Porting GNUPG

Michael Roth mroth at nessie.de
Mon Sep 14 11:57:44 CEST 1998

On Sun, 13 Sep 1998, Matthew Skala wrote:

> to generate padding to protect against various known weaknesses.  Any
> block cipher chaining mode that needs an initialization vector should
> preferably use a strongly-random initialization vector; I believe that

That's wrong ;-) An IV doesn't need to be a strongly random sequence.
In CBC mode the IV should be unique in some other block chaining modes the
IV must be unique. An IV doesn't need to be secret.
A timestamp or a serial number is a perfect IV.


More information about the Gnupg-devel mailing list