[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: pf_key comments
Harald Koch writes:
> Does the IV have to be *unpredictably* different, or just
different?
>
> (The NRL code, for example, simply increments the IV after each
packet).
Just different. If you look at the nature of the feedback in CBC for
any chained blocks, the IV is simply the last data-cipher block, which
is "public" information. The only danger I've ever heard of
incrementing an IV from one chain to the next is that the IV bits are
almost identical at the start of each chain; but to my knowledge, this
has never been exploited.
Brett
TimeStep Corporation