Re: using the key as the IV in RijndaelManaged, any problem?

From: Bob (bobatkpmg_at_yahoo.com)
Date: 05/14/04


Date: Fri, 14 May 2004 13:27:05 -0500

Thanks a lot Hernan.

"Hernan de Lahitte" <hernan@lagash.com> wrote in message
news:ubpjqtdOEHA.3348@TK2MSFTNGP09.phx.gbl...
> Bob,
>
> It's not a good idea tu resuse the same key / IV combo. An instresting
> approach might be to derive a password with the "PasswordDeriveBytes"
class
> and generate a random salt. If you want some further details about
password
> generation check out this article:
> http://blogs.msdn.com/shawnfa/archive/2004/04/14/113514.aspx.
>
> --
> Hernan de Lahitte
> Lagash Systems S.A.
> http://weblogs.asp.net/hernandl
>
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
> " Bob" <bobatkpmg@yahoo.com> wrote in message
> news:ufSu8lGOEHA.1104@TK2MSFTNGP10.phx.gbl...
> > Valery:
> >
> > Thanks for the reply. I understand IV can be plain text and what it
does.
> > My question is, if I use the key as the IV (so I don't have to send the
IV
> > as an added baggage or store it on both ends), whether this would add
> > security risks.
> >
> > I need to keep the key on both ends anyway, so it's convenient to use it
> as
> > the IV. but if the convenience brings risks, then I probably shouldn't
do
> > it.
> >
> > Bob
> >
> > "Valery Pryamikov" <Valery@nospam.harper.no> wrote in message
> > news:e$pFNVGOEHA.3596@tk2msftngp13.phx.gbl...
> > > Hi Bob,
> > > you don't need to encrypt IV - just send it in plain text prepended to
> > > cipher text.
> > > The point is that you can use different IV with the same encryption
> > session
> > > key for encrypting multiple packages, thus producing different cipher
> text
> > > even if plain text was the same.
> > > IV is used differently depending on modes of operations. ECB - no
> effect,
> > > CBC XORes every previous cipher block with next plain text block
before
> > > encrypting it, IV is used as the block 0. CFB and OFB uses IV as
> starting
> > > block when generating cipher stream and use previous cipher block for
> > > generating next keystream block.
> > >
> > > -Valery.
> > > http://www.harper.no/valery
> > >
> > > " Bob" <bobatkpmg@yahoo.com> wrote in message
> > > news:u6tcT%23EOEHA.3884@TK2MSFTNGP12.phx.gbl...
> > > >I have two questions hoping someone could give me some insights.
> > > >
> > > > I'm implementing an encryption solution using the RijndaelManaged
> class.
> > > > What I found very strange is that if I use a different IV on the
> > decrypte
> > > > end, a binary file (such as a zip file) decrypts without any
problem,
> > but
> > > > if
> > > > it's a text file, it adds some scrumbled characters at the beginning
> > even
> > > > though the rest of the file is decrypted without problem. Why does
> this
> > > > happen?
> > > >
> > > > Because of this issue, I need to have the same IV on both ends. I'd
> > like
> > > > to
> > > > avoid managing another piece of cryptic data (in addition to the
key),
> > I'm
> > > > thinking of using the key as the IV. I use a 256-bit key so I
> increased
> > > > the
> > > > blocksize on my RijndaelManaged object to 256 and this actually
speed
> up
> > > > the
> > > > encryption process by about 10% when I tested with a file of 3 MB in
> > size.
> > > > This is good. However, I just don't know if using the same byte
array
> > as
> > > > the key and the IV is a security concern, that is, whether it's
easier
> > to
> > > > figure out the IV from the encrypted data. Because if so, then my
key
> > is
> > > > also exposed.
> > > >
> > > > Thanks a lot for any suggestions.
> > > > Bob
> > > >
> > > >
> > >
> > >
> >
> >
>
>