Re: The importance of IVs

On 27 Aug 2005 10:38:16 -0700, "mobius30" <mobius30@hushmail.com>
wrote:

>Upon further examination, I noticed this particular application does not
>apply any IV prior to encryption of the selected text. I was surprised to
>find how many of these freeware applications don't. Why is that? I would think
>implementing something as simple as random data into the first block(s)
>of text would be SOP for anyone writing one of these applications.

Not using an IV is the least of your problems.
You mentioned "SOP" (Standard Operating Procedure for those who don't
know), which I found to be quite amusing because I've been down this
road already. You also mentioned freeware applications. Again, very
amusing because of the simple fact that this trend is not at all
limited to freeware. There are countless non-freeware applications
and crypto libraries out there which have been slapped together by
people who have no business touching cryptography, let alone trying to
combine crypto with their programming "skills".

So yeah, forget about the IV problem. What I found even more
disturbing is the sheer number of these libraries out there that are
so badly assembled that they're not even what they claim to be. For
instance, a library containing AES and Blowfish (for example), SHOULD
be able to give you actual AES and Blowfish encryption. This is a
no-brainer. But in my findings, it turns out that in many cases,
you're not getting AES, nor are you getting Blowfish. So what are you
getting? Essentially a faulty implementation which can range in
seriousness from being somewhat buggy, to being completely insecure.

A quick and simple way to test whether or not you're using a proper
implementation is to run through a handful of test vectors in CBC,
EBC, or whatever modes you're implementing. If you can't reproduce
the published test vectors, avoid that software/library like the
plague.
Received on Thu Sep 29 21:51:09 2005