A nonce is only useful if there is insufficient entropy in the data being encrypted and there is no other way to conduct a dictionary attack by trying the few possible values. The nonce means that you can't just encrypt each possible value and see if you get the cipher text. If your key has insufficient entropy, a nonce won't help. Someone can try decrypting with the few possible key values and test for plain text. The description could be changed to allow a nonce. But I don't actually see any need. Thanks, Donald From: Jiandong Guo <jguo@phaos.com> Date: Tue, 6 Nov 2001 15:31:48 -0500 (EST) Message-ID: <3BE84A4B.59566C60@phaos.com> Organization: Phaos Technology Corp. To: xml-encryption@w3.org >It seems to me that with the key wrap algorithm specified in section >5.6.2, there is no way >a nonce can be used, although you may still set up one in the >corresponding CipherData >element by the document. > >JiandongReceived on Monday, 26 November 2001 00:00:17 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 27 May 2007 00:08:59 GMT