XML Encryption with AES-CBC broken
Juraj Somorovsky and Tibor Jager from Ruhr University Bochum (RUB) found a weakness in the way XML Encryption (W3C standard) messages are processed by compliant implementations.
The attack is chosen-ciphertext type and it only works if AES in CBC mode is used. The standard allows AES-128, AES-256 and AES-192 and 3DES in CBC mode. The attack doesn't work if 3DES is used.
- Zaloguj się lub zarejestruj by odpowiadać
- Generate PDF file
- Wersja do wydruku
Nawigacja
Popularne strony
Logowanie
