170 likes | 284 Views
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format. Vlastimil Klíma 1 and Tomáš Rosa 1,2 {vlastimil.klima, tomas.rosa}@i.cz 1 ICZ a.s., 2 Czech Technical University in Pragu e.
E N D
Side Channel Attacks on CBC Encrypted Messages in the PKCS#7 Format Vlastimil Klíma 1 and Tomáš Rosa 1,2 {vlastimil.klima, tomas.rosa}@i.cz 1 ICZ a.s., 2 Czech Technical University in Prague Security and Protection of Information 2003, 2nd International Scientific Conference, NATO PfP/PWP – CATE, Brno, Czech Republic, 28.4.-30.4.2003
Preliminaries • Side channel attacks use side information from the system to unveil some secret information • The CBC mode of a block cipher with the combination of well-known PKCS#5 padding method is de facto standard CBC usage • In the presentation we will assume n-byte block cipher (for the simplicity let n = 8) • PKCS#5 padding: • [data....] bb...b • b bytes of the value b are padded, where b is the number of padded bytes • C1 B2 01 A5 FE A1 02 02 is a valid block • C1 B2 01 A5 FE A1 01 02 is an invalid block
Vaudenay's attack • The first side channel attack based on a valid-padding oracle in the CBC mode was described by Serge Vaudenay at Eurocrypt 2002. • He showed that it is possible to use it to decipher any captured ciphertext. • It is very efficient, its complexity is about 128*(#bytes of the ciphertext). • The valid-padding oracle is based on the fact that there exist valid and invalid padding strings.
ABYT-PAD - arbitrary byte tail padding - • Black and Urtubia at 11th USENIX Security Symposium (2002) proposed the ABYT-PAD padding scheme, where all padding strings are valid. • It thwarts the original Vaudenay´s attack. • [data....d] bb...b, b≠d • ABYT-PAD: The bytes of the same value b are padded to a multiple of n bytes, but the value b can be arbitrary. It only has to be different from the last data byte d. • The rule for removing the padding string is: discard all the same bytes from the end, no matter of their value. • C1 B2 01 A5 FE A1 02 02 is a valid block • C1 B2 01 A5 FE A1 01 02 is also a valid block • Note that theoretically, it is possible to pad more then n bytes (one block) and that our attack works in this case too.
Using ABYT-PAD padding • Motivation: When the new padding scheme is thatgood, what about using it in PKCS#7 instead of PKCS#5 padding? • PKCS#7 describes the general syntax for cryptographically protected data, e.g. data which is encrypted, digitally signed, etc.
PKCS#7 ver. 1.6 with ABYT-PAD instead of PKCS#5 • PKCS#7 has its own syntax. We will work with an encrypted message, stored in the structure "enveloped data" • IV and a symmetric encryption key are generated randomly, the key is then encrypted by a PKC and also encapsulated in the structure "enveloped data" • A data being encrypted is at first encoded (formatted) according to ASN.1. It creates the message M = (type-octets, length-octets, data-octets) • M is (ABYT-PAD) padded and the plaintext P = (M, padding) is then encrypted in the CBC mode • The ciphertext C and IV are then placed into the structure "enveloped data" • Note: assume there is usual type octet 0x04 (OCTET STRING), one octet length L and maximally n bytes of padding.
The decryption process defines a "PKCS#7 Confirmation Oracle" • Extract the ciphertext C = (IV, CT) from the PKCS#7 structure "enveloped data". • Decipher C to a plaintext P. • Remove the padding from the plaintext P. The result is a message M. • Parse M according to PKCS#7 syntax: • Check the type-octet of M (0x04). If it is not correct, an error has occurred. • Check the length-octet of M (L). L must be equal to the length of the remaining part of M. If it is not, an error has occurred. • If the two previous checks are successful, it is OK, otherwise something is BAD. Most of applications will tell OK/BAD to the attacker due to their error messages or a behaviour. • We define the oracle O(C)= ANSWER OK/BAD according to the procedure described above
The main result of our paper • Using a PKCS#7 confirmation oracle, we are able to decrypt the original plaintext • The complexity of the attack is roughly 128*(#bytes of the original plaintext) Attack scenario: • The attacker intercepts a valid ciphertext C = (IV, CT1, CT2, ... CTs), s 1 • Then she creates her own ciphertexts C* and on the base of oracle answers she deciphers the corresponding plaintext (P1, P2, ... Ps) • We will show that she is able to compute X = DK(Y) for an arbitrary chosen ciphertext block Y, implying that she is able to decrypt C.
Description of the attack- Computing X = DK(Y) - • Preparation phase: finding out the length (L) • Computing X = DK(Y) leaving one byte of uncertainty – we obtain the set of equations X1 T1 = X2 T2 = ... = Xn Tn = A, with known Ti and unknown A • Determining the remaining byte (A) of uncertainty
Conclusions • The complexity of the attack is given mainly by second step – the average of oracle calls is 128 per one ciphertext byte. • ABYT-PAD padding scheme thwarts the Vaudenay´s attack. • We showed that even using this "perfect" padding scheme, we cannot fully remove side channel attacks in the CBC mode. • Our recommendation is to use strong cryptographic check of the ciphertext.
Further work & ideas • Recall the basic properties of CBC • Changes in the block Ci propagates linearly and deterministically to changes of the plaintext block Pi+1, no matter how strong the cipher is • It has good self synchronization properties – an effect of a corruption of i-th block vanishes starting by block (i+2)
Further work & ideas • Basing on the basic properties of CBC • Processing of formatted data creates vital side channels with respect to the CBC mode • Practically speaking • Highly structured data format without strong authentication of ciphertexts may turn to be vulnerable • Example: S/MIME, various proprietary Type-Length-Value formats, etc.
Finally we’d like to stress • Elaborated problems with the CBC mode are quite obviously not only “stories of proper padding methods” • In other words: “Padding was just a beginning...”