Padding Oracle Attack


  • In this project you will decrypt a challenge ciphertext encrypted using CBC-mode encryption with PKCS #7 padding.

  • To do so, you will be given access to a server that will decrypt any ciphertexts you send it (using the same key that was used to generate the challenge ciphertext) -- but that will only tell you whether or not decryption results in an error !

  • That is, you will implement a padding-oracle attack. (See also Section 3.7.2 of "Introduction to Modern Cryptography, 2nd edition," by Katz and Lindell.)

  • The plaintext, when converted to ASCII, is readable English text, and so you should be able to tell once you have been successful.

  • All the files needed for this project will be available in a Padding_Oracle directory on the container, including a README explaining what each file does.

  • Note that this assignment requires the ability to perform basic networking in order to connect to the server and send/receive messages.
  • Stub code is provided for doing basic networking in C, Java, and Python, but you are welcome to use any language of your choice.

  • Tip: You can find the IP address and port numbers to use in the stub code provided.


  • Click Here to launch a web emulation terminal to develop and compile your client code on.
  • Note: This container will be available for use for around 2 hours. You can always start a new container if required, but you will need to transfer your code to the new container.

  • Click Here for instructions on saving your work and transferring it to a new container.