Author: akemi, Posted: Fri Jul 16, 2010 8:09 am Post subject: AES / CBC decryption with known IV ---- If the IV in CBC mode is set to zero, does that help the attacker decrypt the ciphertext in anyway?
One vulnerability I'm suspecting is that if each block of cipher text in CBC is represented as
Cn = Ek(Cn-1 ⊕ Pn)
Given that IV = 0, it may be possible to find the cipher text Cm such that
Cm = Ek(Pn)
(as if encrypted using ECB mode?)
Any help would be greatly appreciated!
Author: JustinT, Location: Asheville, NC, US / Uberlāndia, MG, BrazilPosted: Sun Sep 05, 2010 3:36 am Post subject: Re: AES / CBC decryption with known IV ---- Just to note, under the chosen-plaintext attack model, if an adversary knows, or can predict, the IV prior to choosing the plaintext, then CBC is insecure; this isn't good, since security against chosen-plaintext attacks is the basic requirement for confidentiality modes of operation, like CBC.
Author: PhiBer, Location: Your MBRPosted: Thu Sep 16, 2010 5:04 pm Post subject: ---- Wow, the famous JustinT is back! Nice to see you back and posting.