- From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
- Date: Sat, 03 Nov 2001 11:27:53 +0100
- To: XML Encryption WG <xml-encryption@w3.org>
- Cc: Joseph Reagle <reagle@w3.org>
Hi all, about the use of the IV in block encryption in CBC mode: [Menezes/Orschoot/Vanstone] state in Remark 7.16 (integrity if IV in CBC): "While the IV in the CBC mode need not be secret, its integrity should be protected, since malicious modifications thereof allows an adversary to make predictable bit changes to the first plaintext block recovered." Suggestion: If we encrypt the IV in Electronic Codebook Mode (ECB), we ensure that modifications on the bit layer will break decryption of the complete block. "ALGORITHM is used in the Cipher Block Chaining (CBC) mode with a ALGO_KEY_BIT_LENGTH bit Initialization Vector (IV). <ADD>The IV is encrypted in ECB mode.</ADD> The resulting cipher text is prefixed by the <ADD>encrypted</ADD> IV." Does this make sense to you? Best regards, Christian [Menezes/Orschoot/Vanstone] Handbook of applied cryptography, page 230
Received on Saturday, 3 November 2001 05:25:24 UTC