• Proceedings of the Korea Information Processing Society Conference
• /
• 2013.11a
• /
• pp.824-827
• /
• 2013

블록암호를 사용하여 암호화 할 때 이를 효율적이고 안전하게 암호화하기 위해서 운영모드를 이용한다. 이 때 유효한 암호문이 블록길이와 일치하지 않을 경우 패딩을 사용하게 된다. 만약 공격자가 이 패딩의 옳고 그름을 판단하는 오라클을 알 수 있다면 임의의 암호문에 대응하는 평문을 찾는 공격을 할 수 있는데 이를 패딩 오라클 공격이라 한다. 본 논문에서는 각 패딩방법에 대해 알아보고 CBC 운영 모드의 패딩 오라클 공격에 대한 안전성에 대해 논한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.2
• /
• pp.271-278
• /
• 2015

We use various types of cryptographic algorithms for the protection of personal and sensitive informations in the application environments, such as an internet banking and an electronic commerce. However, recent researches were introduced that if we implement modes of operation, padding method and other cryptographic implementations in a wrong way, then the critical information can be leaked even though the underlying cryptographic algorithms are secure. Among these attacking techniques, the padding oracle attack is representative. In this paper, we analyze the possibility of padding oracle attacks of 12 kinds of padding techniques that can be applied to the CBC operation mode of a block cipher. As a result, we discovered that 3 kinds were safe padding techniques and 9 kinds were unsafe padding techniques. We propose 5 considerations when designing a safe padding techniques to have a resistance to the padding oracle attack through the analysis of three kinds of safe padding techniques.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.16 no.1
• /
• pp.79-85
• /
• 2006

This attack requires an oracle which on receipt of a ciphertext, decrypts it and replies to the sender whether the padding is VALID or INVALID. In this paper we extend these attacks to other kinds of modes of operation for block ciphers. Specifically, we apply the padding oracle attacks to multiple modes of operation with various padding schemes. As a results of this paper, 12 out of total 36 double modes and 22 out of total 216 triple modes are vulnerable to the padding oracle attacks. It means that the 12 double modes and the 22 triple modes exposed to these types of attacks do not offer the better security than single modes.

• KIPS Transactions on Computer and Communication Systems
• /
• v.4 no.2
• /
• pp.73-80
• /
• 2015

In the various application environments on the internet, we use verified cipher algorithm to protect personal information. Even so, if an application method isn't proper, the information you want to keep can be intercepted. One of the representative examples of it is a PADDING ORACLE ATTACK. This thesis studied about STRP, MIKEY, CMS, IPSec, TLS, IPTV, an application environment which apply CBC operational mode based on block cipher and CBC padding method, and about whether we can attack against the Padding Oracle Attack as well as the vulnerable points.

• Journal of KIISE
• /
• v.44 no.6
• /
• pp.637-642
• /
• 2017

Honey Encryption (HE) is a technique to overcome the weakness of a brute-force attack of the existing password-based encryption (PBE). By outputting a plausible plaintext even if the wrong key is entered, it provides message recovery security which an attacker can tolerate even if the attacker tries a brute-force attack against a small entropy secret key. However, application of a cipher that requires encryption padding to the HE present a bigger problem than the conventional PBE method. In this paper, we apply a typical block cipher (AES-128) and a stream cipher (A5 / 1) to verify the problem of padding through the analysis of the sentence frequency and we propose a safe operation method of the HE.