All Questions
Tagged with symmetric initialization-vector
26
questions
2
votes
1
answer
69
views
Is AES-GCM safe if same key is used for both uplink and downlink, assuming last IV bit tells the direction
I have designed a cryptographical protocol which uses AES-GCM with a single key.
I have gone to great lengths to ensure the same initialization vector is never reused. The first bits of the ...
- 1,371
2
votes
1
answer
63
views
Is AES-CTR mode with predictable IV vulnerable to CPA attacks?
I'm just confused about this topic problem.
I know that the CBC mode will be vulnerable to CPA attacks if the IV is predictable, but what about the CTR mode?
0
votes
1
answer
101
views
Do I need to use unique IVs if all encrypted data is unique?
I am designing a service where each user has both a unique 256-bit private and public ID. These IDs should be derivable from one another, but only within the backend of my service (as to not expose ...
- 103
1
vote
1
answer
47
views
Can the IV be reused if the key is changed?
I am using AES-GCM-256 to encrypt data in a database, and am using a single key that I salt with a unique random value for each user to encrypt their information. I am using the same IV for all of ...
- 300
0
votes
1
answer
94
views
Is a static IV really less secure than an IV generated from a master key?
As an example, let's take a simple situation where AES-256-CBC with IV + MAC is used to encrypt a given plainText and offer authentication.
...
- 293
0
votes
1
answer
29
views
When would we need a bigger IV than 2 bytes when the IV is derived of a master key?
As an example, let's take a simple situation where AES-256-CBC with IV + MAC is used to encrypt a given plainText to offer both authentication and prevent identical cipherTexts.
...
- 293
1
vote
2
answers
616
views
Why is possible to encrypt multiple messages within the same stream in AES
I have a standard random key and IV. Then I am creating a cipher using these keys and iv and then encrypt a specific message. Later on, if I try to encrypt another message with the same cipher(which ...
user96631
1
vote
1
answer
154
views
How to properly guarantee authentication, confidentiality, and replay-resistance for multiple messages using a pre-shared key?
I have a device that needs to communicate with another host and exchange fixed-length messages.
All traffic should be encrypted and authenticated, and it should be resistant to replay attacks. ...
- 131
1
vote
1
answer
1k
views
Where is the SIV in AES-GCM-SIV?
This is my understanding of Synthentic IVs
You have 2 keys $K_1$ & $K_2$.
$F$ is a PRF
Instead of choosing a separate IV, you instead generate the IV from the PlainText.
$IV = F(K_1, m)$
$c = E(...
- 2,200
0
votes
2
answers
125
views
Multiple IV CBC
CBC's encryption is not paralelizable but I could divide a 64 block message in 4 16 block parts and encrypt those 4 parts separatly in parallel using a diferent IV for each one. Is this unsecure ? Is ...
- 363
3
votes
1
answer
99
views
Number of keystreams generated in Kreyvium for a single key/IV pair
Kreyvium employs 128-bit key and 128-bit IV. By a single initialization procedure using a key/IV pair, how many keystreams can be generated?
- 31
0
votes
2
answers
124
views
Randomly initialised global counter used to encrypt the kth message with $\operatorname{IV} = \operatorname{IV} + k \hspace{5mm} mod \hspace{5mm} 2^n$ [duplicate]
The use of an increasing IV is not secure for a block cipher. That is, using a random IV for the first message then $\operatorname{IV} + 1$ for the second , $\operatorname{IV}+ 2$ for the 3rd etc. How ...
- 1
25
votes
4
answers
39k
views
Is using the same IV in AES similar to not using an IV in the first place?
So if I understand how an IV works with AES, I'm supposed to generate a different IV for every message because using only a key, I will get the same encryption if the message was encrypted twice (...
- 353
2
votes
0
answers
276
views
Rijndael - is there some difference in resistance between counter in generator input and in IV?
I am thinking about Rijndael implementation in order to store tokens (cannot be hashed) - one token for one user. And finally I get stuck with key/IV generation problem :(
The questions are:
1) Is ...
- 121
1
vote
1
answer
280
views
Is it safe to use the same IV for multiple encryptions in AES CBC mode when you are always encrypting random bytes?
I am generating random bytes (16 or 32 bytes at a time), and I want to encrypt them using a 128 bit AES key in CBC mode. Am I really weakening this horribly if I am reusing the same IV and key each ...
- 13