XML Encryption is a specification defined by the W3C as a recommendation that defines how the contents of an XML element are encrypted.
Although XML Encryption can be used to encrypt any data, it is known as “XML Encryption” because the XML element (EncryptedData or EncryptedKey elements) contains or refers to encrypted text, key information, or algorithms.
Both XML Signature and XML Encryption use the KeyInfo element, which refers as a descendant of the SignedInfo, EncryptedData, or EncryptedKey elements, and provides information to the recipient about the keys that are used to verify the signature or decrypt the encrypted data.
The KeyInfo element is optional - it can be attached to the message, or delivered via a secure channel.
An example of using XML Encryption:
<? xml version = '1.0'?>
<PaymentInfo xmlns = 'http://example.org/paymentv2' >
<Name> John Smith </Name>
<EncryptedData Type = 'http://www.w3.org/2001/04/xmlenc#Element'
xmlns = 'http://www.w3.org/2001/04/xmlenc#' >
<CipherData>
<CipherValue> A23B45C56 </CipherValue>
</CipherData>
</EncryptedData>
</PaymentInfo>