๐Ÿ“Initialization Vector

tags
ยง Cryptography
  • Many modes of operation use Initialization Vector (IV) to randomize the encryption process so that encrypting the same data twice produces different ciphertexts. (This helps to avoid a slow re-keying.)
  • Initialization Vector has different security requirements than encryption key, and usually does not need to be secret.
  • For some modes of operation, it is important to never reuse Initialization Vector under the same key.

    • For CBC and CFB, doing so can lead to leaking some information about the first encryption, and about any common prefix shared by two messages.
    • For OFB and CTR, reusing an IV completely destroys security.
    • For CBC, the IV must be unpredictable at the time of encryption. Otherwise, it can lead to TLS CBC IV attack.

Backlinks