Abstract
We use various types of cryptographic algorithms for the protection of personal and sensitive informations in the application environments, such as an internet banking and an electronic commerce. However, recent researches were introduced that if we implement modes of operation, padding method and other cryptographic implementations in a wrong way, then the critical information can be leaked even though the underlying cryptographic algorithms are secure. Among these attacking techniques, the padding oracle attack is representative. In this paper, we analyze the possibility of padding oracle attacks of 12 kinds of padding techniques that can be applied to the CBC operation mode of a block cipher. As a result, we discovered that 3 kinds were safe padding techniques and 9 kinds were unsafe padding techniques. We propose 5 considerations when designing a safe padding techniques to have a resistance to the padding oracle attack through the analysis of three kinds of safe padding techniques.
| Translated title of the contribution | Safety Analysis of Various Padding Techniques on Padding Oracle Attack |
|---|---|
| Original language | Korean |
| Pages (from-to) | 271-278 |
| Number of pages | 8 |
| Journal | 정보보호학회논문지 |
| Volume | 25 |
| Issue number | 2 |
| DOIs | |
| State | Published - 2015 |