15 lines
664 B
Plaintext
15 lines
664 B
Plaintext
In encryption, when Cipher Block Chaining (CBC) is used, the Initialization Vector (IV) must be random and unpredictable. Otherwise, the encrypted value is vulnerable to crypto-analysis attacks such as the "Chosen-Plaintext Attack".
|
|
|
|
|
|
An IV value should be associated to one, and only one encryption cycle, because the IV's purpose is to ensure that the same plaintext encrypted twice will yield two different ciphertexts.
|
|
|
|
|
|
To that end, IV's should be:
|
|
|
|
* random
|
|
* unpredictable
|
|
* publishable (IVs are frequently published)
|
|
* authenticated, along with the ciphertext, with a Message Authentication Code (MAC)
|
|
|
|
This rule raises an issue when the IV is hard-coded.
|