[xmlsec] is it possible to do signatures with AES?
Rich Salz
rsalz at datapower.com
Thu Dec 18 13:48:09 PST 2003
> I've been looking into this a bit more. As far as I can tell there are
> no known plaintext attacks against AES. Am I missing something? Or is
> it just bad in theory to add to the number of plaintexts available for a
> key?
Just paranoia; known-plaintext against DES, so eventually probably be the
same thing for any symmetric cipher.
More importantly, since AES is symmetric, anyone who can *verify* a
signature has the key and can therefore *generate* a signature.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
More information about the xmlsec
mailing list