Skip to main content
SpringerLink
Log in

Padding Oracle Attacks on the ISO CBC Mode Encryption Standard

  • Conference paper
Topics in Cryptology – CT-RSA 2004 (CT-RSA 2004)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2964))

Included in the following conference series:

Abstract

In [8] Vaudenay presented an attack on block cipher CBC-mode encryption when a particular padding method is used. In this paper, we employ a similar approach to analyse the padding methods of the ISO CBC-mode encryption standard. We show that, for several of the padding methods referred to by this standard, we can exploit an oracle returning padding correctness information to efficiently extract plaintext bits. In particular, for one padding scheme, we can extract all plaintext bits with a near-optimal number of oracle queries. For a second scheme, we can efficiently extract plaintext bits from the last (or last-but-one) ciphertext block, and obtain plaintext bits from other blocks faster than exhaustive search.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Black, J., Urtubia, H.: Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption. In: Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA, August 5-9, pp. 327–338 (2002)

    Google Scholar 

  2. Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password Interception in a SSL/TLS Channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  3. ISO/IEC 9797-1: Information technology — Security tehniques — Message Auhentication Codes (MACs) — Part 1: Mechanisms using a block cipher (1999)

    Google Scholar 

  4. ISO/IEC 10116 (2nd edn): Information technology — Security techniques — Modes of operation for an n-bit block cipher (1997)

    Google Scholar 

  5. ISO/IEC 3rd CD 10116 (3rd edn.): Information technology — Security techniques — Modes of operation for an n-bit block cipher (Commitee Draft). 2002.

    Google Scholar 

  6. ISO/IEC FDIS 10118-1: Information technology — Security techniques — Hashfunctions — Part 1: General, Final Draft (2000)

    Google Scholar 

  7. Klima, V., Rosa, T.: Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format. Cryptology ePrint Archive, Report 2003/098 (2003)

    Google Scholar 

  8. Vaudenay, S.: Security Flaws Induced by CBC Padding — Applications to SSL, IPSEC, WTLS.. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

    Kenneth G. Paterson & Arnold Yau

Authors
  1. Kenneth G. Paterson
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Arnold Yau
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. NTT, 3-9-11 Midori-cho, Musashino-shi, 180-8585, Tokyo, Japan

    Tatsuaki Okamoto

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Paterson, K.G., Yau, A. (2004). Padding Oracle Attacks on the ISO CBC Mode Encryption Standard. In: Okamoto, T. (eds) Topics in Cryptology – CT-RSA 2004. CT-RSA 2004. Lecture Notes in Computer Science, vol 2964. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24660-2_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24660-2_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20996-6

  • Online ISBN: 978-3-540-24660-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation