You are viewing a plain text version of this content. The canonical link for it is here.

Posted to wss4j-dev@ws.apache.org by José Ferreiro <jo...@gmail.com> on 2006/08/31 13:50:31 UTC

Why not sign and then encrypt? (Brief explanation)

you have two choices:

1- <param name="action" Value="Signature Encrypt"/>
2- <param name="action" Value="Encrypt Signature"/>

See below for the explanations:


<param name="action" Value="Signature Encrypt"/>


<Header>
   <Security>
    <Encrypted key> ... </Encrypted key>
    <Signature> digest of the element body </Signature>
 </Header>

<body>
...encrypted data...
</body>


Problem! People may guess what is the orignial body element, calculate its
digest and compare to this one (in the <signature> element).


On the other hand:

<param name="action" Value="Encrypt Signature"/>

<Header>
   <Security>
        <Signature> digest of the encrypted element body </Signature>
        <Encrypted key> ... </Encrypted key>
 </Header>

<body>
...encrypted data...
</body>

People may trry to guess the original body element and encrypt it ant then
calucalte its digest.
However, during encryption a ramdon element is introduced, so the result of
two encryptions will be different,
so this won't work.

Therefore for higher security first encrypt and then sign: ->  <param
name="action" Value="Encrypt Signature"/>

Hope this helps someone.

José Ferreiro


-- 
José Ferreiro
EPFL Communication Systems engineer
ing.sys.com.dipl.EPFL