International Association for Cryptologic Research

International Association
for Cryptologic Research

CryptoDB

An Attack on CFB Mode Encryption As Used By OpenPGP

Authors:
Serge Mister
Robert Zuccherato
Download:
URL: http://eprint.iacr.org/2005/033
Search ePrint
Search Google
Abstract: This paper describes an adaptive-chosen-ciphertext attack on the Cipher Feedback (CFB) mode of encryption as used in OpenPGP. In most circumstances it will allow an attacker to determine 16 bits of any block of plaintext with about $2^{15}$ oracle queries for the initial setup work and $2^{15}$ oracle queries for each block. Standard CFB mode encryption does not appear to be affected by this attack. It applies to a particular variation of CFB used by OpenPGP. In particular it exploits an ad-hoc integrity check feature in OpenPGP which was meant as a "quick check" to determine the correctness of the decrypting symmetric key.
BibTeX
@misc{eprint-2005-12372,
  title={An Attack on CFB Mode Encryption As Used By OpenPGP},
  booktitle={IACR Eprint archive},
  keywords={cryptographic protocols / applications, cryptanalysis},
  url={http://eprint.iacr.org/2005/033},
  note={ robert.zuccherato@entrust.com 12822 received 8 Feb 2005},
  author={Serge Mister and Robert Zuccherato},
  year=2005
}