CRYPTO NEWS

Chile Halts CBDC Plans Till End of 2022 for More Analysis

Chile Halts CBDC Plans Till End of 2022 for More AnalysisThe Central Bank of Chile has postponed plans for a central bank digital currency (CBDC), claiming that the issuing of a digital Chilean peso necessitates a more thorough examination of the advantages and hazards, promising a fresh report by the end of the year. The bank released a report on May 11 that contained a […]

Alternative to CBC mode encryption?

Given that CBC mode encryption is vulnerable to padding oracle attacks, what is the next best alternative ? a) Include a hash check in the API scheme, validate the hash and then proceed with CBC. If hash check fails then return error indicating same. Eg: Include HMACSHA256(AES256(plaintext)) checksum that is required to be validated as::Listen

Given that CBC mode encryption is vulnerable to padding oracle attacks, what is the next best alternative ?

a) Include a hash check in the API scheme, validate the hash and then proceed with CBC. If hash check fails then return error indicating same. Eg: Include HMACSHA256(AES256(plaintext)) checksum that is required to be validated as part of message.

b) Implement a custom CBC mode that include a hmac/equivalent checksum at the end of each encryption block (on the lines of padding). Eg: Create own scheme on the lines of – "AES/CBC/PKCS5Padding/HMACSHA256". Are there any plans drafted by NIST / W3C to incorporate such a scheme?

c) Switch to GCM mode encryption. How does it compare to CBC in terms of cryptographic strength?

Chile Halts CBDC Plans Till End of 2022 for More Analysis

Shopping cart
There are no products in the cart!
Continue shopping
0