Padding Oracle Attack
- In this project you will decrypt a challenge ciphertext encrypted using CBC-mode encryption with PKCS #7 padding.
- To do so, you will be given access to a server that will decrypt any ciphertexts you send it (using the same key
that was used to generate the challenge ciphertext) -- but that will only tell you whether or not decryption results in an error !
- That is, you will implement a padding-oracle attack.
(See also Section 3.7.2 of "Introduction to Modern Cryptography, 2nd edition," by Katz and Lindell.)
- The plaintext, when converted to ASCII, is readable English text, and so you should be able to tell once you have been successful.
- All the files needed for this project will be available in a Padding_Oracle directory on the container, including a README explaining what
each file does.
- Note that this assignment requires the ability to perform basic networking in order to connect to the server and send/receive messages.
- Stub code is provided for doing basic networking in C, Java, and Python, but you are welcome to use any language of your choice.
- Tip: You can find the IP address and port numbers to use in the stub code provided.
- Click Here to launch a web emulation terminal to develop and compile your client code on.
- Note: This container will be available for use for around 2 hours. You can always start a new container if required, but you will need to transfer your code to
the new container.
- Click Here for instructions on saving your work and transferring it to a new container.