Handbook of Applied Cryptography
Handbook of Applied Cryptography
A New Version of the Stream Cipher SNOW
SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS ...
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption
Proceedings of the 11th USENIX Security Symposium
All-or-Nothing Encryption and the Package Transform
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
A New Keystream Generator MUGI
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
A Concrete Security Treatment of Symmetric Encryption
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
OCB: A block-cipher mode of operation for efficient authenticated encryption
ACM Transactions on Information and System Security (TISSEC)
ACM Transactions on Information and System Security (TISSEC)
User's Guide To Cryptography And Standards (Artech House Computer Security)
User's Guide To Cryptography And Standards (Artech House Computer Security)
Padding oracle attacks on CBC-Mode encryption with secret and random IVs
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Immunising CBC Mode Against Padding Oracle Attacks: A Formal Security Treatment
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
Proceedings of the 18th ACM conference on Computer and communications security
Error oracle attacks on several modes of operation
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
An attack on CFB mode encryption as used by OpenPGP
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Authenticated-Encryption with padding: a formal security treatment
Cryptography and Security
Hi-index | 0.00 |
This paper is primarily concerned with the CBC block cipher mode. The impact on the usability of this mode of recently proposed padding oracle attacks, together with other related attacks described in this paper, is considered. For applications where unauthenticated encryption is required, the use of CBC mode is compared with its major symmetric rival, namely the stream cipher. It is argued that, where possible, authenticated encryption should be used, and, where this is not possible, a stream cipher would appear to be a superior choice. This raises a major question mark over the future use of CBC mode, except as part of a more complex mode designed to provide authenticated encryption.