We dwell in a digital environment benefitting from its pros and battling out its cons. Ever since the beginning of the internet, we’ve successfully tackled the various challenges it posed against us. In this blog post, I’ll be sharing with you the outcome of one such quest.

As we all know the underlying protocol of our beloved World Wide Web is http.One of the major issues developers faced with http was it’s statelessness or we may say http views every step you undertake as seperate. Consider the example of an online shopping site where you keep adding items to your…

This is the continuation of my cryptanalysis series.In this post we are going to look into one of the most elegant attacks on AES-CBC mode.The attack is called ”Padding oracle attack” and as the name suggests it involves the manipulation of the padding oracle to retrieve the plaintext.Now, atleast a few of you would be wondering what a padding oracle is so let us first have a look at what it is.

Padding Oracle:

Most of you would have heard about the “oracle of Delphi”(I am a huge fan of Percy Jackson). So here,our padding oracle is somewhat similar to the oracle…

AES is the most commonly used symmetric key encryption scheme throughout the world.Here I am going to list the short comings of the AES-ECB mode of encryption stating some of the ways in which it can be exploited by an attacker.

First I’ll brief you through the working of the ECB mode of encryption:

The Electronic Code Book popularly known as ECB is the simplest encryption mode in AES. AES is a block cipher and hence the encryption process takes place on each block seperately where the block size is usually 16.

The above image gives us an idea of…

Sarang Dileep

Cryptanalyst | CTF player

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store