About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
CCS 2002
Workshop paper
A Stream-based Implementation of XML Encryption
Abstract
W3C has been working on the standardization of XML Encryption and released its specification as a W3C Proposed Recommendation in 2002. There are several implementations of the specification, all of which are implemented using DOM. However, it is commonly accepted that DOM has higher costs in time and space than other APIs. Also, even if SAX is used, with this kind of API, it is impossible to parse decrypted data both efficiently and correctly. Therefore, we thought of using the Xerces Native Interface (XNI) of Xerces2. Using this API, we prototyped a stream-based implementation of the specification. We also evaluated its performance. As compared with a DOM-based implementation, it achieves a 0.27%-26% reduction in processing time (i.e., 1.0x-1.3x performance) for encryption of XML documents with sizes larger than 2 KB, and 34%-88% (i.e., 1.5x-8.5x) for decryption of XML documents with any sizes.