W3C home > Mailing lists > Public > xml-encryption@w3.org > February 2002

RE: Encrypting the IV - again. Was: Re: nonce length

From: Hallam-Baker, Phillip <pbaker@verisign.com>
Date: Mon, 4 Feb 2002 07:44:07 -0800
Message-ID: <2F3EC696EAEED311BB2D009027C3F4F409DF650B@vhqpostal.verisign.com>
To: Blair Dillaway <blaird@microsoft.com>, Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>, "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>, reagle@w3.org
Cc: xml-encryption@w3.org

To put Blair's point more concisely, Encryption protects confidentiality,
any attempt to use encryption alone to protect integrity is doomed to
failure. The same attacks can be performed through manipulation of the
cipher stream.

		Phill

Phillip Hallam-Baker FBCS C.Eng.
Principal Scientist
VeriSign Inc.
pbaker@verisign.com
781 245 6996 x227

application/octet-stream attachment: Phillip_Hallam-Baker__E-mail_.vcf

Received on Monday, 4 February 2002 10:43:46 GMT

This message: [ Message body ]
Next message: Takeshi Imamura: "Re: Typos, etc."
Previous message: Christian Geuer-Pollmann: "Re: xmlenc Call 13:00 EST 20020204"
Maybe in reply to: Mike Just: "RE: Encrypting the IV - again. Was: Re: nonce length"

Mail actions: [ respond to this message ] [ mail a new topic ]
Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
Help: [ How to use the archives ] [ Search in the archives ]

This archive was generated by hypermail 2.2.0+W3C-0.50 : Sunday, 27 May 2007 00:09:00 GMT