W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2001

Re: Signing and Encryption

From: Joseph Ashwood <jashwood@arcot.com>
Date: Mon, 29 Jan 2001 11:52:09 -0800
Message-ID: <072d01c08a2c$fe057ae0$2a0210ac@livermore>
To: <xml-encryption@w3.org>
Cc: "Takeshi Imamura" <IMAMU@jp.ibm.com>
----- Original Message -----
From: "Takeshi Imamura" <IMAMU@jp.ibm.com>
To: "Joseph Ashwood" <jashwood@arcot.com>
Cc: <xml-encryption@w3.org>

> I'm not sure why entire
> signed data also needs to be encrypted.

Just as a method of showing that the data should not be altered. With the
existance of a signature potentially completely obscured (which is
reasonable with the encrypt the signature idealogy)  it will not normally be
obvious that the data cannot be changed without viewing what is encrypted.
It would be possible to get this effect with some form of a don't-touch-this
tag, but by encrypting it you enforce that policy. It's just a clarifying

Additionally there is should be no case where someone wants to encrypt the
signature, without encrypting the data that is signed. The signature only
asserts the validity of the information, if a portion of the data is
encrypted the underlying hash of the signature can be attacked (albeit with
very low probability of success). The result is that (from the attackers
perspective) it is far more important to know the data (any part of the
data) than to know the signature.
Received on Monday, 29 January 2001 14:52:27 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:31:59 UTC