论文信息 - Error Oracle Attacks on Several Modes of Operation

Error Oracle Attacks on Several Modes of Operation

In [7] Vaudenay demonstrated side-channel attacks on CBC-mode encryption, exploiting a “valid padding” oracle. His work showed that several uses of CBC-mode encryption in well-known products and standards were vulnerable to attack when an adversary was able to distinguish between valid and invalid ciphertexts. In [2][5] [6], Black, Paterson,Taekeon et al.generalized these attacks to various padding schemes of CBC-mode encryption and multiple modes of operation. In this paper, we study side-channel attacks on the CFB, CBC| CBC, CFB|CFB, CBC|CBC|CBC, CFB|CFB|CFB modes under the error oracle models, which enable an adversary to determine the correct message with knowledge of ciphertext. It is shown that an attacker can exploit an oracle to efficiently extract the corresponding position plaintext bits of any block if the target plaintext contains some fixed bits in a known position of one block.

Qiaoyan Wen | Wenling Wu | Fengtong Wen

[1] John Black,et al. Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption , 2002, USENIX Security Symposium.

[2] Tatsuaki Okamoto. Topics in Cryptology – CT-RSA 2004 , 2004, Lecture Notes in Computer Science.

[3] Eli Biham. Cryptanalysis of Multiple Modes of Operation , 1994, ASIACRYPT.

[4] Kenneth G. Paterson,et al. Padding Oracle Attacks on the ISO CBC Mode Encryption Standard , 2004, CT-RSA.

[5] Jongsung Kim,et al. Padding Oracle Attacks on Multiple Modes of Operation , 2004, ICISC.

[6] Aggelos Kiayias,et al. Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[7] Choonsik Park,et al. Information Security and Cryptology - ICISC 2004, 7th International Conference, Seoul, Korea, December 2-3, 2004, Revised Selected Papers , 2005, ICISC.

[8] Chris J. Mitchell,et al. Error Oracle Attacks on CBC Mode: Is There a Future for CBC Mode Encryption? , 2005, ISC.

[9] Serge Vaudenay,et al. Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS , 2002, EUROCRYPT.