OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

ebxml-msg message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Subject: Re: [ebxml-msg] Sign and Encrypt

   Date: Mon, 05 Nov 2001 12:43:23 -0500
   From: "Miller, Robert (GXS)" <Robert.Miller@gxs.ge.com>

I agree with David Fischer: almost always, you want to sign and
then encrypt rather than the other way.

   Well now, the 'King' sealed his envelopes with a wax stamp using the ring he
   wore on his hand.

   Having provided some precedence for 'encrypt then sign', 

I don't think this is an example of "encrypt then sign".  It's more
like doing both at once: the sealing wax ensures confidentiality,
integrity, and authenticity, all at once.

Problems with "encrypt then sign" include:

If Alice encrypts-then-signs a message and sends it to Bob, Bob can
decrypt it and verify the signature, but if Bob wants to show it to
Carol, and passes on the original message and cleartext, Carol might
accuse Bob of lying about which letter arrived in which envelope.
With sign-then-encrypt, Bob can decrypt and then give the signed
message to Carol.

With sign-then-encrypt, an adversary can't remove a signature from
the message and add his own.

And if the text to be signed is not visible to the signer (because
it's encrypted), the signature may have little legal force.

Reference: "Applied Cryptography" by Bruce Schnier, section
2.7 "Digital Signatures with Encryption".

-- Dan

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]

Powered by eList eXpress LLC