1196:
1202:
261:
497:
507:
97:
reported that this specification has severe security concerns. In response to this, the specification of XML Encryption 1.1 published in 2013 included a
1054:
517:
1190:
788:
331:
46:
Although XML Encryption can be used to encrypt any kind of data, it is nonetheless known as "XML Encryption" because an XML element (either an
838:
250:
207:
1076:
864:
502:
77:
element and provides information to a recipient about what keying material to use in validating a signature or decrypting encrypted data.
480:
177:
Imamura, T.; Dillaway, B.; Simon, E.; Yiu, K.; NystrΓΆm, M. (11 April 2013). Eastlake, D.; Reagle, J.; Hirsch, F.; Roessler, T. (eds.).
921:
770:
591:
228:"Technical Analysis of Countermeasures against Attack on XML Encryption β or β Just Another Motivation for Authenticated Encryption"
1033:
527:
1231:
911:
678:
485:
880:
91:(TLS), which is used to send encrypted messages (including XML content, both encrypted and otherwise) over the internet.
1236:
1002:
885:
450:
324:
798:
976:
780:
460:
418:
371:
358:
340:
27:
272:
532:
386:
88:
916:
813:
808:
423:
401:
926:
720:
317:
992:
522:
475:
413:
304:
606:
445:
227:
1151:
1143:
643:
470:
428:
98:
84:
element is optional: it can be attached in the message, or be delivered through a secure channel.
1167:
1159:
1082:
952:
537:
218:
997:
1135:
1023:
1018:
579:
246:
203:
653:
238:
195:
931:
818:
406:
164:
Imamura, T.; Dillaway, B.; Simon, E. (10 December 2002). Eastlake, D.; Reagle, J. (eds.).
890:
848:
396:
178:
165:
1220:
730:
658:
648:
574:
381:
58:
54:
element) contains or refers to the cipher text, keying information, and algorithms.
1226:
309:
765:
616:
1127:
1059:
1028:
586:
569:
366:
263:
One Bad Apple: Backwards
Compatibility Attacks on State-of-the-Art Cryptography
1112:
638:
596:
559:
490:
192:
Proceedings of the 18th ACM Conference on
Computer and Communications Security
750:
688:
242:
199:
190:
Jager, T.; Somorovsky, J. (19 October 2011). "How to break XML encryption".
700:
668:
628:
564:
376:
1087:
843:
693:
455:
31:
295:
Apache
Santuario - Apache XML Security Implementation for Java and C++
1117:
1038:
906:
828:
710:
663:
601:
554:
465:
289:
271:
Kupser, D.; Mainka, C.; Schwenk, J.; Somorovsky, J. (August 2015).
833:
803:
793:
755:
705:
683:
673:
611:
549:
544:
438:
299:
823:
725:
512:
433:
294:
313:
305:
An
Introduction to XML Signature and XML Encryption with XMLSec
947:
760:
715:
623:
391:
182:
169:
35:
146:
260:
Jager, T.; Paterson, K. G.; Somorovsky, J. (24 April 2013).
277:. 9th USENIX Workshop on Offensive Technologies (WOOT '15).
194:. New York: Association for Computing Machinery: 413β422.
219:"Functional Explanation of Changes in XML Encryption 1.1"
134:
1183:
1126:
1101:
1069:
1047:
1011:
985:
965:
940:
899:
873:
857:
779:
743:
357:
348:
179:"XML Encryption Syntax and Processing Version 1.1"
87:XML Encryption is different from and unrelated to
94:
325:
8:
16:W3C specification for XML element encryption
274:How to Break XML Encryption β Automatically
235:2012 IEEE Eighth World Congress on Services
1105:
969:
354:
332:
318:
310:
30:(W3C) recommendation, that defines how to
226:Somorovsky, J.; Schwenk, J. (June 2012).
65:element, which appears as the child of a
1191:International World Wide Web Conference
135:Jager, Paterson & Somorovsky (2013)
115:
166:"XML Encryption Syntax and Processing"
122:
7:
865:Web Content Accessibility Guidelines
300:XMLSec - XML Security Library for C
26:) is a specification governed by a
14:
217:Hirsch, F., ed. (11 April 2013).
1088:Multimodal Interaction Activity
1048:Community & business groups
1:
95:Jager & Somorovsky (2011)
886:Web Accessibility Initiative
1171:(browser/editor, 1996β2012)
61:and XML Encryption use the
1253:
1108:
977:World Wide Web Foundation
972:
881:Markup Validation Service
461:Linked Data Notifications
341:World Wide Web Consortium
28:World Wide Web Consortium
101:block cypher algorithm.
89:Transport Layer Security
243:10.1109/SERVICES.2012.6
200:10.1145/2046707.2046756
1232:Cryptography standards
266:. NDSS Symposium 2013.
147:Kupser et al. (2015)
1237:XML-based standards
99:Galois/Counter Mode
34:the contents of an
1197:Steering Committee
1077:Device Description
1055:Web Advertising BG
1214:
1213:
1179:
1178:
1097:
1096:
961:
960:
252:978-1-4673-3053-4
209:978-1-4503-0948-6
1244:
1203:First conference
1172:
1164:
1156:
1148:
1140:
1106:
970:
953:XHTML+MathML+SVG
372:Activity Streams
355:
334:
327:
320:
311:
278:
267:
256:
232:
222:
213:
186:
173:
150:
144:
138:
132:
126:
120:
83:
76:
72:
68:
64:
53:
49:
1252:
1251:
1247:
1246:
1245:
1243:
1242:
1241:
1217:
1216:
1215:
1210:
1175:
1170:
1162:
1154:
1146:
1138:
1122:
1093:
1065:
1043:
1007:
981:
957:
936:
895:
869:
853:
819:SMIL Timesheets
775:
739:
644:Information Set
429:Geolocation API
359:Recommendations
350:
344:
338:
286:
281:
270:
259:
253:
230:
225:
216:
210:
189:
176:
163:
159:
154:
153:
145:
141:
133:
129:
121:
117:
112:
107:
81:
74:
70:
66:
62:
51:
47:
44:
17:
12:
11:
5:
1250:
1248:
1240:
1239:
1234:
1229:
1219:
1218:
1212:
1211:
1209:
1208:
1207:
1206:
1205:("WWW1", 1994)
1200:
1187:
1185:
1181:
1180:
1177:
1176:
1174:
1173:
1165:
1157:
1149:
1141:
1132:
1130:
1124:
1123:
1121:
1120:
1115:
1109:
1103:
1099:
1098:
1095:
1094:
1092:
1091:
1085:
1080:
1073:
1071:
1067:
1066:
1064:
1063:
1057:
1051:
1049:
1045:
1044:
1042:
1041:
1036:
1031:
1026:
1021:
1015:
1013:
1012:Working groups
1009:
1008:
1006:
1005:
1000:
995:
989:
987:
986:Elected groups
983:
982:
980:
979:
973:
967:
963:
962:
959:
958:
956:
955:
950:
944:
942:
938:
937:
935:
934:
929:
924:
919:
914:
909:
903:
901:
897:
896:
894:
893:
891:Web Components
888:
883:
877:
875:
871:
870:
868:
867:
861:
859:
855:
854:
852:
851:
849:XMLHttpRequest
846:
841:
836:
831:
826:
821:
816:
811:
806:
801:
796:
791:
785:
783:
781:Working drafts
777:
776:
774:
773:
768:
763:
758:
753:
747:
745:
741:
740:
738:
737:
736:
735:
734:
733:
723:
718:
713:
708:
703:
698:
697:
696:
691:
681:
676:
671:
666:
661:
656:
651:
646:
641:
636:
631:
621:
620:
619:
609:
604:
599:
594:
589:
584:
583:
582:
572:
567:
562:
557:
552:
547:
542:
541:
540:
538:Filter Effects
530:
525:
520:
515:
510:
505:
500:
495:
494:
493:
483:
478:
473:
468:
463:
458:
453:
448:
443:
442:
441:
431:
426:
421:
416:
411:
410:
409:
404:
399:
389:
384:
379:
374:
369:
363:
361:
352:
346:
345:
339:
337:
336:
329:
322:
314:
308:
307:
302:
297:
292:
285:
284:External links
282:
280:
279:
268:
257:
251:
223:
214:
208:
187:
174:
160:
158:
155:
152:
151:
139:
127:
114:
113:
111:
108:
106:
103:
43:
40:
20:XML Encryption
15:
13:
10:
9:
6:
4:
3:
2:
1249:
1238:
1235:
1233:
1230:
1228:
1225:
1224:
1222:
1204:
1201:
1198:
1195:
1194:
1192:
1189:
1188:
1186:
1182:
1169:
1166:
1161:
1158:
1153:
1150:
1145:
1142:
1137:
1134:
1133:
1131:
1129:
1125:
1119:
1116:
1114:
1111:
1110:
1107:
1104:
1100:
1089:
1086:
1084:
1081:
1078:
1075:
1074:
1072:
1070:Closed groups
1068:
1061:
1058:
1056:
1053:
1052:
1050:
1046:
1040:
1037:
1035:
1032:
1030:
1027:
1025:
1022:
1020:
1017:
1016:
1014:
1010:
1004:
1001:
999:
996:
994:
991:
990:
988:
984:
978:
975:
974:
971:
968:
966:Organizations
964:
954:
951:
949:
946:
945:
943:
939:
933:
930:
928:
925:
923:
920:
918:
915:
913:
910:
908:
905:
904:
902:
898:
892:
889:
887:
884:
882:
879:
878:
876:
872:
866:
863:
862:
860:
856:
850:
847:
845:
842:
840:
837:
835:
832:
830:
827:
825:
822:
820:
817:
815:
812:
810:
807:
805:
802:
800:
797:
795:
792:
790:
787:
786:
784:
782:
778:
772:
769:
767:
764:
762:
759:
757:
754:
752:
749:
748:
746:
742:
732:
729:
728:
727:
724:
722:
719:
717:
714:
712:
709:
707:
704:
702:
699:
695:
692:
690:
687:
686:
685:
682:
680:
677:
675:
672:
670:
667:
665:
662:
660:
657:
655:
652:
650:
647:
645:
642:
640:
637:
635:
632:
630:
627:
626:
625:
622:
618:
615:
614:
613:
610:
608:
605:
603:
600:
598:
595:
593:
590:
588:
585:
581:
578:
577:
576:
573:
571:
568:
566:
563:
561:
558:
556:
553:
551:
548:
546:
543:
539:
536:
535:
534:
531:
529:
526:
524:
521:
519:
516:
514:
511:
509:
506:
504:
501:
499:
496:
492:
489:
488:
487:
484:
482:
479:
477:
474:
472:
469:
467:
464:
462:
459:
457:
454:
452:
449:
447:
444:
440:
437:
436:
435:
432:
430:
427:
425:
422:
420:
417:
415:
412:
408:
405:
403:
400:
398:
395:
394:
393:
390:
388:
385:
383:
382:Canonical XML
380:
378:
375:
373:
370:
368:
365:
364:
362:
360:
356:
353:
347:
342:
335:
330:
328:
323:
321:
316:
315:
312:
306:
303:
301:
298:
296:
293:
291:
288:
287:
283:
276:
275:
269:
265:
264:
258:
254:
248:
244:
240:
236:
229:
224:
220:
215:
211:
205:
201:
197:
193:
188:
184:
180:
175:
171:
167:
162:
161:
156:
148:
143:
140:
136:
131:
128:
124:
119:
116:
109:
104:
102:
100:
96:
92:
90:
85:
78:
71:EncryptedData
60:
59:XML Signature
55:
48:EncryptedData
42:Specification
41:
39:
37:
33:
29:
25:
21:
633:
349:Products and
273:
262:
234:
191:
142:
130:
125:, section 2.
118:
93:
86:
79:
75:EncryptedKey
56:
52:EncryptedKey
45:
23:
19:
18:
1184:Conferences
1060:WebAssembly
1029:WebAssembly
932:WebPlatform
587:Web storage
570:WebAssembly
367:ActivityPub
1221:Categories
1113:CERN httpd
900:Deprecated
874:Initiative
858:Guidelines
766:XHTML+SMIL
634:Encryption
597:Webmention
560:Timed text
397:Animations
123:XMLENC 1.0
105:References
67:SignedInfo
1163:(1994β97)
1155:(1994β97)
1147:(1993β98)
1136:Line Mode
941:Obsoleted
751:IndieAuth
659:Signature
649:Namespace
446:IndexedDB
424:EmotionML
351:standards
110:Citations
38:element.
1128:Browsers
1102:Software
1034:WebAuthn
731:elements
701:XPointer
669:XInclude
565:VoiceXML
471:Micropub
290:W3C info
237:. IEEE.
1199:(IW3C2)
1193:(IW3C)
1139:(1990β)
844:XFrames
456:JSON-LD
402:Flexbox
157:Sources
82:KeyInfo
63:KeyInfo
32:encrypt
24:XML-Enc
1118:Libwww
1079:(DDWG)
1039:WHATWG
907:C-HTML
829:WebGPU
721:XSL-FO
711:XQuery
664:XForms
654:Schema
639:Events
602:WebSub
555:SPARQL
491:Schema
466:MathML
249:
221:. W3C.
206:
1168:Amaya
1152:Agora
1144:Arena
1090:(MMI)
998:Board
834:WebXR
804:InkML
794:CURIE
789:CCXML
756:XAdES
744:Notes
706:XProc
684:XPath
674:XLink
617:+RDFa
612:XHTML
550:SHACL
545:SCXML
439:HTML5
343:(W3C)
231:(PDF)
73:, or
57:Both
1160:Argo
1083:HTML
922:PGML
917:JSSS
912:HDML
839:XFDL
824:sXBL
726:XSLT
629:Base
607:WOFF
592:WSDL
528:SSML
518:SRGS
513:SOAP
508:SMIL
503:SKOS
498:SISR
434:HTML
407:Grid
377:ARIA
247:ISBN
204:ISBN
80:The
1227:XML
1024:SVG
1019:CSS
1003:TAG
948:P3P
927:VML
814:RIF
809:MSE
799:EME
771:XUP
761:XBL
716:XSL
694:3.x
689:2.0
679:XOP
624:XML
575:WoT
533:SVG
523:SRI
486:RDF
481:PLS
476:OWL
451:ITS
419:EXI
414:DOM
392:CSS
387:CDF
239:doi
196:doi
183:W3C
170:W3C
50:or
36:XML
1223::
1062:CG
993:AB
580:TD
245:.
233:.
202:.
181:.
168:.
69:,
333:e
326:t
319:v
255:.
241::
212:.
198::
185:.
172:.
149:.
137:.
22:(
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.