Why is using a Non-Random IV with CBC Mode a vulnerability?

Posted by The Rook on Stack Overflow See other posts from Stack Overflow or by The Rook
Published on 2010-06-09T17:13:30Z Indexed on 2010/06/09 17:52 UTC
Read the original article Hit count: 159

Filed under:
|
|

I understand the purpose of an IV. Specifically in CBC mode this insures that the first block of of 2 messages encrypted with the same key will never be identical. But why is it a vulnerability if the IV's are sequential? According to CWE-329 NON-Random IV's allow for the possibility of a dictionary attack. I know that in practice protocols like WEP make no effort to hide the IV. If the attacker has the IV and a cipher text message then this opens the door for a dictionary attack against the key. I don't see how a random iv changes this. (I know the attacks against wep are more complex than this.)

What security advantage does a randomized iv have? Is this still a problem with an "Ideal Block Cipher"? (A perfectly secure block cipher with no possible weaknesses.)

© Stack Overflow or respective owner

Related posts about security

Related posts about encryption