On 2/16/14, 2:24 PM, "John Smith" <[email protected]> wrote:
>Can someone point me to some examples of using XML Encryption and >Signature together in JAVA? Is there a benefit to signing a document if >the entire document is encrypted? The usual encryption algorithms used do not guarantee integrity, and there are attacks related to this. Newer algorithms like AES-GCM include a MAC in the encryption step. But integrity alone, without a path to an attributed key, does not authenticate the source of a document. They are simply unrelated functions for different purposes. -- Scott
