[Cryptography] XORing plaintext with ciphertext
John Kelsey
crypto.jmk at gmail.com
Sat Sep 7 21:46:31 EDT 2013
It depends on the encryption scheme used. For a stream cipher (including AES in counter or OFB mode), this yields the keystream. If someone screws up and uses the same key and IV twice, you can use knowledge of the first plaintext to learn the second. For other AES chaining modes, it's less scary, though if someone reuses their key and IV, knowing plaintext xor ciphertext from the first time the key,iv pair was used can reveal some plaintext from the second time it was used.
--John
More information about the cryptography
mailing list