp.ibm.com, hal@finney.org, kotok@w3.org, xml-encryption@w3.org
At 10:01 2/1/2001 -0800, hal@finney.org wrote:
>The second leak, more practical, is that someone could verify a guess at
>the contents of the encrypted-and-signed material.  Particularly if the
>data is relatively small, or it is of some standard form (a boilerplate
>contract with only a few fields having variation), this may be practical
>in some circumstances.  In this case the strength of the encryption is
>completely defeated by having the hash available.

Is this because the search over messages yielding the hash of the plaintext 
is faster than the search over the messages yielding the ciphertext?

__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Thursday, 1 February 2001 13:21:45 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:59 UTC