W3C home > Mailing lists > Public > xml-encryption@w3.org > January 2002

Re: Password derivation

From: Takeshi Imamura <IMAMU@jp.ibm.com>
Date: Thu, 24 Jan 2002 16:09:23 +0900
To: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Cc: xml-encryption@w3.org
Message-ID: <OF70A5B9FC.9A060359-ON49256B4B.001FC60E@LocalDomain>

Hi Christian,

I think it can be incorporated in the same manner as the other algorithms.
That is, you just specify the identifier of a password-based encryption
algorithm to the EncryptionMethod element and include a KeyName element or
something in the KeyInfo element in order to let a decryptor know a
password for decryption.  I'm not sure whether we should include such
algorithms in the spec, though.

Tokyo Research Laboratory
IBM Research

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
      @w3.org on 2002/01/22 01:25

Sent by:  xml-encryption-request@w3.org

To:   Joseph Reagle <reagle@w3.org>
cc:   xml-encryption@w3.org
Subject:  Password derivation

Hi Joseph,

in [1] section 4.2.10 there is stated:

"4.2.10: Password derivation: Unclear what it means, strike from

I guess I have an idea: Currently, I'm implementing an
XML-Signature/Encryption-based KeyStore (for all the non-Java-Folks, a file
which collects encrypted Keys, Certificates etc). The keys which are used
in EncryptedData elements must be derived from user-supplied passwords.
This means that a mechanism like the one defined in PKCS12 is used to
derive a literal key from a used-supplied passphrase (or in Java lingo, to
create a byte[] key from a char[] passphrase).

Question: How could this be incorporated into XML Encryption?

Example: I want to use #kw-aes256 for wrapping an RSA private key, and the
AES 256 bit key should be derived from a user-supplied pass phrase. Do I
simply say nothing and let the application decide where to get the AES key


[1] W3C XML-Encryption Minutes, Boston, MA, 01 March 2000
Received on Thursday, 24 January 2002 02:09:32 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 23:13:07 UTC