> I've been looking into this a bit more. As far as I can tell there are
> no known plaintext attacks against AES. Am I missing something? Or is
> it just bad in theory to add to the number of plaintexts available for a
> key?
Just paranoia; known-plaintext against DES, so eventually probably be the
same thing for any symmetric cipher.
More importantly, since AES is symmetric, anyone who can *verify* a
signature has the key and can therefore *generate* a signature.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xmlsecurity.html
_______________________________________________
xmlsec mailing list
[EMAIL PROTECTED]
http://www.aleksey.com/mailman/listinfo/xmlsec
