W3C home > Mailing lists > Public > xml-encryption@w3.org > March 2001

RE: Signing encrypted data

From: Amir Herzberg <AMIR@newgenpay.com>
Date: Mon, 26 Mar 2001 12:51:41 +0100
Message-ID: <078EE8822DCFD411AAA1000629D56ADC052288@IMP01>
To: xml-encryption@w3.org
Hal Finney says, 

> I understand now what you mean when you say that you can sign the
> plaintext and not encrypt the signature while retaining security.
> The same technique is used in a MAC, a Message Authentication Code.
> It allows for authentication and non-repudiation only to those who
> share some secret with the signer.  Such techniques are commonly used
> in communication protocols like SSL or IPsec.

Actually, MAC provides authentication but not non-repudiation. The
(standard) technique I suggested provides non-repudiation, where
confidentiality may need to be sacrified when presenting the proof. 
> However it almost sounds like you are claiming that this form 
> of signature
> can be verified by parties who don't have access to the plaintext.
> But clearly a hash-based signature, even if it involves some secret
> material, can only be verified if the plaintext which was hashed is
> available to the verifier.

Two comments:
1. Revealing the plaintext to `prove` is done only as needed and when
needed, and possibly only to a somewhat-trusted entity (judge). [No offense
intended :-)]
2. The signature can also contain components which are not encrypted. Some
entities may be able to authenticate only the non-encrypted parts and the
> You write above that you want to provide non-repudiation 
> "without exposing
> all content to some parties that still need to verify the signature".
> Are you saying that you will not expose some of the SIGNED content to
> a party which is nevertheless able to verify the signature?  
> This is what
> seems impossible.

I hope my clarification above helped to clear things up.

Best regards, 
Amir Herzberg
CTO, NewGenPay Inc. 
Phone: +972-(3)-6958844 x202
Mobile: +972-(54)-985724
Fax: +972-(3)-6954535

See our demo and overview/tutorials on secure e-commerce in
Received on Monday, 26 March 2001 04:48:14 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:02 UTC