HOME

TheInfoList



Click Here for Items Related To - XML Encryption
OR:
XML Encryption on:   [Wikipedia]   [Google]   [Amazon]

XML Encryption (XML-Enc) is a specification governed by a
World Wide Web Consortium The World Wide Web Consortium (W3C) is the main international standards organization for the World Wide Web. Founded in 1994 by Tim Berners-Lee, the consortium is made up of member organizations that maintain full-time staff working together in ...
(W3C) recommendation, that defines how to
encrypt In cryptography, encryption (more specifically, encoding) is the process of transforming information in a way that, ideally, only authorized parties can decode. This process converts the original representation of the information, known as plai ...
the contents of an
XML Extensible Markup Language (XML) is a markup language and file format for storing, transmitting, and reconstructing data. It defines a set of rules for encoding electronic document, documents in a format that is both human-readable and Machine-r ...
element.


Specification

Although XML Encryption can be used to encrypt any kind of data, it is nonetheless known as "XML Encryption" because an XML element (either an EncryptedData or EncryptedKey element) contains or refers to the cipher text, keying information, and algorithms. Both XML Signature and XML Encryption use the KeyInfo element, which appears as the child of a SignedInfo, EncryptedData, or EncryptedKey element and provides information to a recipient about what keying material to use in validating a signature or decrypting encrypted data. The KeyInfo element is optional: it can be attached in the message, or be delivered through a secure channel. XML Encryption is different from and unrelated to
Transport Layer Security Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network, such as the Internet. The protocol is widely used in applications such as email, instant messaging, and voice over ...
(TLS), which is used to send encrypted messages (including XML content, both encrypted and otherwise) over the internet. reported that this specification has severe security concerns. In response to this, the specification of XML Encryption 1.1 published in 2013 included a
Galois/Counter Mode In cryptography, Galois/Counter Mode (GCM) is a mode of operation for symmetric-key cryptographic block ciphers which is widely adopted for its performance. GCM throughput rates for state-of-the-art, high-speed communication channels can be achi ...
block cypher algorithm.


References


Citations


Sources

* * * * * * *


External links


W3C info

Apache Santuario - Apache XML Security Implementation for Java and C++

XMLSec - XML Security Library for C


{{W3C standards XML Cryptography standards XML-based standards