- § Cryptography
- hides data patterns
- randomizes encryption process, so encrypting the same input twice produces different results (given the IV is unique).
- Xor Initialization Vector with the plaintext before encryption of the first block.
- Use ciphertext of the first block as IV for the next block encryption.
- Using ciphertext of one block to encrypt the next implies that encryption can not be parallelized.
- CBC also requires block padding.
- CBC requires a unique IV for every new encryption operation, which should be unpredictable at time of encryption. (See TLS CBC IV attack).
Note that during decryption, the IV is only used for the first block. The rest of the blocks use ciphertext of the previous block (which is known).
That means that if invalid IV is supplied during the decryption, only the first block is corrupted. The rest of the blocks are decrypted correctly (given encryption key is known).
- Explicit Initialization Vectors uses this property by prepending a single random block to the plaintext. Then, the first block of ciphertext can be safely discarded (and IV does not need to be communicated).
- This also means that decryption can be performed in parallel.