New Efficient Padding Methods Secure Against Padding Oracle Attacks

摘要

This paper proposes three new padding methods designed to withstand padding oracle attacks, which aim at recovering a plaintext without knowing the secret key by exploiting oracle's characteristic of checking the padding during decryption. Of the ten existing padding methods, only two (ABYT-PAD and ABIT-PAD) can withstand padding oracle attacks. However, these methods are not efficient since they either use a random number generator or require MAC verification in applications. The three new padding methods proposed in this paper are secure against padding oracle attacks and more efficient compared to the two aforementioned padding methods.