[xmlsec] is it possible to do signatures with AES?
Mark Ivey
zovirl1_list at sbcglobal.net
Thu Dec 18 09:40:23 PST 2003
I've been looking into this a bit more. As far as I can tell there are
no known plaintext attacks against AES. Am I missing something? Or is
it just bad in theory to add to the number of plaintexts available for a
key?
-Mark Ivey-
On Mon, 2003-12-01 at 13:35, Mark Ivey wrote:
> On Mon, 2003-12-01 at 13:32, Rich Salz wrote:
> > > Is it possible to do XML signatures using the AES algorithm instead of
> > > RSA?
> >
> > I don't think this makes a lot of sense. Are you saying to do something
> > like AES-encrypt the SHA-1 message digest? That would be bad -- it
> > would mean that every signed document is a adding to known-plaintext
> > attacks against the AES key, for example.
> >
> > Perhaps you want to use HMAC?
> > /r$
>
> Oh, that explains why I couldn't find any info on how to do it. Thanks
> :)
>
> -Mark Ivey-
>
> _______________________________________________
> xmlsec mailing list
> xmlsec at aleksey.com
> http://www.aleksey.com/mailman/listinfo/xmlsec
More information about the xmlsec
mailing list