Scribd
Upload
19 views3 pages

Task 7 - Padding Attack - CS 6035

Task 7 of CS 6035 focuses on a padding oracle attack using the AES encryption standard in Cipher Block Chaining (CBC) mode. Students are required to implement encryption and decryption functions using the pycryptodome library, as well as a function to check if the padding follows PKCS standards. The assignment includes testing the implemented functions and submitting the code for grading.

Uploaded by

RASEKH ALI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
19 views3 pages

Task 7 - Padding Attack - CS 6035

Task 7 of CS 6035 focuses on a padding oracle attack using the AES encryption standard in Cipher Block Chaining (CBC) mode. Students are required to implement encryption and decryption functions using the pycryptodome library, as well as a function to check if the padding follows PKCS standards. The assignment includes testing the implemented functions and submitting the code for grading.

Uploaded by

RASEKH ALI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

3/23/25, 12:23 PM Task 7: Padding Attack | CS 6035

CS 6035
Projects / Cryptography / Task 7: Padding Attack

Task 7: Task CBC Padding Oracle (7.5 Points)


The Advanced Encryption Standard (AES) is a set of standards for encryption set by the U.S.
National Institute of Standards and Technology. One of these standards is the Cipher Block
Chaining (CBC). CBC uses a fixed length set of bits known as a block, a unique binary sequence
known as an Initialization Vector (IV), and a key. The encryption is accomplished in the following
sequence.
1 Add padding to the plaintext until the appropriate block length.
2 XOR the block with the IV.
3 Encrypt the new block with the key.
The chaining part comes into play when encrypting multiple blocks. When working on the next
block you follow similar steps with one main difference.
1 Add padding to the plaintext until the appropriate block length.
2 XOR the block with the previous cipher text.
3 Encrypt the new block with the key.
The formula is as follows:

Decryption works in reverse.


1 Decrypt the cipher text with the key.
2 XOR the block with the IV
3 Repeat for latter blocks using the previous plain text as the new IV.
The formula is as follows:

For this task we will be working with an attack known as the padding oracle attack. The padding
oracle works under the idea that the server is leaking information about the padding. With this
information it is possible to both decrypt and encrypt messages.
https://github.gatech.edu/pages/cs6035-tools/cs6035-tools.github.io/Projects/RSA_Cryptography/CBC_oracle.html 1/3
3/23/25, 12:23 PM Task 7: Padding Attack | CS 6035

For this one section of the assignment you will be asked to use a library outside of the standard. In
this task you will use the pycryptodome library. This can be manually downloaded from this link
https://github.com/Legrandin/pycryptodome. Alternatively it can be downloaded through pip with
the following command:
pip install pycryptodome

This task will be the only outside library used.


The first 2 steps of this extra credit will be using a simplified version of padding. In a real world
application blocks will be in bits and will typically use \x00 or something similar depending on
what standard is being used.
Step 1 of this task is to write a function that can encrypt a short message. You may use
pycryptodome’s built in encrypt function, however you must build the padding yourself.
def cbc_encrypt_128(key: bytes, IV: bytes, m: str) -> str:

# TODO: Write the necessary code to encrypt the message

# (m) using the provided key and IV

# the necessary block length is 128 bits

# pad with the byte '\x00'

# Do Not modify code above this line

# Code Below Here

c = 0

return b64encode(c).decode("utf-8")

Step 2 of this task is to write a function that can decrypt a short message. You may use
pycryptodome’s built in decrypt function.
def cbc_decrypt_128(key: bytes, IV: bytes, c: bytes) -> str:

# TODO: Write the necessary code to decrypt the cipher

# (c) using the provided key and IV

# Do Not modify code above this line

# Code Below Here

m = 0

return m

https://github.gatech.edu/pages/cs6035-tools/cs6035-tools.github.io/Projects/RSA_Cryptography/CBC_oracle.html 2/3
3/23/25, 12:23 PM Task 7: Padding Attack | CS 6035

Step 3 of this task is to write one of the core functions of an oracle which will test if the padding
follows pkcs guidelines. This check is often the information that the oracle can leak. For this task
you must assume that there will always be at least 1 byte of padding, but there does not always
have to be a message attached.
def check_padding(padding) -> bool:

# TODO: Write the necessary code to check

# if the padding matches PKCS standards

is_pkcs_padded = "This variable should be a bool value"

return is_pkcs_padded

These steps can all be tested using the test_task_cbc_ python files. You can do so with the
following commands:
python test_task_cbc_decrypt.py

python test_task_cbc_encrypt.py

python test_task_cbc_pkcs.py

Resources
https://en.wikipedia.org/wiki/Padding_oracle_attack
https://www.pycryptodome.org/

Submission Details
You will write your code in the specified function stub(s) found in the provided
project_cryptography.py file. When ready, submit this file to the Project Cryptography
autograder in Gradescope.

Disclaimer: You are responsible for the information on this website. The content is subject to change at any time. © 2024 Georgia Institute
of Technology. All rights reserved.

https://github.gatech.edu/pages/cs6035-tools/cs6035-tools.github.io/Projects/RSA_Cryptography/CBC_oracle.html 3/3

You might also like