Vulnerability in widely used encryption standard

Researchers from the German University of Ruhr, Juraj Somorovsky and Tibor Jager, breached a popular and widely used encryption for data protection, XML encryption.

This method of encryption is mostly used in network communication, and is used by all big companies like Microsoft, Red Hat and IBM (International Business Machines). For their attack to succeed it doesn’t even matter which encryption algorithm was used to encrypt the data, even one of the most secure ones, AES (Advanced Encryption Standard), can be bypassed. Researchers will present their findings in more detail later this year on a computer and communication security conference ACM. They have informed all big companies on their findings, and Microsoft said that they were looking into which of their programs was affected by the vulnerability, if any, and they forwarded the notion to all their smaller third party developers. Juraj Somorovsky and Tibor Jager said there is no easy way to solve the vulnerability and that XML encryption standard should be abandoned in whole. Original news was published at computerworld web site.