W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2001

Re: Signing and Encryption

From: Yongge Wang <ywang@certicom.com>
Date: Thu, 25 Jan 2001 13:25:34 -0500
To: xml-encryption@w3.org
Message-ID: <852569DF.006510D1.00@smtpmail.certicom.com>


>> Though signature
>> is different from MAC, but we should keep in mind that digital signature
>> is an extension of MAC.
>
> Actually they are very different in security meaning. In short a MAC is a
> statement that a member of the group authenticates the statement, a
> signature has very real legal meaning. It's the legal meaning that's causing
> all the problems here, without any legal meaning a signature on the
> encrypted data asserts the authenticity of the encrypted data, not what was
> encrypted. Because of the legal meaning we now have to deal with a massive
> number of other options.

Ohhh... I think we are only talking about the security against e.g.,
man-in-middle
attacks... and not about the legal issues:-)

If a malicious adversary (outside) can attack the MAC-then-encrypt,
then he might be able to attack SIG-then-encrypt... that is my point...

Regards,
Yongge
Received on Thursday, 25 January 2001 13:30:05 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:18 GMT