RE: Regarding the IV in symertric encryption.
Hi all, Here is a good link about block cipher algorithm that explains this. It also explain the mode: ECB, EFB, OFB, CBC (in SSL/TLS CBC one is used) http://www.cacr.math.uwaterloo.ca/hac/ Chapter 7 - Block Ciphers regards, Fred -Original Message- From: Michael Sierchio [mailto:[EMAIL PROTECTED] Sent: Wed 5/10/2006 6:10 PM To: openssl-users@openssl.org Cc: Subject:Re: Regarding the IV in symertric encryption. Girish Venkatachalam wrote: The IV is used only for decrypting the first block since after that the first block serves as the IV for the second block and so on. To answer ur question, the IV has to be known at both sides along with the key. There is no sound cryptological argument for not conveying the IV as the first block of ciphertext. It should be a random nonce, and should never be repeated. This argues against using a shared value known in advance. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Regarding the IV in symertric encryption.
Do the Initial Vectors on both sides have to be the same? If they have to be the same, we not only have to exchange the key, but also the IV, No? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Regarding the IV in symertric encryption.
Wai Wu wrote: Do the Initial Vectors on both sides have to be the same? If they have to be the same, we not only have to exchange the key, but also the IV, No? Symmetric block cipher traffic contains the IV at the beginning of the ciphertext. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Regarding the IV in symertric encryption.
Hello, Wai Wu wrote: Do the Initial Vectors on both sides have to be the same? If they have to be the same, we not only have to exchange the key, but also the IV, No? Symmetric block cipher traffic contains the IV at the beginning of the ciphertext. IV must be known and the same on both sides. In SSL3 they are part of key_material generated by special procedure based on client_random, server_random and some other strange things :-) (In TLS1 instead of special procedure pseudo random function (PRF) is used). For other purposes IV (and key) may be generated with Password Based Key Derivation Functions (PKCS#5) and than only parameters of this functions must be known on both sides. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Regarding the IV in symertric encryption.
The IV is used only for decrypting the first block since after that the first block serves as the IV for the second block and so on. To answer ur question, the IV has to be known at both sides along with the key. regards, Girish --- Wai Wu [EMAIL PROTECTED] wrote: Do the Initial Vectors on both sides have to be the same? If they have to be the same, we not only have to exchange the key, but also the IV, No? __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Regarding the IV in symertric encryption.
Girish Venkatachalam wrote: The IV is used only for decrypting the first block since after that the first block serves as the IV for the second block and so on. To answer ur question, the IV has to be known at both sides along with the key. There is no sound cryptological argument for not conveying the IV as the first block of ciphertext. It should be a random nonce, and should never be repeated. This argues against using a shared value known in advance. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]