Browse > Article
http://dx.doi.org/10.7838/jsebs.2015.20.1.089

Padding Oracle Attack on Block Cipher with CBC|CBC-Double Mode of Operation using the BOZ-PAD  

Hwang, Seongjin (Seoul National University of Science and Technology)
Lee, Changhoon (Seoul National University of Science and Technology)
Publication Information
The Journal of Society for e-Business Studies / v.20, no.1, 2015 , pp. 89-97 More about this Journal
Abstract
In the various application environments on the internet, we use verified cipher algorithm to protect personal information of electronic commerce or application environments. Even so, if an application method isn't proper, the information you want to keep can be intercepted. This thesis studied about result of Padding Oracle Attack, an application environment which apply CBC|CBC operational mode based on block cipher and BOZ padding method.
Keywords
Padding Oracle Attack; Information Security; Block Cipher;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 Oh, N. S., Han, Y. S., Eom, C. W., Oh, K. S., Lee, B. G., "Developing the Assessment Method for Information Security Levels," The Journal of Society for e-Business Studies, Vol. 16, No. 2, pp. 159-169, 2011.   DOI
2 Paterson, K. G. and Yau, A., "Padding Oracle Attacks on the ISO CBC Mode Encryption Standard", CT-RSA 2004, LNCS, Vol. 2964, pp. 305-323, Springer-Verlag, 2004.
3 Rizzo, J. and Duong, T., "Practical Padding Oracle Attacks," USENIX WOOT 2010.
4 Seo, Y. J. and Han, S. Y., "An Information Flow Security Based on Protected Area in eCommerce," The Journal of Society for e-Business Studies, Vol. 15, No. 1, pp. 1-16, 2010.
5 Vaudenay, S., "Security Flaws Induced by CBC Padding, Applications to SSL, IPSEC, TLS...", Eurocrypt 2002, LNCS, Vol. 2332, pp. 534-545, Springer-Verlag, 2002.
6 Biham, E., "Cryptanalysis of multiple modes of operation," Lecture Notes in Computer Science, Vol. 917, pp. 278-292, 1995.
7 Black, J. H. and Urtubia, "Side-Channel Attacks on Symmetric Encryption Schemes : The Case for Authenticated Encryption," USENIX, 2002.
8 Jin, C. Y., Kim, A. C., and Lim, J. I., "Correlation Analysis in Information Security Checklist Based on Knowledge Network," The Journal of Society for e-Business Studies, Vol. 19, No. 2, pp. 109-124, 2014.   DOI
9 Klima, V. and Rosa, T., "Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format," eprint, 2003.
10 Lee, T. K., Kim, J. S., Lee, C. H., Sung, J. C., Lee, S. J., and Hong, D. W., "Padding Oracle Attacks on Multiple Modes of Operation," Lecture Notes in Computer Science, Vol. 3506, pp. 343-351, ICISC, 2004.