The Twelfth International World Wide Web Conference
WWW2003 Logo
background gradient image

Read before
Budapest

News

Invitation

Programme

Registration
(normal fee
for all)
- Tours
- Hotels

WWW2003
Venue

Final poster
submission

Permission &
Release Forms

Volunteer
Information

Privacy
Statement

Conference
Committee

Invited
Speakers

Sponsorship/
Exhibition Opportunities

About
Hungary

Previous WWW
Conferences

Contact Us

WWW2003
Home

Gradient background image   http://www2003.org

Gradient background image

The Twelfth International World Wide Web Conference 
20-24 May 2003, Budapest, HUNGARY 

Gradient background image

Short Abstract: We review two side channel attacks on existing protocols that take advantage of the format of messages submitted for encryption. Variable length messages are usually encrypted by applying repeatedly a block cipher in some special mode of operation. However, when the messages are not a multiple of the encryption block, padding must be used to create messages of valid format. Then in order to decrypt the message one must first check if the padding is correct. It is exactly at this point where a side channel is created since the validity of the format is leaked from communication protocols as the receiver usually replies with an error message. In this talk we show how an attacker can query the protocol with chosen ciphertexts in order to decrypt the original message. We conclude that it is not only important to have a good encryption algorithm but this algorithm must be encapsulated into a secure environment. The algorithm must be examined as a whole since individual bits leaked may be important to the security of the scheme.
Short Bio: Dr. Tassos Dimitriou received a BSc degree from the Computer Science and Engineering Department of the University of Patras, Greece back in 1990 and his MSc and PhD degrees from the University of California, San Diego in 1993 and 1996, respectively. He is interested in doing research in various aspects of Theoretical Computer Science like combinatorial optimization and analysis of heuristics for difficult to solve problems, study of randomness in algorithms and derandomization techniques, algorithms for selfish agents and smart dust systems, cryptography and computer security. He can be reached at Athen's Information Technology where he is currently an Assistant Professor.
background gradient image