W3C home > Mailing lists > Public > xml-encryption@w3.org > April 2002

Re: block encryption algorithm padding

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Tue, 16 Apr 2002 17:28:01 +0200
To: Tom Gindin <tgindin@us.ibm.com>
Cc: xml-encryption@w3.org
Message-ID: <28557042.1018978081@pinkpanther>


--On Dienstag, 16. April 2002 11:18 -0400 Tom Gindin <tgindin@us.ibm.com> 
wrote:

>       That's PKCS#5 padding, not PKCS#7 padding.  AFAIK, there's no such
> thing as PKCS#7 padding.

OK.

> Obviously, X.923 padding and PKCS#5 padding have
> the same entropy issues.

Right. I just wanted to point out which systems exist.




Thanks,
Christian




> Just to have a way to name padding mechanisms, here are some examples:
>
> blocklength = 8
> datalength = 9
> number of pad octets = 7
> data=FF FF FF FF FF FF FF FF FF
>
> DATA              FF FF FF FF FF FF FF FF FF
> X923Padding       FF FF FF FF FF FF FF FF FF 00 00 00 00 00 00 07
> PKCS7Padding      FF FF FF FF FF FF FF FF FF 07 07 07 07 07 07 07
> ISO10126d2Padding FF FF FF FF FF FF FF FF FF 7D 2A 75 EF F8 EF 07
>
> X.923 defines to fill the octets before the length with zeroes
> PKCS defines to fill the octets before the length with the length value
> ISO 10126 D2 defines to fill the octets before the length with random data
Received on Tuesday, 16 April 2002 11:23:29 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:03 UTC