Re: Signing and Encryption

> I agree that signature needs to be encrypted, but I'm not sure why entire
> signed data also needs to be encrypted.  Encrypting any portion of signed

At least the <SignedInfo> element should be encrypted. that contains the
the hash value, which makes the Dictionary attack possible.

> data will make signature invalid, but to recover the signature, we
> introduce EncryptedReference element.  The element can be used as follows
> (I wrote before that the element may appear within ds:SignaturePropery
> element, but I changed my mind ...).

Received on Friday, 26 January 2001 10:03:06 UTC