XML Encryption Flaw Leaves Web Services Vulnerable
Source: Information Week - Posted by Dave Wreski   
Cryptography Watch your Web Services: the official XML Encryption Syntax and Processing standard can be broken. So say two researchers from Ruhr-University Bochum in Germany, who have demonstrated a practical attack against XML's cipher block chaining (CBC) mode. "We were able to decrypt data by sending modified ciphertexts to the server, by gathering information from the received error messages," according to a statement released by the researchers, Juraj Somorovsky and Tibor Jager. They presented their findings in detail at last week's ACM Conference on Computer and Communications Security in Chicago.

Read this full article at Information Week

Only registered users can write comments.
Please login or register.

Powered by AkoComment!