mroth at nessie.de
Mon Sep 14 11:57:44 CEST 1998
On Sun, 13 Sep 1998, Matthew Skala wrote:
> to generate padding to protect against various known weaknesses. Any
> block cipher chaining mode that needs an initialization vector should
> preferably use a strongly-random initialization vector; I believe that
That's wrong ;-) An IV doesn't need to be a strongly random sequence.
In CBC mode the IV should be unique in some other block chaining modes the
IV must be unique. An IV doesn't need to be secret.
A timestamp or a serial number is a perfect IV.
More information about the Gnupg-devel