Abstract:
This paper provides an overview of applied cryptographic protocols, including IPsec, TLS, SSH, SCP, S/MIME, EMV, and Cryptoki, and their vulnerabilities to adaptive chosen-plaintext and chosen-ciphertext attacks, which are used for recovering plaintext from ciphertext without finding the key. These attacks are based on the ideas formulated by W. Dai, D. Bleichenbacher, S. Vaudenay and have many modifications represented by many authors. We present new ideas for modifying attacks, based on predictable plaintext data fields being encrypted and transmitted, which may make some versions of cryptoprotocols using AEAD vulnerable to these attacks. At the end of the paper, we formulate recommendations and countermeasures against these attacks, which will be useful for developing cryptoprotocols by Technical Committee 26 for standardization “Cryptography and security mechanisms”.
Keywords:applied cryptographic protocol, padding oracle attack, adaptive attack, block cipher mode of operation, authenticated encryption with associated data, Technical Committee 26 for standardization.
Fulltext:
PDF file (599 kB)