Part of the book series:Lecture Notes in Computer Science ((LNSC,volume 9048))
Included in the following conference series:
1574Accesses
Abstract
The principle of padding oracle attacks has been known in the cryptography research community since 1998. It has been generalized to exploit any property of decrypted ciphertexts, either stemming from the encryption scheme, or the application data format. However, this attack principle is being leveraged time and again against proposed standards and real-world applications. This may be attributed to several factors, e.g., the backward compatibility with standards selecting oracle-prone mechanisms, the difficulty of safely implementing decryption operations, and the misuse of libraries by non cryptography-savvy developers. In this article, we present several format oracles discovered in applications and libraries implementing the OpenPGP message format, among which the popular GnuPG application. We show that, if the oracles they implement are made available to an adversary, e.g., by a front-end application, he can, by querying repeatedly these oracles, decrypt all OpenPGP symmetrically encrypted packets. The corresponding asymptotic query complexities range from 2 to\(2^8\) oracle requests per plaintext byte to recover.
This work was partially supported by the French National Research Agency through the BLOC project (contract ANR-11-INS-011).
This is a preview of subscription content,log in via an institution to check access.
Access this chapter
Subscribe and save
- Get 10 units per month
- Download Article/Chapter or eBook
- 1 Unit = 1 Article or 1 Chapter
- Cancel anytime
Buy Now
- Chapter
- JPY 3498
- Price includes VAT (Japan)
- eBook
- JPY 5719
- Price includes VAT (Japan)
- Softcover Book
- JPY 7149
- Price includes VAT (Japan)
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Albrecht, M.R., Paterson, K.G., Watson, G.J.: Plaintext Recovery Attacks against SSH. In: IEEE Symposium on Security and Privacy, pp. 16–26. IEEE Computer Society (2009)
AlFardan, N.J., Paterson, K.G.: Lucky Thirteen: Breaking the TLS and DTLS Record Protocols. In: IEEE Symposium on Security and Privacy, pp. 526–540. IEEE Computer Society (2013)
Andreeva, E., Bogdanov, A., Luykx, A., Mennink, B., Mouha, N., Yasuda, K.: How to Securely Release Unverified Plaintext in Authenticated Encryption. Cryptology ePrint Archive, Report 2014/144 (2014).http://eprint.iacr.org/
Bardou, R., Focardi, R., Kawamoto, Y., Simionato, L., Steel, G., Tsay, J.-K.: Efficient Padding Oracle Attacks on Cryptographic Hardware. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 608–625. Springer, Heidelberg (2012)
Bleichenbacher, D.: Chosen Ciphertext Attacks against Protocols Based on the RSA Encryption Standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998)
Boldyreva, A., Degabriele, J.P., Paterson, K.G., Stam, M.: On Symmetric Encryption with Distinguishable Decryption Failures. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 367–390. Springer, Heidelberg (2014)
Jager, T., Somorovsky, J.: How to break XML encryption. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) ACM Conference on Computer and Communications Security, pp. 413–422. ACM (2011)
Jallad, K., Katz, J., Schneier, B.: Implementation of Chosen-Ciphertext Attacks against PGP and GnuPG. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 90–101. Springer, Heidelberg (2002)
Callas, J., Donnerhacke, L., Finney, H., Shaw, D., Thayer, R.: OpenPGP Message Format. RFC 4880 (Proposed Standard) (November 2007)
Klíma, V., Rosa, T.: Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format. Cryptology ePrint Archive, Report 2003/098 (2003).http://eprint.iacr.org/
Mister, S., Zuccherato, R.J.: An Attack on CFB Mode Encryption as Used by OpenPGP. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 82–94. Springer, Heidelberg (2006)
Mitchell, C.J.: Error Oracle Attacks on CBC Mode: Is There a Future for CBC Mode Encryption? In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 244–258. Springer, Heidelberg (2005)
Möller, B., Duong, T., Kotowicz, K.: Google Security Advisory: This POODLE Bites: Exploiting The SSL 3.0 Fallback (2014).https://www.openssl.org/bodo/ssl-poodle.pdf
Paterson, K.G., AlFardan, N.J.: Plaintext-Recovery Attacks Against Datagram TLS. In: NDSS. The Internet Society (2012)
Vaudenay, S.: Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 534–546. Springer, Heidelberg (2002)
Author information
Authors and Affiliations
ANSSI, Paris, France
Florian Maury, Jean-René Reinhard, Olivier Levillain & Henri Gilbert
- Florian Maury
You can also search for this author inPubMed Google Scholar
- Jean-René Reinhard
You can also search for this author inPubMed Google Scholar
- Olivier Levillain
You can also search for this author inPubMed Google Scholar
- Henri Gilbert
You can also search for this author inPubMed Google Scholar
Corresponding author
Correspondence toJean-René Reinhard.
Editor information
Editors and Affiliations
Aalto University School of Science, Espoo, Finland
Kaisa Nyberg
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Maury, F., Reinhard, JR., Levillain, O., Gilbert, H. (2015). Format Oracles on OpenPGP. In: Nyberg, K. (eds) Topics in Cryptology –- CT-RSA 2015. CT-RSA 2015. Lecture Notes in Computer Science(), vol 9048. Springer, Cham. https://doi.org/10.1007/978-3-319-16715-2_12
Download citation
Published:
Publisher Name:Springer, Cham
Print ISBN:978-3-319-16714-5
Online ISBN:978-3-319-16715-2
eBook Packages:Computer ScienceComputer Science (R0)
Share this paper
Anyone you share the following link with will be able to read this content:
Sorry, a shareable link is not currently available for this article.
Provided by the Springer Nature SharedIt content-sharing initiative