On Wed, 2008-01-16 at 11:56 +0000, Darren J Moffat wrote: > wrappedkey=<private binary format> > > Actual key (length determined by encryption property) > wrapped using AES_CBC_PAD using pool guid as the IV.
this looks like poor crypto hygiene. this seems to imply multiple wrappedkeys (different dataset, same pool) will be encrypted using the same IV. the point of an IV is that is different for every encryption -- if I repeatedly encrypt the same message over and over, an attacker can't tell I'm sending the same message because the IV is always changing and thus the ciphertext will on average have at least half of its bits different from any other message of the same size.
