[xmlsec] is it possible to do signatures with AES?

Rich Salz rsalz at datapower.com
Mon Dec 1 13:32:03 PST 2003

> Is it possible to do XML signatures using the AES algorithm instead of
> RSA?

I don't think this makes a lot of sense.  Are you saying to do something 
like AES-encrypt the SHA-1 message digest?  That would be bad -- it 
would mean that every signed document is a adding to known-plaintext 
attacks against the AES key, for example.

Perhaps you want to use HMAC?

Rich Salz, Chief Security Architect
DataPower Technology                           http://www.datapower.com
XS40 XML Security Gateway   http://www.datapower.com/products/xs40.html
XML Security Overview  http://www.datapower.com/xmldev/xmlsecurity.html

More information about the xmlsec mailing list