-
Notifications
You must be signed in to change notification settings - Fork 310
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Broken or Risky Cryptographic Algorithm #93
Comments
a Proof of Concept (PoC) on how using AES/CBC without integrity checks could be exploited, we can simulate a Padding Oracle Attack. In a Padding Oracle Attack, an attacker can manipulate the ciphertext and leverage error messages from a decryption oracle to gradually reveal the plaintext. Here's a PoC that simulates how an attacker could exploit the lack of integrity in AES/CBC mode. Note that this example is for educational purposes only. java import javax.crypto.Cipher; public class PaddingOracleExample {
} Explanation of the PoC
How the Exploit Works
Preventing This Vulnerability Switch to AES/GCM mode, as discussed earlier, which provides both confidentiality and integrity, thus preventing padding oracle attacks and other integrity-based exploit |
copypaste of some scanner output isn't helpful. We have migrated away from AES in some protocols but not all. If you would like to propose a new protocol using a different primitive, please submit a full proposal including a plan for backward compatibility. |
rv = Cipher.getInstance("AES/CBC/NoPadding");
The CBC mode used in javax.crypto.Cipher.getInstance does not provide integrity. Consided using Galois/Counter Mode
line 272
core/java/src/net/i2p/crypto/CryptixAESEngine.java
The text was updated successfully, but these errors were encountered: