Abstract
In [8] Vaudenay presented an attack on block cipher CBC-mode encryption when a particular padding method is used. In this paper, we employ a similar approach to analyse the padding methods of the ISO CBC-mode encryption standard. We show that, for several of the padding methods referred to by this standard, we can exploit an oracle returning padding correctness information to efficiently extract plaintext bits. In particular, for one padding scheme, we can extract all plaintext bits with a near-optimal number of oracle queries. For a second scheme, we can efficiently extract plaintext bits from the last (or last-but-one) ciphertext block, and obtain plaintext bits from other blocks faster than exhaustive search.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Black, J., Urtubia, H.: Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption. In: Proceedings of the 11th USENIX Security Symposium, San Francisco, CA, USA, August 5-9, pp. 327–338 (2002)
Canvel, B., Hiltgen, A., Vaudenay, S., Vuagnoux, M.: Password Interception in a SSL/TLS Channel. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 583–599. Springer, Heidelberg (2003)
ISO/IEC 9797-1: Information technology — Security tehniques — Message Auhentication Codes (MACs) — Part 1: Mechanisms using a block cipher (1999)
ISO/IEC 10116 (2nd edn): Information technology — Security techniques — Modes of operation for an n-bit block cipher (1997)
ISO/IEC 3rd CD 10116 (3rd edn.): Information technology — Security techniques — Modes of operation for an n-bit block cipher (Commitee Draft). 2002.
ISO/IEC FDIS 10118-1: Information technology — Security techniques — Hashfunctions — Part 1: General, Final Draft (2000)
Klima, V., Rosa, T.: Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format. Cryptology ePrint Archive, Report 2003/098 (2003)
Vaudenay, S.: Security Flaws Induced by CBC Padding — Applications to SSL, IPSEC, WTLS.. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Paterson, K.G., Yau, A. (2004). Padding Oracle Attacks on the ISO CBC Mode Encryption Standard. In: Okamoto, T. (eds) Topics in Cryptology – CT-RSA 2004. CT-RSA 2004. Lecture Notes in Computer Science, vol 2964. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24660-2_24
Download citation
DOI: https://doi.org/10.1007/978-3-540-24660-2_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20996-6
Online ISBN: 978-3-540-24660-2
eBook Packages: Springer Book Archive