In this talk we investigate the problem of automating the development of adaptive chosen ciphertext attacks on systems that contain vulnerable format oracles. Rather than simply automate the execution of known attacks, we consider a more challenging problem: to programmatically derive a novel attack strategy, given only a machine-readable description of the plaintext verification function and the malleability characteristics of the encryption scheme. We present a new set of algorithms that use SAT and SMT solvers to reason deeply over the design of the system, producing an automated attack strategy that can entirely decrypt protected messages.
Note the changed time.
Matthew D. Green is an Associate Professor at Johns Hopkins University. He works on topics in applied cryptography, including the design of privacy-preserving protocols and attacks on deployed cryptographic systems.