[xmlsec] is it possible to do signatures with AES?
Rich Salz
rsalz at datapower.com
Mon Dec 1 13:32:03 PST 2003
> Is it possible to do XML signatures using the AES algorithm instead of
> RSA?
I don't think this makes a lot of sense. Are you saying to do something
like AES-encrypt the SHA-1 message digest? That would be bad -- it
would mean that every signed document is a adding to known-plaintext
attacks against the AES key, for example.
Perhaps you want to use HMAC?
/r$
--
Rich Salz, Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
More information about the xmlsec
mailing list