The XML Encryption specification defines a number of ways in which XML documents are encrypted and decrypted.

The following options are provided:

  • Encrypting the entire XML document
  • Encryption of a single element and its sub-elements of
  • Encryption of the content of an XML element
  • Encryption for multiple recipients

These are some special elements. The most important are:

  • EncryptedData is the enclosing tag for XML encryption. The "Type" attribute informs whether an entire XML element or just the content of the element to be encrypted. The "Type" attribute is optional.
  • EncryptionMethod describes the algorithm used for encryption. The element is optional. If this element is not used, the encryption algorithm must be known to the receiver.
  • KeyInfo is also an optional element, which may include information about the key with which the data has been encrypted.
  • CipherData is the encrypted element. It either contains one or more elements CipherValue or a reference to the encrypted data ( CipherReference ).
  • CipherValue contains the encrypted data.
  • CipherReference is a reference to the encrypted data.


In a payment transaction on the Internet the following XML data could occur:

        John Smith < / name >             4019 2445 0277 5567        Example Bank        04 /02      < / Credit Card>    One way to protect the sensitive credit card information is to encrypt the entire element, " Credit Card ".

        John Smith < / name >      < EncryptedData Type = ' http://www.w3.org/2001/04/xmlenc # element '       xmlns = ' http://www.w3.org/2001/04/xmlenc #' >                 A23B45C56                see also

XML Signature