000099410 001__ 99410
000099410 005__ 20190903060538.0
000099410 02470 $$2DAR$$a4729
000099410 02470 $$2ISI$$a000189414700035
000099410 0247_ $$a10.1007/3-540-46035-7_35$$2doi
000099410 037__ $$aCONF
000099410 245__ $$aSecurity flaws induced by CBC padding - Applications to SSL, IPSEC, WTLS...
000099410 269__ $$a2002
000099410 260__ $$c2002
000099410 336__ $$aConference Papers
000099410 490__ $$aLecture Notes in Computer Science$$v2332
000099410 520__ $$aIn many standards, e.g. SSL/TLS, IPSEC, WTLS, messages are first pre-formatted, then encrypted in CBC mode with a block cipher. Decryption needs to check if the format is valid. Validity of the format is easily leaked from communication protocols in a chosen ciphertext attack since the receiver usually sends an acknowledgment or an error message. This is a side channel. In this paper we show various ways to perform an efficient side channel attack. We discuss potential applications, extensions to other padding schemes and various ways to fix the problem
000099410 6531_ $$aNCCR-MICS
000099410 6531_ $$aNCCR-MICS/CL3
000099410 700__ $$g131602$$aVaudenay, Serge$$0241950
000099410 7112_ $$dApril 28 - May 2, 2002$$cAmsterdam, Netherlands$$aAdvances in Cryptology - EUROCRYPT 2002. International Conference on the Theory and Applications of Cryptographic Techniques
000099410 773__ $$tAdvances in Cryptology — EUROCRYPT 2002$$q534-545
000099410 8564_ $$zn/a$$uhttps://infoscience.epfl.ch/record/99410/files/Vau02a.ps$$s169104
000099410 909C0 $$xU10433$$pLASEC$$0252183
000099410 909CO $$ooai:infoscience.tind.io:99410$$qGLOBAL_SET$$pconf$$pIC
000099410 937__ $$aLASEC-CONF-2002-001
000099410 970__ $$a7335946/LASEC
000099410 973__ $$rREVIEWED$$sPUBLISHED$$aEPFL
000099410 980__ $$aCONF