You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by José Ferreiro <jo...@gmail.com> on 2006/08/31 13:50:31 UTC
Why not sign and then encrypt? (Brief explanation)
you have two choices:
1- <param name="action" Value="Signature Encrypt"/>
2- <param name="action" Value="Encrypt Signature"/>
See below for the explanations:
<param name="action" Value="Signature Encrypt"/>
<Header>
<Security>
<Encrypted key> ... </Encrypted key>
<Signature> digest of the element body </Signature>
</Header>
<body>
...encrypted data...
</body>
Problem! People may guess what is the orignial body element, calculate its
digest and compare to this one (in the <signature> element).
On the other hand:
<param name="action" Value="Encrypt Signature"/>
<Header>
<Security>
<Signature> digest of the encrypted element body </Signature>
<Encrypted key> ... </Encrypted key>
</Header>
<body>
...encrypted data...
</body>
People may trry to guess the original body element and encrypt it ant then
calucalte its digest.
However, during encryption a ramdon element is introduced, so the result of
two encryptions will be different,
so this won't work.
Therefore for higher security first encrypt and then sign: -> <param
name="action" Value="Encrypt Signature"/>
Hope this helps someone.
José Ferreiro
--
José Ferreiro
EPFL Communication Systems engineer
ing.sys.com.dipl.EPFL