Error Oracle Attacks and CBC Encryption.
Chris Mitchell, Royal Holloway, University of London
Abstract: This talk is primarily concerned with a method for encryption known as Cipher Block Chaining (CBC), currently very widely used. The impact of recently proposed padding oracle attacks and other related attacks on CBC is considered. For applications where unauthenticated encryption is required, the use of CBC mode is compared with its major rival, namely the stream cipher. It is argued that, where possible, authenticated encryption should be used, and, where this is not possible, a stream cipher would appear to be a superior choice. This raises a major question mark over the future use of CBC, except as part of a more complex mode designed to provide authenticated encryption.