Skip to main content
Conference ProceedingsOPEN ACCESS

Security flaws induced by cbc padding – Applications to SSL, IPSEC, WTLS

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2002) 2332 534-545
DOI: 10.1007/3-540-46035-7_35
193Citations
Citations of this article
138Readers
Mendeley users who have this article in their library.

This article is free to access.

Abstract

In many standards, e.g. SSL/TLS, IPSEC, WTLS, messages are first pre-formatted, then encrypted in CBC mode with a block cipher. Decryption needs to check if the format is valid. Validity of the format is easily leaked from communication protocols in a chosen ciphertext attack since the receiver usually sends an acknowledgment or an error message. This is a side channel. In this paper we show various ways to perform an efficient side channel attack. We discuss potential applications, extensions to other padding schemes and various ways to fix the problem.

Cite

CITATION STYLE

APA

Vaudenay, S. (2002). Security flaws induced by cbc padding – Applications to SSL, IPSEC, WTLS. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2332, pp. 534–545). Springer Verlag. https://doi.org/10.1007/3-540-46035-7_35

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free