Researchers Crack XML Encryption Mechanism, Propose New Standard

A flaw in XML Encryption leaves major Web services vulnerable to potential attack unless Apache, Red Hat, IBM, Microsoft, and other major XML framework providers adopt a new standard –
Security researchers have cracked the major XML framework used to encrypt data in major Web applications.

Two researchers from Germany’s Ruhr-University demonstrated a practical attack against XML’s cipher block chaining module at the ACM Conference on Computer and Communications Security in C…