W3C home > Mailing lists > Public > xml-encryption@w3.org > May 2001

support for signing plaintext and ciphertext

From: Amir Herzberg <AMIR@newgenpay.com>
Date: Tue, 1 May 2001 17:48:02 +0300
Message-ID: <078EE8822DCFD411AAA1000629D56ADC05244B@IMP01>
To: "Xml Encrypt (E-mail)" <xml-encryption@w3.org>
Following our discussion on requirements, I'll like now to request adding
support to allow signing of encrypted data. This is by allowing the
following new tag in <EncryptedData>:

   <HashOfRandomized>

to contain the binary result of a one-way hash function applied to the
plaintext. To prevent guessing attacks, the plaintext MUST include
sufficient enthropy, possibly by appending to the `real` plaintext a random
string just to increase its enthropy. 

The use of this will be by defining a simple tranform for DSIG that will
replace each <EncryptedData> object containing a <HashOfRandomized> object,
with only the <HashOfRandomized> object, for the purpuses of hashing and
signing. This will be sufficient for the authentication and non-repudiation
of the signature, yet allow changing the encryption key, or removing the
ciphertext completely, when such operations are required. 

The receiver can now prove the contents of a secret agreement (in case of
dispute), by exposing the agreement (only) to a judge who can easily
validate it. There are other applications, esp. for payments, in fact we
used this technique in iKP and SET protocols. So it is important the spec
allows it. 


Technically, what does this mean to XML Encrypt spec? 

Add an optional element to EncryptedData:
	<element ref="xenc:HashOfRandomized" minOccurs=0/>
where the randhash element is simply
	<element name="HashOfRandomized" type="ds:CryptoBinary">


The trick is to sign not the actual plaintext, which may indeed allow
guessing attack, but a randomized version of it. 

Best regards, 
Amir Herzberg
CTO, NewGenPay Inc.  

See our demo and overview/tutorials on secure e-commerce in
http://www.NewGenPay.com (demo area)
Received on Tuesday, 1 May 2001 10:44:40 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:19 GMT