- From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
- Date: Sun, 25 Nov 2001 23:56:20 -0500
- To: Jiandong Guo <jguo@phaos.com>
- cc: xml-encryption@w3.org
A nonce is only useful if there is insufficient entropy in the data being encrypted and there is no other way to conduct a dictionary attack by trying the few possible values. The nonce means that you can't just encrypt each possible value and see if you get the cipher text. If your key has insufficient entropy, a nonce won't help. Someone can try decrypting with the few possible key values and test for plain text. The description could be changed to allow a nonce. But I don't actually see any need. Thanks, Donald From: Jiandong Guo <jguo@phaos.com> Date: Tue, 6 Nov 2001 15:31:48 -0500 (EST) Message-ID: <3BE84A4B.59566C60@phaos.com> Organization: Phaos Technology Corp. To: xml-encryption@w3.org >It seems to me that with the key wrap algorithm specified in section >5.6.2, there is no way >a nonce can be used, although you may still set up one in the >corresponding CipherData >element by the document. > >Jiandong
Received on Monday, 26 November 2001 00:00:17 UTC