📝TLS CBC IV attack

tags

§ Cryptography

• For CBC, the IV must be unpredictable at encryption time.

• Using the ciphertext of the previous block as the IV for the next block encryption (as was used in SSL 2.0) is insecure.

• If an attacker knows the IV (or the previous block of ciphertext) before he specifies the next plaintext, he could test his guess about plaintext of some previous encryption.

Backlinks

• 📝 Initialization Vector
• 📝 Cipher Block Chaining (CBC)
• 📝 § Cryptography