Padding oracle attack
Encyclopedia
In cryptography, the padding oracle attack is an attack on the CBC mode of operation, where the "oracle
" (usually a server) leaks data about whether the padding
of an encrypted message is correct or not. This can allow attackers to decrypt (and sometimes encrypt) messages through the oracle using the oracle's key, without knowing the encryption key.
The original attack was published in 2002 by Serge Vaudenay
. Recently it has been applied to encrypted HTTP cookie
s in several web application frameworks, including JavaServer Faces
, Ruby on Rails
and ASP.NET
.
Oracle machine
In complexity theory and computability theory, an oracle machine is an abstract machine used to study decision problems. It can be visualized as a Turing machine with a black box, called an oracle, which is able to decide certain decision problems in a single operation. The problem can be of any...
" (usually a server) leaks data about whether the padding
Padding (cryptography)
-Classical cryptography:Official messages often start and end in predictable ways: My dear ambassador, Weather report, Sincerely yours, etc. The primary use of padding with classical ciphers is to prevent the cryptanalyst from using that predictability to find cribs that aid in breaking the...
of an encrypted message is correct or not. This can allow attackers to decrypt (and sometimes encrypt) messages through the oracle using the oracle's key, without knowing the encryption key.
The original attack was published in 2002 by Serge Vaudenay
Serge Vaudenay
Serge Vaudenay is a well-known French cryptographer.Serge Vaudenay entered the École Normale Supérieure in Paris as a normalien student in 1989. In 1992, he passed the agrégation in mathematics. He did his PhD at the computer science laboratory of École Normale Supérieure, and defended it in 1995...
. Recently it has been applied to encrypted HTTP cookie
HTTP cookie
A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used for an origin website to send state information to a user's browser and for the browser to return the state information to the origin site...
s in several web application frameworks, including JavaServer Faces
JavaServer Faces
JavaServer Faces is a Java-based Web application framework intended to simplify development integration of web-based user interfaces....
, Ruby on Rails
Ruby on Rails
Ruby on Rails, often shortened to Rails or RoR, is an open source web application framework for the Ruby programming language.-History:...
and ASP.NET
ASP.NET
ASP.NET is a Web application framework developed and marketed by Microsoft to allow programmers to build dynamic Web sites, Web applications and Web services. It was first released in January 2002 with version 1.0 of the .NET Framework, and is the successor to Microsoft's Active Server Pages ...
.