Completed Action Item: Nonce text. from Joseph Reagle on 2001-08-27 (xml-encryption@w3.org from August 2001)

From: Joseph Reagle <reagle@w3.org>
Date: Mon, 27 Aug 2001 15:39:29 -0400
To: XML Encryption WG <xml-encryption@w3.org>
Cc: Donald Eastlake 3rd <dee3@torque.pothole.com>
Message-Id: <20010827193929.AA48C873BF@policy.w3.org>

(Should the nonce be base64Binary? Also, I'm sure my text could benefit from 
suggestions. Is it in remote CipherReference values too? Donald, if you need 
to tweak given the changes to DigestMethod (is nonce before or after?) please 
do so.)

http://www.w3.org/Encryption/2001/Minutes/010820-tele.html
>Action Reagle: make it a declaration within CipherData using 
>Eastlake's nonce proposal text where necessary.

-->

http://www.w3.org/Encryption/2001/Drafts/xmlenc-core/Overview.html#sec-CipherData

3.2 The CipherData Element

The optional Nonce attribute specifies the presence and length of a nonce 
value that is prepended to the CipherValue or data identified by the 
CipherReference. A nonce is a value (used only once) that is combined with 
the plaintext being encrypted in order to increase its entropy; this prevents 
"dictionary attacks" that encrypt "some known plaintext phrase with all 
possible keys so that the key for any given encrypted message containing that 
phrase may be obtained by lookup." [RFC2828]. Given the redundancy of XML, 
and the fact that attackers may know the data's structure applications are 
RECOMMENDED to encrypt data that is varied, either by its own nature or by 
use of the Nonce attribute.

...
     <attribute name="Nonce" type="base64Binary" use="optional"/>
...

Received on Monday, 27 August 2001 15:39:33 UTC