Loading ...
Sorry, an error occurred while loading the content.

9636Re: [soapbuilders] Re: Super-Encryption AND Digital Signatures

Expand Messages
  • Rich Salz
    Dec 4, 2003
      A simpler fix is for the sender to do SHA1(message), and then
      encrypt (key1+digest) with their private key. That's simpler
      because it's a classic digital signature, and its properties are
      well understood.

      The two biggest problems with your current idea are that
      1. "I" must be online and completely trusted for every single
      message exchange. This gives up all the benefits of public-
      key crypto.
      2. There's no end-to-end security link. What prevents P from
      using his own keypair to forge a message that looks like
      I-on-behalf-of-C?

      A simpler fix for your first scheme might be for the sender to include
      RSA_Encrypt(SHA1(message)) alongside the encrypted key1. Then perhaps
      you include a timestamp, so adversaries can't capture and reply old
      messages.

      I know you think that the standard mechanisms are expensive and full
      of overhead. There's a reason: without them, you leave yourself
      open to various attacks.
      /r$

      --
      Rich Salz Chief Security Architect
      DataPower Technology http://www.datapower.com
      XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
      XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
    • Show all 22 messages in this topic