- From: Amir Herzberg <AMIR@newgenpay.com>
- Date: Mon, 3 Sep 2001 09:33:25 +0300
- To: "Xml Encrypt (E-mail)" <xml-encryption@w3.org>
Hi all, I noticed that public key encryption algorithms are included under section 5.4 `key transport` with a specific restriction of their use to encrypting keys: Key Transport algorithms are public key encryption algorithms especially specified for encrypting and decrypting keys. Their identifiers appear as Algorithm attributes to EncryptionMethod elements that are children of EncryptedKey. Why is this? Of course, public key algorithms are inefficient for encrypting long strings, and whenever we need to encrypt long strings, we use `hybrid` modes where the public key alg encrypts a shared key. But there may be some applications where the public key encryption may be applied only to short strings and therefore the designers may wish to use it directly on data. Another reasonable design will be to define an EncryptionMethod which is a `hybrid` mode, e.g. RSA with AES. In this case, the AES key is `internal` to the encryption and there is no need to expose this internal structure by forcing the application to use EncryptedKey. Furthermore, in the future, there may be public key algorithms which are efficient for long messages (without being a simple hybrid). All of this suggests that we should allow EncryptionMethod to specify a public key algorithm (also for EncryptedData), while we can definitely say that _usually_ the public key methods are used only for key transport. Best regards, Amir Herzberg CTO, NewGenPay Inc. http://www.newgenpay.com/Amir/Herzberg.htm SMS (urgent only!): _subject_ of email to aherzberg@walla.co.il
Received on Monday, 3 September 2001 02:33:52 UTC