Strength in Complexity?

Arshad Noor arshad.noor at strongauth.com
Wed Jul 2 17:21:47 EDT 2008 

Hal Finney wrote:
> 
> An example where this concern might arise would be an overly simplistic
> protocol that used AES in ECB mode - "simple by design", while the
> "encryption purist" advocated GCM, "more difficult to break into" but
> more complex.  Now, I'm sure EKMI is not doing things this way but it
> is an example where "simple" would not look good to "encryption purists".
> 

You are right, Hal.  EKMI does not support AES in ECB mode.

While this may not be acceptable to everyone, in SKSML version 1.0
we have chosen to currently support only the algorithms specified in
XML Encryption (http://www.w3.org/TR/xmlenc-core/#sec-Algorithms):

Block Encryption

        1. REQUIRED TRIPLEDES
           http://www.w3.org/2001/04/xmlenc#tripledes-cbc
        2. REQUIRED AES-128
           http://www.w3.org/2001/04/xmlenc#aes128-cbc
        3. REQUIRED AES-256
           http://www.w3.org/2001/04/xmlenc#aes256-cbc
        4. OPTIONAL AES-192
           http://www.w3.org/2001/04/xmlenc#aes192-cbc

Key Transport

        1. REQUIRED RSA-v1.5
           http://www.w3.org/2001/04/xmlenc#rsa-1_5
        2. REQUIRED RSA-OAEP
           http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p

Message Authentication

        1. RECOMMENDED XML Digital Signature
           http://www.w3.org/2000/09/xmldsig#

Message Digest

        1. REQUIRED SHA1
           http://www.w3.org/2000/09/xmldsig#sha1
        2. RECOMMENDED SHA256
           http://www.w3.org/2001/04/xmlenc#sha256
        3. OPTIONAL SHA512
           http://www.w3.org/2001/04/xmlenc#sha512

Encoding

        1. REQUIRED base64
           http://www.w3.org/2000/09/xmldsig#base64

Even though SHA-384 does not appear on the XMLEnc digest list, we do
support it too (the underlying crypto libraries support it, so it was
no big deal to add it).  We will also recommend that SHA1 not be used,
along the timelines suggested by NIST, despite its appearance on this
list.

I understand that the W3C has started-up the XML Security WG again,
and as these standards are updated, we will follow their work and
support them in EKMI as appropriate.  Should there be requests from
the OASIS community that there be support for algorithms that are not
in XMLEnc, the Technical Committee will discuss and vote on it.

Arshad Noor
StrongAuth, Inc.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list