On the Importance of the Key Separation Principle for Different Modes of Operation

摘要

The key separation principle for different modes of operation of the block ciphers is a cryptographic folklore wisdom that states: One should always use distinct keys for distinct algorithms and distinct modes of operation. If this principle is violated, then there are generic attacks that can recover the whole or a part of the encrypted messages. By the advent of software packages and libraries that offer some or all modes of operation of block ciphers, the violation of this principle is really possible in practice. We show that under the same key, OFB mode of operation is a special case of the CBC mode of operation, and that if CBC and CTR modes of operation are interchangeably used under the same secret key - then the security of the encryption process is seriously weakened. Moreover in the chosen plaintext attack scenario with interchanged use of CBC and OFB mode under the same key, we give a concrete list of openssl commands that can extract the complete plaintext without knowing the secret key.