Simple stream encryption algorithms generate, based on the key, a stream of octets that are XORed with the plain text octets to produce the cipher text on encryption and with the cipher text octets to produce plain text on decryption. They are normally used for the encryption of data. Thus they are specified by the value of the Algorithm attribute of the EncryptionMethod child of an EncryptedData element. See Figure 18-1.
Stream algorithms typically use the optional KeySize explicit parameter. In cases where the key size is not apparent from the algorithm URI or key source, as with key agreement methods, this parameter sets the key size. If the size of the key is apparent and disagrees with the KeySize parameter, the application must return an error. Implementation of any stream algorithms is optional. The schema for the KeySize parameter follows: <!-- KeySize DTD --> <!ELEMENT KeySize (#PCDATA) > In schema syntax, it has the following form: <!-- KeySize Schema --> <simpleType name='KeySizeType'> <restriction base="integer"/> </simpleType> 18.6.1 ARCFOURARCFOUR Identifier http://www.w3.org/2001/04/xmldsig-more#arcfour ARCFOUR is a fast, simple stream encryption algorithm that interoperates with RSA Security's RC4 algorithm. Implementation of ARCFOUR is optional. An example of an ARCFOUR EncryptionMethod follows: <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#arcfour"> <KeySize>40</KeySize> </EncryptionMethod> |