[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message] Re: RE: The sky is falling! XML's dirty secret! Go back!It's
On Thu, 2002-05-30 at 18:46, Mike Champion wrote: > I don't know much about encryption, but from reading about > cryptanalysis in WWWII it would appear that having a "crib" > (a bit of known plaintext) is a useful shortcut to breaking a cipher. > The tags in an XML message are likely to be known (or easily > guessable) by an attacker. So, a straightforward encryption of > an entire XML message might be considerably less secure than > an encryption of a non-self-describing message. I wonder if you could turn that to your advantage by encrypting [element] content using different mechanisms on a per-element basis, and leaving the structure in plaintext. That would leave attackers with a skeleton but only small bits of content to analyze. Dunno. It likely depends on the algorithm used as well as the level of repetition in the content, and attributes are a problem as usual. -- Simon St.Laurent Ring around the content, a pocket full of brackets Errors, errors, all fall down! http://simonstl.com
|
PURCHASE STYLUS STUDIO ONLINE TODAY!Purchasing Stylus Studio from our online shop is Easy, Secure and Value Priced! Download The World's Best XML IDE!Accelerate XML development with our award-winning XML IDE - Download a free trial today! Subscribe in XML format
|