{"id":"https://openalex.org/W2091797419","doi":"https://doi.org/10.1145/2046707.2046756","title":"How to break XML encryption","display_name":"How to break XML encryption","publication_year":2011,"publication_date":"2011-10-17","ids":{"openalex":"https://openalex.org/W2091797419","doi":"https://doi.org/10.1145/2046707.2046756","mag":"2091797419"},"language":"en","primary_location":{"id":"doi:10.1145/2046707.2046756","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2046707.2046756","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th ACM conference on Computer and communications security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5090157645","display_name":"Tibor Jager","orcid":"https://orcid.org/0000-0002-3205-7699"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Tibor Jager","raw_affiliation_strings":["Horst G\u00f6rtz Institute for IT Security, Chair for Network- and Data Security, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Horst G\u00f6rtz Institute for IT Security, Chair for Network- and Data Security, Bochum, Germany","institution_ids":[]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091741421","display_name":"Juraj Somorovsky","orcid":"https://orcid.org/0000-0002-3593-7720"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Juraj Somorovsky","raw_affiliation_strings":["Horst G\u00f6rtz Institute for IT Security, Chair for Network- and Data Security, Bochum, Germany"],"affiliations":[{"raw_affiliation_string":"Horst G\u00f6rtz Institute for IT Security, Chair for Network- and Data Security, Bochum, Germany","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5090157645"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":8.7519,"has_fulltext":false,"cited_by_count":50,"citation_normalized_percentile":{"value":0.98008887,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"413","last_page":"422"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9988999962806702,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10651","display_name":"IPv6, Mobility, Handover, Networks, Security","score":0.9983999729156494,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.785035252571106},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5421363711357117},{"id":"https://openalex.org/keywords/xml-encryption","display_name":"XML Encryption","score":0.5394389033317566},{"id":"https://openalex.org/keywords/xml-signature","display_name":"XML Signature","score":0.5282748341560364},{"id":"https://openalex.org/keywords/ciphertext","display_name":"Ciphertext","score":0.4535953402519226},{"id":"https://openalex.org/keywords/plaintext","display_name":"Plaintext","score":0.4175351560115814},{"id":"https://openalex.org/keywords/streaming-xml","display_name":"Streaming XML","score":0.4080565273761749},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.40502190589904785},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.3644903302192688},{"id":"https://openalex.org/keywords/efficient-xml-interchange","display_name":"Efficient XML Interchange","score":0.3424495458602905},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.3027295768260956},{"id":"https://openalex.org/keywords/xml","display_name":"XML","score":0.2673487663269043}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.785035252571106},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5421363711357117},{"id":"https://openalex.org/C173242113","wikidata":"https://www.wikidata.org/wiki/Q607488","display_name":"XML Encryption","level":4,"score":0.5394389033317566},{"id":"https://openalex.org/C34330436","wikidata":"https://www.wikidata.org/wiki/Q979532","display_name":"XML Signature","level":4,"score":0.5282748341560364},{"id":"https://openalex.org/C93974786","wikidata":"https://www.wikidata.org/wiki/Q1589480","display_name":"Ciphertext","level":3,"score":0.4535953402519226},{"id":"https://openalex.org/C92717368","wikidata":"https://www.wikidata.org/wiki/Q1162538","display_name":"Plaintext","level":3,"score":0.4175351560115814},{"id":"https://openalex.org/C44883583","wikidata":"https://www.wikidata.org/wiki/Q7622687","display_name":"Streaming XML","level":3,"score":0.4080565273761749},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.40502190589904785},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.3644903302192688},{"id":"https://openalex.org/C11508877","wikidata":"https://www.wikidata.org/wiki/Q1124477","display_name":"Efficient XML Interchange","level":3,"score":0.3424495458602905},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3027295768260956},{"id":"https://openalex.org/C8797682","wikidata":"https://www.wikidata.org/wiki/Q2115","display_name":"XML","level":2,"score":0.2673487663269043}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/2046707.2046756","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2046707.2046756","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 18th ACM conference on Computer and communications security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.6100000143051147}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":19,"referenced_works":["https://openalex.org/W1106092","https://openalex.org/W1500174841","https://openalex.org/W1515849662","https://openalex.org/W1518301672","https://openalex.org/W1567691698","https://openalex.org/W1591554527","https://openalex.org/W1817601911","https://openalex.org/W1965014786","https://openalex.org/W1985774143","https://openalex.org/W2013578787","https://openalex.org/W2038266826","https://openalex.org/W2109256061","https://openalex.org/W2112833606","https://openalex.org/W2113911758","https://openalex.org/W2159840470","https://openalex.org/W2187360174","https://openalex.org/W3022131440","https://openalex.org/W4245444791","https://openalex.org/W6633938976"],"related_works":["https://openalex.org/W1968063342","https://openalex.org/W2182298176","https://openalex.org/W1490314555","https://openalex.org/W2784994761","https://openalex.org/W252540258","https://openalex.org/W2047342127","https://openalex.org/W3096821956","https://openalex.org/W564229925","https://openalex.org/W2046040409","https://openalex.org/W2101607426"],"abstract_inverted_index":{"XML":[0,12,62,117],"Encryption":[1],"was":[2],"standardized":[3],"by":[4,70,92],"W3C":[5],"in":[6,11,29],"2002,":[7],"and":[8,17,24,42,50,78,106],"is":[9,27],"implemented":[10],"frameworks":[13],"of":[14,33,116],"major":[15,34],"commercial":[16],"open-source":[18],"organizations":[19],"like":[20],"Apache,":[21],"redhat,":[22],"IBM,":[23],"Microsoft.":[25],"It":[26],"employed":[28],"a":[30,58,68,75,90,104],"large":[31],"number":[32],"web-based":[35],"applications,":[36],"ranging":[37],"from":[38],"business":[39],"communications,":[40],"e-commerce,":[41],"financial":[43],"services":[44],"over":[45],"healthcare":[46],"applications":[47],"to":[48,66,74],"governmental":[49],"military":[51],"infrastructures.":[52],"In":[53],"this":[54],"work":[55],"we":[56],"describe":[57],"practical":[59,108],"attack":[60],"on":[61,100,111],"Encryption,":[63],"which":[64],"allows":[65],"decrypt":[67,89],"ciphertext":[69,91],"sending":[71],"related":[72],"ciphertexts":[73],"Web":[76],"Service":[77],"evaluating":[79],"the":[80],"server":[81],"response.":[82],"We":[83],"show":[84],"that":[85],"an":[86],"adversary":[87],"can":[88],"performing":[93],"only":[94],"14":[95],"requests":[96],"per":[97],"plaintext":[98],"byte":[99],"average.":[101],"This":[102],"poses":[103],"serious":[105],"truly":[107],"security":[109],"threat":[110],"all":[112],"currently":[113],"used":[114],"implementations":[115],"Encryption.":[118]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2022,"cited_by_count":2},{"year":2021,"cited_by_count":1},{"year":2020,"cited_by_count":3},{"year":2019,"cited_by_count":2},{"year":2018,"cited_by_count":5},{"year":2017,"cited_by_count":3},{"year":2016,"cited_by_count":3},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":6},{"year":2013,"cited_by_count":8},{"year":2012,"cited_by_count":11}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}