Perhaps one way to think of the IV is that it is part of the key.
That is, the IV and key are used to encrypt, and then the (same) IV
and the (same) key can decrypt. It's just that if the IV is sent
in clear text ("included in the structure...") then it is not secret.One popular algorithm is to use MD5 to make a 128 bit hash of a password string, then use 64 bits of it as an IV and the other 64 bits of it as a DES key. So the IV and the key are innately related. Of course you could use the first and second 64 bits of an SHA1 hash just as well. In these cases, the IV can be regenerated from the password string at decrypt time, as long as it is the same string :-)
IV is used in "cipher block chaining", that is, the output from block N is used as part of the input for block N+1, and the IV is the initial shift in at the very beginning:
clear clear clear
block 1 block 2 block 3
| | |
v v v
+--+--+ +--+--+ +--+--+
IV ->| DES +---->+ DES +---->+ DES +---
+--+--+ +--+--+ +--+--+
| | |
v v v
cipher cipher cipher 3
block 1 block 2 block 3You can find a diagram like this in any good book on encryption.. Look under "Cipher Block Chaining". So, given that you are doing chaining, the IV supplies the "startup value" for the chain.
Steve Hay wrote:
I then discovered that the encryption/decryption functions require
> an IV too, but still don't really know what an IV is...
-- Charles B (Ben) Cranston mailto: [EMAIL PROTECTED] http://www.wam.umd.edu/~zben
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
