Error Oracle Attacks and CBC Encryption.

Chris Mitchell, Royal Holloway, University of London

Friday February 29th, 2:00pm in K9509.

This talk is primarily concerned with a method for encryption known as 
Cipher Block Chaining (CBC), currently very widely used.  The impact of 
recently proposed padding oracle attacks and other related attacks on 
CBC is considered.  For applications where unauthenticated encryption is 
required, the use of CBC mode is compared with its major rival, namely 
the stream cipher.  It is argued that, where possible, authenticated 
encryption should be used, and, where this is not possible, a stream 
cipher would appear to be a superior choice. This raises a major 
question mark over the future use of CBC, except as part of a more 
complex mode designed to provide authenticated encryption.