Paper 2007/385
On the insecurity of interchanged use of OFB and CBC modes of operation
Danilo Gligoroski
Abstract
The security of interchanged use of modes of operation of block ciphers have not been discussed in the public literature. So far, the modes of operation of block ciphers have been treated as completely independent and uncorrelated. In this paper we represent both CBC and OFB as quasigroup string transformations, and then show that OFB mode is a special case of the CBC mode of operation. That raise possibilities for construction of several devastating attack scenarios against that interchanged use of CBC and OFB. These attacks have not been addressed in NIST Special Publication 800-38A 2001, ``Recommendation for Block Cipher Modes of Operation''. More specifically, in the chosen plaintext attack scenario with interchanged use of CBC and OFB mode, we give a concrete list of openssl commands that extract the complete plaintext without knowing the secret key.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- block ciphersmodes of operationquasigroup string transformations
- Contact author(s)
- Danilo Gligoroski @ q2s ntnu no
- History
- 2007-10-04: received
- Short URL
- https://ia.cr/2007/385
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2007/385, author = {Danilo Gligoroski}, title = {On the insecurity of interchanged use of {OFB} and {CBC} modes of operation}, howpublished = {Cryptology {ePrint} Archive, Paper 2007/385}, year = {2007}, url = {https://eprint.iacr.org/2007/385} }