iBet uBet web content aggregator. Adding the entire web to your favor.
iBet uBet web content aggregator. Adding the entire web to your favor.



Link to original content: https://doi.org/10.1007/11596981_9
Error Oracle Attacks on Several Modes of Operation | SpringerLink
Skip to main content
Springer Nature Link
Log in

Error Oracle Attacks on Several Modes of Operation

  • Conference paper
Computational Intelligence and Security (CIS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3802))

Included in the following conference series:

  • 944 Accesses

Abstract

In [7] Vaudenay demonstrated side-channel attacks on CBC-mode encryption, exploiting a “valid padding” oracle. His work showed that several uses of CBC-mode encryption in well-known products and standards were vulnerable to attack when an adversary was able to distinguish between valid and invalid ciphertexts. In [2][5] [6], Black, Paterson,Taekeon et al.generalized these attacks to various padding schemes of CBC-mode encryption and multiple modes of operation. In this paper, we study side-channel attacks on the CFB, CBC| CBC, CFB|CFB, CBC|CBC|CBC, CFB|CFB|CFB modes under the error oracle models, which enable an adversary to determine the correct message with knowledge of ciphertext. It is shown that an attacker can exploit an oracle to efficiently extract the corresponding position plaintext bits of any block if the target plaintext contains some fixed bits in a known position of one block.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Biham, E.: Cryptanalysis of Multiple Modes of Operation. LNCS, vol. 917, pp. 278–292. Springer, London (1994)

    Google Scholar 

  2. Black, J., Urtubia, H.: Side-Channel Attacks on Symmetric Encryption Schemes: The Case for Authenticated Encryption. In: Proc. of 11th USENIX Security Symposium. USENIX, pp. 327–338 (2002)

    Google Scholar 

  3. Mitchell, C.J.: Error Oracle Attacks on CBC Mode: Is There a Future for CBC Mode Encryption? In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 244–258. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. National Bureau of Standards, DES Modes of Operation, FIPS-pub.46, National Bureau of Standards U.S Department of Commerce, Washington D.C (1980)

    Google Scholar 

  5. Paterson, G., Arnold, Y.: Padding Oracle Attacks on the ISO CBC Mode Encryption Standard. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 305–323. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Taekeon, L., Jongsung, K.: Padding Oracle Attacks on Multiple Modes of Operation. In: Park, C.-s., Chee, S. (eds.) ICISC 2004. LNCS, vol. 3506, pp. 343–351. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  7. Vaudenenay, S.: Security Flaws Induced by CBC Padding-Applications to SSL, IPSEC, WTLS. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–545. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Science, Beijing University of Posts and Telecommunications, Beijing, 100876, China

    Fengtong Wen & Qiaoyan Wen

  2. State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing, 100080, China

    Wenling Wu

  3. School of Science, Jinan University, Jinan, 250022, China

    Fengtong Wen

Authors
  1. Fengtong Wen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenling Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qiaoyan Wen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microelectronic Instiute, Xidian University, 710071, Xi’an, China

    Yue Hao

  2. Department of Computer Science, Hong Kong Baptist University, Kowloon Tong, Hong Kong

    Jiming Liu

  3. School of Computer Science and Technology, Xidian University, Xi’an, China

    Yu-Ping Wang

  4. Department of Computer Science, Hong Kong Baptist University, Hong Kong,  

    Yiu-ming Cheung

  5. School of Electrical and Electronic Engineering, University of Manchester, UK

    Hujun Yin

  6. Life Science Research Center, School of Electronic Engineering, Xidian University, 710071, Xi’an, Shaanxi, China

    Licheng Jiao

  7. Key Laboratory of Computer Networks and Information Security(Ministry of Education), Xidian University, 710071, Xi’an, China

    Jianfeng Ma

  8. National Laboratory of Antennas and Microwave Technology, Xidian University, 710071, Xi’an, Shanxi, P.R. China

    Yong-Chang Jiao

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wen, F., Wu, W., Wen, Q. (2005). Error Oracle Attacks on Several Modes of Operation. In: Hao, Y., et al. Computational Intelligence and Security. CIS 2005. Lecture Notes in Computer Science(), vol 3802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596981_9

Download citation

  • DOI: https://doi.org/10.1007/11596981_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30819-5

  • Online ISBN: 978-3-540-31598-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation