AES / CBC decryption with known IV

Networking/Security Forums -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security

Author: akemi PostPosted: Fri Jul 16, 2010 8:09 am    Post subject: AES / CBC decryption with known IV
    ----
If the IV in CBC mode is set to zero, does that help the attacker decrypt the ciphertext in anyway?

One vulnerability I'm suspecting is that if each block of cipher text in CBC is represented as
Cn = Ek(Cn-1 ⊕ Pn)
Given that IV = 0, it may be possible to find the cipher text Cm such that
Cm = Ek(Pn)
(as if encrypted using ECB mode?)

Any help would be greatly appreciated!

Author: JustinTLocation: Asheville, NC, US / Uberlāndia, MG, Brazil PostPosted: Sun Sep 05, 2010 3:36 am    Post subject: Re: AES / CBC decryption with known IV
    ----
Just to note, under the chosen-plaintext attack model, if an adversary knows, or can predict, the IV prior to choosing the plaintext, then CBC is insecure; this isn't good, since security against chosen-plaintext attacks is the basic requirement for confidentiality modes of operation, like CBC.

Author: PhiBerLocation: Your MBR PostPosted: Thu Sep 16, 2010 5:04 pm    Post subject:
    ----
Wow, the famous JustinT is back! Nice to see you back and posting. Smile



Networking/Security Forums -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group