[speak-freely] (#62) initialization vector - weak crypto ? (fwd)
Thomas Shaddack
shaddack at ns.arachne.cz
Thu Apr 17 16:49:08 PDT 2003
This is what I feared of, and what I hoped someone from here will figure
out sooner...
---------- Forwarded message ----------
Date: Fri, 18 Apr 2003 00:55:10 +0200 (MEST)
Subject: [speak-freely] (#62) initialization vector - weak crypto ?
From: Speak Freely Forum <sfforum at fourmilab.ch>
To: speak-freely at fourmilab.ch
Message posted to the Speak Freely Forum
by anon on Fri, 18 Apr 2003 00:55:10 +0200 (MEST).
http://www.fourmilab.ch/wb/speak-freely.pl?rev=62
It seems that for each CBC packet the same initialization vector 0 is used!
This likely weakens the crypto and might enable an attacker to break the
encryption:
According to rfc2405/rfc2451 the IV in CBC-mode must not be predictable.
More information about the cypherpunks-legacy
mailing list