Jeff,
Thanks for the swift reply!
Currently I just use GenerateBlock() to generate the entire random sequence in one go instead of calling GenerateByte() continually.
Speaking of which, I'm not really sure what blocking means compared to nonblocking?
I guess using the library on other systems than Windows does not guarantee a unique IV. Do you know how the autoseeding function works? Does it take things such as time into account to minimize collisions?
Also, does using MCP guarantee a unique random value each time? I know the API provides such a function but I don't know if Crypto++ uses it. If it doesn't it would probably be better to wrap your own random generator on Windows which actually uses that function..
Cheers!
> Date: Mon, 4 Sep 2006 19:54:04 -0400
> From: [EMAIL PROTECTED]
> To: [email protected]
> Subject: Re: Generating Unique Initialization Vectors
>
> Hi Soren,
>
> Sorry, I should have gone into more detail.
>
> > What is the best approach to generating unique initialization vectors for
> > block ciphers such as AES in CFB mode?
> I would personally use the Crypto++ RNG. There are better ways to
> generate, rather than going for 1 byte at a time.
>
> CryptoPP::AutoSeededRandomPool rng;
>
> std::string Key( "BYTE key[ CryptoPP::AES::DEFAULT_KEYLENGTH ]
> =\r\n { " );
> std::string IV( ("BYTE iv[ CryptoPP::AES::BLOCKSIZE ] =\r\n { " );
>
> //
> // IV
> //
> for( INT i = 0; i < CryptoPP::AES::BLOCKSIZE; i++ ) {
>
> BYTE b = rng.GenerateByte();
> ...
>
> }
>
> > How does AutoSeededRandomPool work? Is it guaranteed
> > not to return the same number twice?
> Gleaned from osrng.cpp:
> if Not WIN32
> Nonblocking RNG: /dev/urandom
> Blocking RNG: /dev/random
>
> If WIN32
> Use Microsoft Cryptographic Provider
>
> IIRC, MCP uses an OS derived value, stored in the registry (this is
> for NT systems, not 9x systems)
>
> Jeff
>
> On 9/4/06, Søren Dreijer <[EMAIL PROTECTED]> wrote:
> >
> > Yes, I know how you use it but I don't see anything about how to use it to
> > generate a unique IV..
> >
> > ________________________________
> > > Date: Mon, 4 Sep 2006 17:27:38 -0400
> > > From: [EMAIL PROTECTED]
> > > To: [email protected]
> > > Subject: Re: Generating Unique Initialization Vectors
> >
> > >
> > > Hi Soren,
> > >
> > > > > How does AutoSeededRandomPool work?
> > >
> > http://www.eskimo.com/~weidai/cgi-bin/fom-serve/cache/83.html
> > >
> > > Jeff
> > >
> > > On 9/4/06, Søren Dreijer <[EMAIL PROTECTED]> wrote:
> > > >
> > > > Hey,
> > > >
> > > > What is the best approach to generating unique
> > initialization vectors for
> > > > block ciphers such as AES in CFB mode?
> > > >
> > > > How does AutoSeededRandomPool work? Is it guaranteed
> > not to return the same
> > > > number twice?
> > > >
> > > > - Soren
> > > >
> > > > ________________________________
> > > > Call friends with PC-to-PC calling -- FREE Try it now!
> > >
> >
> > ________________________________
> > Search from any Web page with powerful protection. Get the FREE Windows Live
> > Toolbar Today! Try it now!
>
Windows Live Spaces is here! It’s easy to create your own personal Web site. Check it out!
- Generating Unique Initialization Vectors Søren Dreijer
- Re: Generating Unique Initialization Vectors Jeffrey Walton
- RE: Generating Unique Initialization Vectors Søren Dreijer
- Re: Generating Unique Initialization Vectors Jeffrey Walton
- RE: Generating Unique Initialization Vectors Søren Dreijer
- Re: Generating Unique Initialization Vectors Jeffrey Walton
- RE: Generating Unique Initialization Vectors Søren Dreijer
- Re: Generating Unique Initialization Vectors Jeffrey Walton
- RE: Generating Unique Initialization Vectors Søren Dreijer
- Re: Generating Unique Initialization Vectors Jeffrey Walton
