16.1. General Considerations

Let's look at the simplest case, signing and encrypting a single block of data. Should we encrypt and then sign or should we sign and then encrypt? You need to examine each case individually to determine the best option. Even in the case of a single data block, multiple possibilities exist. The following sections describe three general possibilities along with their advantages and disadvantages.

In the absence of other considerations, signing and then encrypting is the best choice. Evidence indicates that, for certain secure symmetric encryption algorithms and secure symmetric authentication algorithms, either authenticating ...

Get Secure XML: The New Syntax for Signatures and Encryption now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.