RE: Attribute encryption from Yongge Wang on 2001-01-17 (xml-encryption@w3.org from January 2001)

From: Yongge Wang <ywang@certicom.com>
Date: Wed, 17 Jan 2001 16:05:38 -0500
To: xml-encryption@w3.org
Message-ID: <852569D7.007565CB.00@smtpmail.certicom.com>

I have two comments for this problem:

1. For a good design of XML files.  There might need no separate encryption of
attributes within one element. For example, in the previous discussions, some
one mentioned
the following example:

<patient  name=".." age=".." contagious="AIDS" CreditCardNumber=".." Price="..">
... </patient>

This is indeed not a good design. Since the information is not in a "block"
style.
A good design for the above example should be something like:

<patient name="..">
    <age> .. </age> <contagious> AIDS</contagious>....
</patient>

That is, the information for one department should be put in one separate
son-element. Then we do not
need to encrypt separate attribute at all.


2. Some one has concern that if we encrypt  a small attribute, then the attacker
may get
the cleartext by encrypting all possible values of the attribute. This is not a
problem since
one can use random  padding before encryption or use probabilistic encryption
schemes.
Of course, in order to do this, we need to support more encryption algorithms.

Yongge







Ed Simon <ed.simon@entrust.com> on 01/17/2001 01:37:33 PM

To:   "'Sanjeev Hirve'" <shirve@cyberelan.com>, xml-encryption@w3.org
cc:    (bcc: Yongge Wang/Certicom)

Subject:  RE: Attribute encryption




If there is sufficient need for encrypting attribute values without
encrypting the whole owner element, and I believe there is, then XML
Encryption should do so.  I have detailed a suggested mechanism in previous
messages.

Regarding "XML provides a uniform way of structuring data;  XML Encryption
provides a uniform way of encrypting XML's primary structures."  This is my
vision of the purpose of XML Encryption.  If the XML Encryption spec falls
short of specifying a standard for encrypting and decrypting the XML
structures important for the significant majority of applications and
systems, then, in my view, the XML Encryption spec has not met its goal.  In
my view, "the XML structures important for the significant majority of
applications and systems" includes XML elements, element content, attribute
values, and referenced arbitrary data (eg. the secret.gif file referenced by
the element "<image src="secret.gif"/>").

Ed

-----Original Message-----
From: Sanjeev Hirve [mailto:shirve@cyberelan.com]
Sent: Wednesday, January 17, 2001 10:29 AM
To: Ed Simon; xml-encryption@w3.org
Subject: Re: Attribute encryption


>One would encrypt a whole XML element when
>one wants to secure the content and the semantics.  If one wants
>to preserve the semantics but secure the content of an element,
>then the result is an encrypted node list.
Ed,
   Do you thus agree that the same reason should be extended to attributes,
since attributes are equivalent to child nodes from the perspective of data
confidentiality.  In other words, it should be possible to encrypt the
attributes of an element and leave its name in clear.
>XML provides a uniform way of structuring data;  XML Encryption
>provides a uniform way of encrypting XML's primary structures.

Dont understand this.  Can you please explain.

Attachments

text/html attachment: Internet HTML

Received on Wednesday, 17 January 2001 16:28:17 UTC