More info in my AES128-CBC question
Victor Duchovni
Victor.Duchovni at MorganStanley.com
Fri Apr 20 11:58:46 EDT 2007
On Thu, Apr 19, 2007 at 10:32:58PM -0700, Aram Perez wrote:
> Hi Folks,
>
> First, thanks for all your answers.
>
> The proposal for using AES128-CBC with a fixed IV of all zeros is for a protocol between two entities that will be exchanging messages. This is being done in a "standards" body (OMA) and many of the attendees have very little security experience. As I mentioned, the response to my question of why would we standardize this was "that's how SD cards do it".
>
> I'll look at the references and hopefully convince enough people that it's a bad idea.
>
You still have not described the protocol, or how keys are used/managed.
The question has no answer outside the context of a specific protocol,
other than in general it is best practice to use random IVs or otherwise
unlikely to repeat IVs.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list