RE: Early Draft Algorithms Section from Frederick J. Hirsch on 2001-05-14 (xml-encryption@w3.org from May 2001)

From: Frederick J. Hirsch <hirsch@zolera.com>
Date: Mon, 14 May 2001 15:24:56 -0400
To: <xml-encryption@w3.org>
Message-ID: <NEBBLPMKCKBLFHBJIHPCAEJMCOAA.hirsch@zolera.com>

I have a couple of questions and comments on the encryption algorithms section.

1. What advantage is there from the "integrity versions" of the alorithms, where
the SHA1 digest of the
encryption result (and possibly IV) is appended to the encryption value?

From a security standpoint, an attacker could simply generate a new encryption
result and associated digest and replace the entire value.

So is this a traditional "checksum" simply to ensure against errors? But doesn't
an inability to decrypt accomplish the same thing?

I think the document needs to explain the intent - I must have missed something
in the earlier discussions.

3. Typos in 5.5.2 CMS Triple DES Key Wrap - encryptes -> encrypts, #6 "Left" ->
Let
Typo in 5.5.3 "sepcified" -> specified

Received on Monday, 14 May 2001 15:21:03 UTC