W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2002

RE: Encrypting the IV - again. Was: Re: nonce length

From: Pieter Kasselman <pkasselman@baltimore.com>
Date: Tue, 29 Jan 2002 09:35:41 -0000
Message-ID: <E7F0BE6942F1D411AFEA0002A528A8216519F3@irlms01.ie.baltimore.com>
To: "'reagle@w3.org'" <reagle@w3.org>, Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>, "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
Cc: Dan Lanz <lanz@zolera.com>, xml-encryption@w3.org, blaird@microsoft.com
Hi Joseph, I am inclined to agree with your approach. It makes more sense to
use chaining schemes that has already been standardised/scrutinized/vetted.
Perhaps the right way to go about this is to propose encrypting the IV used
with CBC mode to a standards body that deals with cryptography and let them
standardise it (e.g. NIST has been running a series of workshops on modes of
operation for block ciphers http://csrc.nist.gov/encryption/modes/). 

XML Encrypt should be flexible enough to allow for any encryption chaining
scheme to be specified. Thus once CBC with IV encryption is standardised by
one of these bodies, it can be used with XML Encrypt.



> -----Original Message-----
> From:	Joseph Reagle [SMTP:reagle@w3.org]
> Sent:	28 January 2002 22:55
> To:	Christian Geuer-Pollmann; Donald E. Eastlake 3rd
> Cc:	Dan Lanz; xml-encryption@w3.org; blaird@microsoft.com
> Subject:	Re: Encrypting the IV - again. Was: Re: nonce length
> On Monday 28 January 2002 17:09, Christian Geuer-Pollmann wrote:
> > Well, it seems to me that I do not need obvious facts to introduce
> > necessary changes into the spec but well-known names ;-((
> Hi Christian, I'm not advocating that necessarily, nor that we just need a
> reference in order to accept it. In fact, I'm not opposed to encrypting
> the 
> IV. I'm just saying that I prefer that *this* WG not take it upon itself
> to 
> introduce a "new mode". I'm most comfortable if the issue has 
> been addressed by others and it's been vetted/discussed/standardized, etc.
> That's that.
> So, what do others people think? Should we encrypt the IV? (If so, we'll
> do 
> it.)
> -- 
> Joseph Reagle Jr.                 http://www.w3.org/People/Reagle/
> W3C Policy Analyst                mailto:reagle@w3.org
> IETF/W3C XML-Signature Co-Chair   http://www.w3.org/Signature/
> W3C XML Encryption Chair          http://www.w3.org/Encryption/2001/
> This footnote confirms that this email message has been swept by
> MIMEsweeper for the presence of computer viruses.

Baltimore Technologies plc will not be liable for direct,  special,  indirect 
or consequential  damages  arising  from  alteration of  the contents of this
message by a third party or as a result of any virus being passed on.

This footnote confirms that this email message has been swept by
Baltimore MIMEsweeper for Content Security threats, including
computer viruses.
Received on Tuesday, 29 January 2002 04:37:53 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:32:02 UTC