W3C home > Mailing lists > Public > xml-encryption@w3.org > September 2001

use of public key encryption

From: Amir Herzberg <AMIR@newgenpay.com>
Date: Mon, 3 Sep 2001 09:33:25 +0300
Message-ID: <078EE8822DCFD411AAA1000629D56ADC2FC1@IMP01>
To: "Xml Encrypt (E-mail)" <xml-encryption@w3.org>
Hi all, 

I noticed that public key encryption algorithms are included under section
5.4 `key transport` with a specific restriction of their use to encrypting
keys:

Key Transport algorithms are public key encryption algorithms especially
specified for encrypting and decrypting keys. Their identifiers appear as
Algorithm attributes to EncryptionMethod elements that are children of
EncryptedKey. 

Why is this? Of course, public key algorithms are inefficient for encrypting
long strings, and whenever we need to encrypt long strings, we use `hybrid`
modes where the public key alg encrypts a shared key. But there may be some
applications where the public key encryption may be applied only to short
strings and therefore the designers may wish to use it directly on data. 

Another reasonable design will be to define an EncryptionMethod which is a
`hybrid` mode, e.g. RSA with AES. In this case, the AES key is `internal` to
the encryption and there is no need to expose this internal structure by
forcing the application to use EncryptedKey. Furthermore, in the future,
there may be public key algorithms which are efficient for long messages
(without being a simple hybrid). 

All of this suggests that we should allow EncryptionMethod to specify a
public key algorithm (also for EncryptedData), while we can definitely say
that _usually_ the public key methods are used only for key transport. 

Best regards, 
Amir Herzberg
CTO, NewGenPay Inc.  
http://www.newgenpay.com/Amir/Herzberg.htm
SMS (urgent only!): _subject_ of email to aherzberg@walla.co.il
Received on Monday, 3 September 2001 02:33:52 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 27 October 2009 08:42:19 GMT