W3C home > Mailing lists > Public > xml-encryption@w3.org > March 2001

Re: Multiple DataReference elements

From: Yongge Wang <ywang@certicom.com>
Date: Fri, 23 Mar 2001 11:51:05 -0500 (EST)
To: David Montgomery <david.montgomery@entrust.com>
cc: "'XML Encryption List'" <xml-encryption@w3.org>
Message-ID: <Pine.BSF.3.96.1010323114923.6851A-100000@eng1.certicom.com>

> The use of multiple DataReference elements allows the following flawed
> relationship;  Alice must encrypt EncryptedData-A and EncryptedData-B with
> the same symmetric key, which is encrypted with Bob's public key in
> EncryptedKey-Bob.  If Eve is a second recipient of EncryptedData-A, she
> gains indirect access to EncryptedData-B, which Alice did not intend.  (Same
> applies to KeyReferences.)

This attack may be an implementation issue? No matter what kind
of standard you design, if the sender is dumb enough, he may
make the protocol completely insecure....


Yongge Wang -- Crypto Mathematician
Received on Friday, 23 March 2001 11:52:07 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:02 UTC