On 06/28/2018 01:49 PM, Brian Milby via use-livecode wrote:
Random IV means that an attacker can not generate a dictionary in advance. Knowing it at the same time is not an issue since they cypher is not cracked. The other reason is that the IV seeds the AES encryption so that the first block does not give anything away. If the first encrypted block for the same data is always the same, the attacker can use that to test guesses if they can control what is being encrypted. Same issue if they can predict the IV. See the Wikipedia entry I linked to for a better discussion.
Encryption with an initialization vector isn't a reversible operation. It's not like XORing a value with another. Being able to *predict* an iv value, however, as opposed to just knowing the current value, is a security problem.
IV is fixed at the block size of the cipher. So for AES it is 16 bytes.
Yes, I stand corrected. Silly me assumed that aes-256 would use a larger block size. AES uses only 128-bit blocks with different key sizes.
-- Mark Wieder ahsoftw...@gmail.com _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
