Padding Oracle Attacks on CBC-Mode Encryption with Secret and Random IVs
نویسندگان
چکیده
In [8], Paterson and Yau presented padding oracle attacks against a committee draft version of a revision of the ISO CBC-mode encryption standard [3]. Some of the attacks in [8] require knowledge and manipulation of the initialisation vector (IV). The latest draft of the revision of the standard [4] recommends the use of IVs that are secret and random. This obviates most of the attacks of [8]. In this paper we consider the security of CBC-mode encryption against padding oracle attacks in this secret, random IV setting. We present new attacks showing that several ISO padding methods are still weak in this situation.
منابع مشابه
Side Channel Analyses of CBC Mode Encryption
A block cipher encrypts data one block at a time. For bulk data encryption, a block cipher is usually used in a mode of operation. Cipher Block Chaining (CBC) mode encryption is one of the most commonly used modes of operation. The security properties of CBC mode encryption have been studied extensively. One well-known attack against CBC mode encryption allows an attacker, with some restriction...
متن کاملError Oracle Attacks on CBC Mode: Is There a Future for CBC Mode Encryption?
This paper is primarily concerned with the CBC block cipher mode. The impact on the usability of this mode of recently proposed padding oracle attacks, together with other related attacks described in this paper, is considered. For applications where unauthenticated encryption is required, the use of CBC mode is compared with its major symmetric rival, namely the stream cipher. It is argued tha...
متن کاملPractical Padding Oracle Attacks
At Eurocrypt 2002, Vaudenay introduced a powerful side-channel attack, which is called padding oracle attack, against CBC-mode encryption with PKCS#5 padding (See [6]). If there is an oracle which on receipt of a ciphertext, decrypts it and then replies to the sender whether the padding is correct or not, Vaudenay shows how to use that oracle to e ciently decrypt data without knowing the encryp...
متن کاملProvable Security in Practice: Analysis of SSH and CBC mode with Padding
This thesis illustrates and examines the gap that exists between theoretical and practical cryptography. Provable security is a useful tool which allows cryptographers to perform formal security analyses within a strict mathematical framework. Unfortunately, the formal modelling of provable security sometimes fails to match how particular schemes or protocols are implemented in real life. We ex...
متن کاملPadding Oracle Attacks on the ISO CBC Mode Encryption Standard
In [8] Vaudenay presented an attack on block cipher CBCmode encryption when a particular padding method is used. In this paper, we employ a similar approach to analyse the padding methods of the ISO CBC-mode encryption standard. We show that, for several of the padding methods referred to by this standard, we can exploit an oracle returning padding correctness information to efficiently extract...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005