Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS ...
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption
Proceedings of the 11th USENIX Security Symposium
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Immunising CBC Mode Against Padding Oracle Attacks: A Formal Security Treatment
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Cryptographically verified implementations for TLS
Proceedings of the 15th ACM conference on Computer and communications security
Cryptanalysis of the EPBC authenticated encryption mode
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Practical padding oracle attacks
WOOT'10 Proceedings of the 4th USENIX conference on Offensive technologies
Proceedings of the 18th ACM conference on Computer and communications security
Verified Cryptographic Implementations for TLS
ACM Transactions on Information and System Security (TISSEC) - Special Issue on Computer and Communications Security
Error oracle attacks on CBC mode: is there a future for CBC mode encryption?
ISC'05 Proceedings of the 8th international conference on Information Security
An attack on CFB mode encryption as used by OpenPGP
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Authenticated-Encryption with padding: a formal security treatment
Cryptography and Security
Hi-index | 0.00 |
In [8], Paterson and Yau presented padding oracle attacks against a committee draft version of a revision of the ISO CBC-mode encryption standard [3]. Some of the attacks in [8] require knowledge and manipulation of the initialisation vector (IV). The latest draft of the revision of the standard [4] recommends the use of IVs that are secret and random. This obviates most of the attacks of [8]. In this paper we consider the security of CBC-mode encryption against padding oracle attacks in this secret, random IV setting. We present new attacks showing that several ISO padding methods are still weak in this situation.