Padding-Oracle-Vulnerability/EN/Background: Unterschied zwischen den Versionen
(Die Seite wurde neu angelegt: „A padding oracle attack is a cryptographic attack that decrypts an encrypted message. The plain text is expanded with code to make it compatible with the crypt…“) |
|||
| Zeile 1: | Zeile 1: | ||
| − | A | + | A [https://en.wikipedia.org/wiki/Padding_oracle_attack Padding Oracle attack] is a cryptographic attack that decrypts an encrypted message. For this he sets up a connection to the server and sends very specially prepared encrypted messages. These messages are almost correctly encrypted, but have incorporated errors at crucial positions. A server receiving such a message must always '''reject these messages in the same way'''. An attacker evaluates the sent error messages and can use These informations, if necessary, to partially decrypt the connection to the server, which makes the connection unsafe. |
Version vom 6. Februar 2019, 15:55 Uhr
A Padding Oracle attack is a cryptographic attack that decrypts an encrypted message. For this he sets up a connection to the server and sends very specially prepared encrypted messages. These messages are almost correctly encrypted, but have incorporated errors at crucial positions. A server receiving such a message must always reject these messages in the same way. An attacker evaluates the sent error messages and can use These informations, if necessary, to partially decrypt the connection to the server, which makes the connection unsafe.
