W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2001

Re: HW Support and XML Encryption Requirements

From: Joseph M. Reagle Jr. <reagle@w3.org>
Date: Wed, 21 Feb 2001 14:25:08 -0500
Message-Id: <4.3.2.7.2.20010221142229.020bd258@rpcp.mit.edu>
To: Paul Lambert <Paul.Lambert@cosinecom.com>
Cc: XML Encryption WG <xml-encryption@w3.org>
At 14:45 2/16/2001 -0800, Paul Lambert wrote:
>4.0 The encryption and XML processing should be
>    - support the use of hardware implementation of the encryption 
> processing

I've added that under the security section.

>Hardware considerations introduce design consideration that impact the 
>sytax.  For example, the current draft proposal places cryptographic 
>initialization information early in the header:
>
><xenc:EncryptedData 
>xmlns:xenc='<http://www.w3.org/2000/11/temp-xmlenc>http://www.w3.org/2000/11/temp-xmlenc'> 
>
>   <xenc:EncryptionMethod xenc:Algorithm="urn:nist-gov:tripledes-ede-cbc">
>     <s0:IV xmlns:s0='<http://somens>http://somens'>ABCD</s0:IV>
>     .... etc ....
>
>It is "best" to have hardware directly support the creation of the 
>initialization information required for encryption transforms 
>(IV).  Ideally, the IV should be directly in front of the cipher text to 
>support the tight integration of the generation of the IV with the 
>cryptographic process.

This is a good point, but how would one meet this requirement? I expect that 
in addition to providing the IV in the encryption syntax itself it would be 
fed as a parameter to the encryption algorithm?


__
Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
W3C Policy Analyst                mailto:reagle@w3.org
IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature
W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
Received on Wednesday, 21 February 2001 14:25:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:59 UTC