Strength in Complexity?
Arshad Noor
arshad.noor at strongauth.com
Wed Jul 2 17:21:47 EDT 2008
Hal Finney wrote:
>
> An example where this concern might arise would be an overly simplistic
> protocol that used AES in ECB mode - "simple by design", while the
> "encryption purist" advocated GCM, "more difficult to break into" but
> more complex. Now, I'm sure EKMI is not doing things this way but it
> is an example where "simple" would not look good to "encryption purists".
>
You are right, Hal. EKMI does not support AES in ECB mode.
While this may not be acceptable to everyone, in SKSML version 1.0
we have chosen to currently support only the algorithms specified in
XML Encryption (http://www.w3.org/TR/xmlenc-core/#sec-Algorithms):
Block Encryption
1. REQUIRED TRIPLEDES
http://www.w3.org/2001/04/xmlenc#tripledes-cbc
2. REQUIRED AES-128
http://www.w3.org/2001/04/xmlenc#aes128-cbc
3. REQUIRED AES-256
http://www.w3.org/2001/04/xmlenc#aes256-cbc
4. OPTIONAL AES-192
http://www.w3.org/2001/04/xmlenc#aes192-cbc
Key Transport
1. REQUIRED RSA-v1.5
http://www.w3.org/2001/04/xmlenc#rsa-1_5
2. REQUIRED RSA-OAEP
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p
Message Authentication
1. RECOMMENDED XML Digital Signature
http://www.w3.org/2000/09/xmldsig#
Message Digest
1. REQUIRED SHA1
http://www.w3.org/2000/09/xmldsig#sha1
2. RECOMMENDED SHA256
http://www.w3.org/2001/04/xmlenc#sha256
3. OPTIONAL SHA512
http://www.w3.org/2001/04/xmlenc#sha512
Encoding
1. REQUIRED base64
http://www.w3.org/2000/09/xmldsig#base64
Even though SHA-384 does not appear on the XMLEnc digest list, we do
support it too (the underlying crypto libraries support it, so it was
no big deal to add it). We will also recommend that SHA1 not be used,
along the timelines suggested by NIST, despite its appearance on this
list.
I understand that the W3C has started-up the XML Security WG again,
and as these standards are updated, we will follow their work and
support them in EKMI as appropriate. Should there be requests from
the OASIS community that there be support for algorithms that are not
in XMLEnc, the Technical Committee will discuss and vote on it.
Arshad Noor
StrongAuth, Inc.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list