The IV for CBC mode of many cyphers is 8 octets (64 bits) of random data which is prepended to the plaintext before encyphering. The effect is to scramble the cyphertext still further. It is rather like the salt in builtin crypt digesting.
Use of IV is mandatory for some CBC protocols. See, for instance, RFC-2405, The ESP DES-CBC Cipher Algorithm With Explicit IV.
After Compline,
Zaxo
| [reply] |
I don't know a whole lot about IVs in block ciphers, but they are used in hashing algorithms (MD5, SHS, etc). All hash algorithms that I know of are "cascading" hash algorithms. They take each block (say, 128 bits) of the input and recombine it with the results of the previous block into a hash function. The output of each step cascades and is used in conjunction with the next block. In this way, changing any block will change the output of the hash algorithm.
To start out though, you need an extra block, so that's where the IV comes in. It's combined with the first message block into the first iteration.
______
IV --> | hash | ______
msg[1] --> |_func_| --> | hash |
msg[2] ---------------> |_func_| -->
msg[3] ----------------------------> ...
Most hashing algorithms have a fixed IV, so that everyone agrees that the same file will have the same hash value.
I'm not familiar with CBC, but I seem to recall that if you use a streaming/cascading cipher (where encryption results cascade to affect the next block), you'd also need an IV. If you can choose the IV yourself it will add some extra entropy, like having a longer key size. Also, a streaming cipher will prevent an attacker from detecting identical plaintext blocks from two snippets of ciphertext (unless they use the same IV and are at the very beginning of the plaintext). Of course, the person decrypting the message will need to know the IV you used.
I'm sure someone more familiar with CBC can give you a little more info ;) ...
blokhead | [reply]
[d/l] |
