Re: security risk of IV in plaintext CBC mode

---

• From: rossum <rossum48@xxxxxxxxxxxx>
• Date: Mon, 12 Feb 2007 19:14:35 +0000

---

On Mon, 12 Feb 2007 20:31:01 +1100, "kornduff" <kornduff@xxxxxxxxxx>
wrote:

Is there a security risk to transmitting the Initialization Vector in plain
text along with the message in CBC mode? My lecturer says no, but i cant
understand why?

Thanks in advance.

If an attacker can change the IV in transit then she can affect the
decryption of the first cyphertext block. How important is an
uncorrupted decryption of the first block of plaintext to you?

Using a MAC to authenticate the message would detect the corrupted
first block.

rossum

.

---

• Follow-Ups:
  • Re: security risk of IV in plaintext CBC mode
    • From: Matthew Fanto

• References:
  • security risk of IV in plaintext CBC mode
    • From: kornduff

• Prev by Date: Re: Interpreting the test result on a RNG
• Next by Date: Re: Interpreting the test result on a RNG
• Previous by thread: Re: security risk of IV in plaintext CBC mode
• Next by thread: Re: security risk of IV in plaintext CBC mode
• Index(es):
  • Date
  • Thread

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)