[Resource Topic] 2005/033: An Attack on CFB Mode Encryption As Used By OpenPGP

Welcome to the resource topic for 2005/033

An Attack on CFB Mode Encryption As Used By OpenPGP

Authors: Serge Mister, Robert Zuccherato


This paper describes an adaptive-chosen-ciphertext attack on the Cipher Feedback (CFB) mode of encryption as used in OpenPGP. In most circumstances it will allow an attacker to determine 16 bits of any block of plaintext with about 2^{15} oracle queries for the initial
setup work and 2^{15} oracle queries for each block. Standard CFB mode encryption does not appear to be affected by this attack. It applies to a particular variation of CFB used by OpenPGP. In particular it exploits an ad-hoc integrity check feature in OpenPGP which was meant as a “quick check” to determine the correctness of the decrypting symmetric key.

ePrint: https://eprint.iacr.org/2005/033

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .