However, putting aside the CBC part of AES-CBC, AES in and of itself is considered to be resilient to ‘known plaintext’ attacks. without authentication, are notorious for being vulnerable to the type of attack that you describe, where the ciphertext is altered to produce a ‘wanted plaintext’ (see examples at ). Older encryption algorithms such as XOR, OTP, Caesar, etc. In light of the above, there are a few ways to answer this question. The HMAC (above) is usually taken over the ciphertext and the IV, so that an attacker cannot modify either of these without detection. Without the IV, the recipient would have no way of decrypting the first block (and in this case, the only block) of the message. If this one block of ciphertext as produced using AES-CBC (with an IV), then normally the IV would be sent along with the ciphertext. It’s not clear from your question whether this one block of ciphertext was produced using AES alone, or using AES-CBC (with an IV). So, AES alone (without CBC, and therefore without an IV) could have been used to produce this one block ciphertext. See When do I need to use CBC and HMAC? for more info.Īlso, the ciphertext that you posted is only one block long (16 bytes, or 128 bits). HMAC) is used with AES-CBC, specifically to prevent the type of attack described in this question, where the ciphertext is altered by an attacker in an attempt to produce a ‘wanted plaintext’ upon decryption. First, normally a message authentication function (e.g.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |