A Stream-based Implementation of XML Encryption

Abstract

W3C has been working on the standardization of XML Encryption and released its specification as a W3C Proposed Recommendation in 2002. There are several implementations of the specification, all of which are implemented using DOM. However, it is commonly accepted that DOM has higher costs in time and space than other APIs. Also, even if SAX is used, with this kind of API, it is impossible to parse decrypted data both efficiently and correctly. Therefore, we thought of using the Xerces Native Interface (XNI) of Xerces2. Using this API, we prototyped a stream-based implementation of the specification. We also evaluated its performance. As compared with a DOM-based implementation, it achieves a 0.27%-26% reduction in processing time (i.e., 1.0x-1.3x performance) for encryption of XML documents with sizes larger than 2 KB, and 34%-88% (i.e., 1.5x-8.5x) for decryption of XML documents with any sizes.