W3C home > Mailing lists > Public > xml-encryption@w3.org > November 2001

Re: What padding do we use?

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Fri, 2 Nov 2001 14:59:06 +0900
To: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
Cc: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>, XML Encryption WG <xml-encryption@w3.org>
Message-ID: <OF47AAE325.EF27ACBB-ON49256AF8.001EFDF9@LocalDomain>


Donald,

>FIPS-81, DES Modes of operations, in Appendix C on CBC with byte data
>specified that it is to be padded by placing in the last byte of the
>last cblock of input data the number of padding bytes (including this
>count byte) and filling remaining pad bytes with anything.  I.E., if
>there were 5 bytes of data in the last block, these would be left
>justified, the bottom byte set to 0x03, and the two bytes between the
>data and this "3" byte set to any pad characters. If the data exactly
>fills the last block, an additional block is added with 0x08 in the
>bottom byte and its remaining 7 bytes filled with any pad character.
>
>Since this seems to be sort of part of the definition of CBC, would
>there be any objection to explicitly specifying this for XML ENC?

I studied FIPS-81 and found that the padding method you had pointed is
given just as an example.  Moreover another padding method is given, which
may lead to a misunderstanding.  So I believe that we should specify the
padding method explicitly or use standard padding methods like the PKCS#5
padding.

Thanks,
Takeshi IMAMURA
Tokyo Research Laboratory
IBM Research
imamu@jp.ibm.com
Received on Friday, 2 November 2001 00:59:17 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:02 UTC