Hello, > Wai Wu wrote: > > > > Do the Initial Vectors on both sides have to be the same? If they have > > to be the same, we not only have to exchange the key, but also the IV, > > No? > > Symmetric block cipher traffic contains the IV at the beginning of the > ciphertext. IV must be known and the same on both sides. In SSL3 they are part of key_material generated by special procedure based on client_random, server_random and some other strange things :-) (In TLS1 instead of "special procedure" pseudo random function (PRF) is used). For other purposes IV (and key) may be generated with Password Based Key Derivation Functions (PKCS#5) and than only parameters of this functions must be known on both sides.
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
