Output feedback (OFB)
Output FeedBack mode turns AES into a stream cipher. It is an obscure cipher mode, with no real benefits these days over using CTR.
Attacks
Symmetry - Encryption oracle
Suppose you’re given a ciphertext \(C\) of a plaintext \(P\) you want to recover and access to an encryption oracle. You can then easily recover \(P\).
To do so, use the oracle to encrypt \(C\).
Because you have
\[ C = E_K(IV) \oplus P \]you will receive
\[ \begin{aligned} E_K(IV) \oplus C &= E_K(IV) \oplus (P \oplus E_K(IV)) \\ &= P \end{aligned} \] | |
Last updated on