XML Encryption

XML Encryption allows hiding all or part of the XML document (confidentiality) from anyone other than the private key holder.XML encryption is implemented using shared key (symmetric) cryptography. In shared key cryptography, the data is encrypted and decrypted by the same key. The challenge lies in transporting the shared key to the recipient. This one challenge in shared key cryptography, can simply makes its purpose meaningless. Because any intruder who receives the shared key and simply encrypt the message which is supposed to be confidential to the intended recipient. So the critical aspect is to secure the shared key itself.

This challenge is handled in XML encryption using public key (asymmetric) cryptography. The shared key is encrypted using the recipient's public key and sent to the recipient along with the encrypted data. Notice that both the data and key are encrypted, but both are encrypted using different keys. Data by shared key and key by recipient's public key. Hence the recipient will first decrypt the encrypted key using its private key and retrieve the shared key. Then it uses the shared key to decrypt the encrypted data.

Thus the shared key is transferred securely and the data's confidentiality is also maintained.

It is worth to discuss reg. the shared and public key cryptographies. In public key cryptography there is no need to distribute the encryption key. The public key of the recipient is published and the sender encrypts the data using the public key; and the private key to decrypt the message is possessed only by the recipient. But in public key cryptography, the encryption using public key and the decryption using the private key are much slower when compared to symmetric cryptography. This performance issue becomes more critical when the data is big. Hence it is a common practice to combine the advantages of both the cryptographies. The encryption and decryption is done using the shared key as in symmetric cryptography and the distribution of the shared key is done using public key cryptography. As only the shared key is processed using public key cryptography, the performance issue is neglible when compared to processing the whole data. This same concept is implemented in XML encryption.