Subtle Interactions: Security Protocols and Cipher Modes of Operation

Raphael C.W. Phan; Bok-Min Goi

doi:10.4018/978-1-59904-168-1.ch014

Enjoy a 20% Discount on all IGI Global Books Browse Titles

Special Offers
- 20% Discount On All IGI Global Published Book Products Through the Online Bookstore
  In response to rapid inflation and global currency fluctuations, and in our continued effort to make diverse, equitable, and inclusive research more accessible, IGI Global is now offering a 20% discount on hardcover print book and e-book purchases through June 30, 2023, directly on IGI Global’s Online Bookstore. Hosted on the InfoSci^® platform, these titles feature no DRM, no additional cost for multi-user licensing, no embargo of content, full-text PDF & HTML format, and more. Discount is automatically added at checkout.
  Browse Titles
- 20% Discount on All IGI Global E-Book Purchases Through GOBI
  GOBI is currently offering a 20% discount on IGI Global e-Book purchases on GOBI (Publisher Direct), through June 30, 2023. A direct link to GOBI can be found on each book's webpage of the IGI Global Online Bookstore.
  Browse GOBI
- 20% Discount on All IGI Global E-Book Purchases Through OASIS
  OASIS is currently offering a 20% discount on IGI Global e-Book purchases (Publisher Direct) until June 30, 2023. A direct link to OASIS can be found on each book's webpage of the IGI Global Online Bookstore.
  Browse OASIS
- 20% Discount on All IGI Global E-Book Purchases Through Rialto
  Rialto is currently offering a 20% discount on IGI Global e-Book purchases (Publisher Direct) until June 30, 2023.
  Browse Books
- IGI Global E-Book Offer Through Proquest E-Book Central
  Right now, receive Unlimited Multi-User Licensing at the Single User price with no mark-up for all IGI Global e-books acquired on ProQuest's e-Book Central platform until June 30, 2023.
  Browse e-Book Central
- IGI Global e-Book Offer Through EBSCOhost
  Right now, receive Unlimited Multi-User Licensing at the Single User price with no mark-up for all IGI Global e-books acquired on EBSCOhost until June 30, 2023.
  Browse EBSCOhost
- Limited Time Offer: Retrospective Open Access is Discounted 20%
  Access and convert your previously published work through your through your IGI Global Portal Account. For a limited time, IGI Global is offering a 20% discount on all Retrospective Open Access conversions through June 30, 2023.
  Learn More
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education
  - Journals by Field
e-Collections
Open Access
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us
Newsroom

Subtle Interactions: Security Protocols and Cipher Modes of Operation

Raphael C.W. Phan, Bok-Min Goi

Source Title: Web Services Security and E-Business

DOI: 10.4018/978-1-59904-168-1.ch014

OnDemand:

(Individual Chapters)

Available

$29.50

Current Special Offers

No Current Special Offers

Abstract

In this chapter, we show how security protocols can be attacked by exploiting the underlying block cipher modes of operation. We first present a comprehensive treatment of the properties and weaknesses of standard modes of operation. We then show why all modes of operation should not be used with public-key ciphers in public-key security protocols. This includes the cipher block chaining (CBC) mode when there is no integrity protection of the initialisation vector (IV). In particular, we show that it is possible in such instances to replace a block at the beginning, middle, or end of a CBC-encrypted message. We further demonstrate that the security of single-block encryptions can be reduced to the security of the electronic codebook (ECB) mode, and show that in the absence of integrity, one could exploit this to aid in known- and chosen- IV attacks. Finally, we present chosen-IV slide attacks on counter (CTR) and output feedback (OFB) modes of operation. Our results show that protocol implementers should carefully select modes of operation, be aware of the pitfalls in each of these modes, and incorporate countermeasures in their protocols to overcome them. It is also important to realize that modes of operation only provide confidentiality, and that when used in the context of security protocols, these modes should be combined with authentication and integrity protection techniques.

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference

Subtle Interactions: Security Protocols and Cipher Modes of Operation

Abstract

Complete Chapter List