New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add basics and the beggining of the attack #53
base: master
Are you sure you want to change the base?
Conversation
Check if the basics are okay before going in-depth to explain the attack |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good to go after luis review is added.
The basics are good :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you agree with the image part, and if you want I can help with that part
|
||
Look for the example below, where the ciphertext is divided through the different blocks. | ||
|
||
![Ciphertext Block Division](img/cipher_padding_oracle.png "Ciphertext Block Division") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, since you are encrypting content in hex in the example, remember that every 2 chars represent a byte, which means that each block you representad, has only 4bytes instead of 8.
Also, if you want to use AES schema as an example, AES smaller block size is 16bytes
|
||
At this time, the last byte of C3 is known; to find the rest of it, we can work backward through the entire block until every byte of X function is cracked, thus letting us decrypt the C3 plaintext one byte at a time. For the other blocks, it is just applying the same method to crack the full message. | ||
|
||
## Put the attack in practice |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you skipped a step here.
First you decrypt the ciphertext to know what's the content, and see if you can manipulate.
Also make sure to explain what is the payload received/manipulated, and how you found it in the app
|
||
* In the context of an application, it depends on how the user implementation of CBC mode because, if an attacker can modify the ciphertext or can trigger an error, there are high chances he can break the encrypted message. | ||
|
||
* [Encrypt and MAC your data](https://security.stackexchange.com/questions/38942/how-to-protect-against-padding-oracle-attacks). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lets try to use more 'trustworthy' sources like owasp...
Also, you can add other encryption schemas like GCM that handle the MAC behind scenes.
Finally may also be worth it to explain that before decrypting mac should be validated
@s4nkx0k also, sorry about this one... I changed again the docs structure (#63 ) |
Co-authored-by: Luis Fontes <luisfontes19@users.noreply.github.com>
Co-authored-by: Luis Fontes <luisfontes19@users.noreply.github.com>
Co-authored-by: Luis Fontes <luisfontes19@users.noreply.github.com>
Co-authored-by: Luis Fontes <luisfontes19@users.noreply.github.com>
Co-authored-by: Luis Fontes <luisfontes19@users.noreply.github.com>
Co-authored-by: Luis Fontes <luisfontes19@users.noreply.github.com>
Kudos, SonarCloud Quality Gate passed! |
Before Creating a Pull Request
How to