CBC Padding Attack
CBC is one of the best modes of operation for block ciphers, but even leaking a tiny amount of information is enough to completely undermine its security.
StaffDec. 10, 2015, 11:10 p.m.
This one takes me between 10-15 minutes on my laptop. Some things to keep in mind:
- If you want to have an implementation with a reasonable runtime you need to attack this byte by byte.
- If you get back a 500 status for every possible byte (0x00 - 0xff) you've done something wrong.
- If you're unfamiliar with PKCS7 padding refer here. Especially important is to remember that "If the original data is a multiple of N bytes, then an extra block of bytes with value N is added".