Error oracle attacks on CBC mode: is there a future for CBC mode encryption?

Authors:
Chris J. Mitchell
Affiliations:
Information Security Group, Royal Holloway, University of London, Egham, Surrey, UK
Venue:
ISC'05 Proceedings of the 8th international conference on Information Security
Year:
2005

Citing 12
Cited 5

Handbook of Applied Cryptography

Handbook of Applied Cryptography
A New Version of the Stream Cipher SNOW

SAC '02 Revised Papers from the 9th Annual International Workshop on Selected Areas in Cryptography
Tweakable Block Ciphers

CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS ...

EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption

Proceedings of the 11th USENIX Security Symposium
All-or-Nothing Encryption and the Package Transform

FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
A New Keystream Generator MUGI

FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
A Concrete Security Treatment of Symmetric Encryption

FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
OCB: A block-cipher mode of operation for efficient authenticated encryption

ACM Transactions on Information and System Security (TISSEC)
Breaking and provably repairing the SSH authenticated encryption scheme: A case study of the Encode-then-Encrypt-and-MAC paradigm

ACM Transactions on Information and System Security (TISSEC)
User's Guide To Cryptography And Standards (Artech House Computer Security)

User's Guide To Cryptography And Standards (Artech House Computer Security)
Padding oracle attacks on CBC-Mode encryption with secret and random IVs

FSE'05 Proceedings of the 12th international conference on Fast Software Encryption

Immunising CBC Mode Against Padding Oracle Attacks: A Formal Security Treatment

SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
How to break XML encryption

Proceedings of the 18th ACM conference on Computer and communications security
Error oracle attacks on several modes of operation

CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
An attack on CFB mode encryption as used by OpenPGP

SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Authenticated-Encryption with padding: a formal security treatment

Cryptography and Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper is primarily concerned with the CBC block cipher mode. The impact on the usability of this mode of recently proposed padding oracle attacks, together with other related attacks described in this paper, is considered. For applications where unauthenticated encryption is required, the use of CBC mode is compared with its major symmetric rival, namely the stream cipher. It is argued that, where possible, authenticated encryption should be used, and, where this is not possible, a stream cipher would appear to be a superior choice. This raises a major question mark over the future use of CBC mode, except as part of a more complex mode designed to provide authenticated encryption.