๐TLS CBC IV attack
- tags
- For CBC, the IV must be unpredictable at encryption time.
- Using the ciphertext of the previous block as the IV for the next block encryption (as was used in SSL 2.0) is insecure.
- If an attacker knows the IV (or the previous block of ciphertext) before he specifies the next plaintext, he could test his guess about plaintext of some previous encryption.
Backlinks
- ๐ Initialization Vector
- ๐ Cipher Block Chaining (CBC)
- ๐ ยง Cryptography