- From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- Date: Mon, 12 Nov 2001 18:18:07 +0100
- To: Blair Dillaway <blaird@microsoft.com>, "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>
- Cc: XML Encryption WG <xml-encryption@w3.org>
OK, the solution with the Nonce is good and works. I forgot that possibilty. Thanks, Christian --On Montag, 12. November 2001 08:47 -0800 Blair Dillaway <blaird@microsoft.com> wrote: > I agree with Don on this. Lets not start adding in IV encryption modes. > I disagree with the assertion doing this is a trivial change. It will > end up creating quite a bit more work for implementors and interop > testing. > > The issue Christian describes below is already dealt with through the > use of the optional NONCE value. By placing a NONCE of length larger > than the alg block size, manipulating the IV can only cause the NONCE to > decrypt incorrectly. It will not allow one to manipulate the decrypted > value of the original plain-text. > > Blair
Received on Monday, 12 November 2001 12:15:35 UTC