With regards to initialization vectors for CBC-mode block ciphers, how does one extract the vector? Is it merely the first X bytes of data after the record header, where X is the block size?
If so, are those first X bytes unencrypted? I suppose they must be. Also, it's my understanding that in TLS 1.0, one uses the last block of ciphertext from the previous record as the initialization vector for the following record. But in TLS 1.1 and 1.2, each record has its own initialization vector. Is that accurate? -- View this message in context: http://old.nabble.com/Initialization-Vectors-tp29409657p29409657.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
