Super-Encryption
mlong at bridgetonconsulting.com
mlong at bridgetonconsulting.com
Fri Dec 12 09:42:36 EST 2003
Hi,
I've been experimenting with ways to use XML-ENC to compact the wire format
and provide a high degree of security. The following is a notational example
of the the current 'thought' of the methodology. I would like to ask for
input as to potential security holes to this method.
Thx,
-Matt Long
Phalanx Systems, LLC
Summary:
The concept is to super-encrypt a message. The method would:
(1) Encrypt message with symmetric key algorithm, i.e., cipher1
(2) RSA_Encrypt (SHA1(message) + symmetric key) with sender's RSA private key
(3) Encrypt cipher1 with symmetric key algorithm, i.e., cipher2
(4) RSA_Encrypt (symmetric key2) with receiver's RSA public key
(5) Send super-encrypted message
(6) RSA_Decrypt (symmetric key2) with receiver's RSA private key
(7) Decrypt(cipher2)
(8) RSA_Decrypt (symmetric key1), parse out digest, i.e., SHA1(message)
(9) Decrypt(cipher1)
(10) compare digest with SHA1(Decrypt(cipher1))
Sender's Algorithm
SymmetricKey1 = 3DES_IV1, 3DES_Key1
Cipher1 = 3DES_Encrypt(message)
Digest = SHA1(message)
RSA_Key1 = RSA_Private_Encrypt(Digest || 3DES_Key1)
SymmetricKey2 = 3DES_IV2, 3DES_Key2
Cipher2 = 3DES_Encrypt(Cipher1)
RSA_Key2 = RSA_Public_Encrypt(3DES_Key2)
Receiver's Algorithm
3DES_Key2 = RSA_Private_Decrypt(RSA_Key2)
Cipher1 = 3DES_Decrypt(Cipher2)
Digest || 3DES_Key1 = RSA_Public_Decrypt(RSA_Key1)
message = 3DES_Decrypt(Cipher1)
Compare Digest with SHA1(message)
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list