• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

AES / CBC decryption with known IV

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security

View previous topic :: View next topic  
Author Message
akemi
Just Arrived
Just Arrived


Joined: 16 Jul 2010
Posts: 0


Offline

PostPosted: Fri Jul 16, 2010 8:09 am    Post subject: AES / CBC decryption with known IV Reply with quote

If the IV in CBC mode is set to zero, does that help the attacker decrypt the ciphertext in anyway?

One vulnerability I'm suspecting is that if each block of cipher text in CBC is represented as
Cn = Ek(Cn-1 ⊕ Pn)
Given that IV = 0, it may be possible to find the cipher text Cm such that
Cm = Ek(Pn)
(as if encrypted using ECB mode?)

Any help would be greatly appreciated!
Back to top
View user's profile Send private message
JustinT
Trusted SF Member
Trusted SF Member


Joined: 17 Apr 2003
Posts: 16777215
Location: Asheville, NC, US / Uberlāndia, MG, Brazil

Offline

PostPosted: Sun Sep 05, 2010 3:36 am    Post subject: Re: AES / CBC decryption with known IV Reply with quote

Just to note, under the chosen-plaintext attack model, if an adversary knows, or can predict, the IV prior to choosing the plaintext, then CBC is insecure; this isn't good, since security against chosen-plaintext attacks is the basic requirement for confidentiality modes of operation, like CBC.
Back to top
View user's profile Send private message Visit poster's website
PhiBer
SF Mod
SF Mod


Joined: 11 Mar 2003
Posts: 20
Location: Your MBR

Offline

PostPosted: Thu Sep 16, 2010 5:04 pm    Post subject: Reply with quote

Wow, the famous JustinT is back! Nice to see you back and posting. Smile
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register