On Sat, 5 May 2001, Oskar Sandberg wrote:
> On Fri, May 04, 2001 at 12:04:03PM -0500, Scott G. Miller wrote:
> > >
> > > Why not? It's exactly the same situation as putting it at the beginning
> > > of the document itself, we're just moving it a few bytes earlier in
> > > the message.
> > Oh, you mean the key. The key has to go absolutely first in the
> > decryption/encryption, otherwise you don't have an IV and an IV is a
> > requirement for a feedback cipher.
>
> It turns out we aren't though. With the current mode, the IV cannot be
> retrieved (since you need to previous block to decrypt anything). What we
> are in fact doing is running an all zero IV. Since being able to restore
> the key to check it is not that important anyways, I think we should move
> to actually using the key as the IV (or rather the key as a single block
> encrypted by itself).
Your right, but the reason we are able to do this is because we are
assured that roughly the first block of data was random, *because* it
contained the key. We can use the key as the IV as well (or the hash of
the key, which would make me feel better).
_______________________________________________
Devl mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/devl
