Not Using a Random IV with CBC Mode

From Guidance Share

Jump to: navigation, search

Contents

Description

Not using a random initialization vector with Cipher Block Chaining (CBC) Mode causes algorithms to be susceptible to dictionary attacks.

Applies To

  • Languages: Any
  • Operating platforms: Any

Example

The following example uses a non-random IV:

#include <openssl/evp.h>
EVP_CIPHER_CTX ctx;
char key[EVP_MAX_KEY_LENGTH];
char iv[EVP_MAX_IV_LENGTH];
RAND_bytes(key, b);
memset(iv,0,EVP_MAX_IV_LENGTH);
EVP_EncryptInit(&ctx,EVP_bf_cbc(), key,iv);

Impact

  • Confidentiality: If the CBC is not properly initialized, data which is encrypted can be compromised and therefore be read.
  • Integrity: If the CBC is not properly initialized, encrypted data could be tampered with in transfer or on disk.
  • Accountability: Cryptographic based authentication systems could be defeated.

Vulnerabilities

  • Failure to properly initialize CBC with a random IV.

Countermeasures

  • Integrity: It is important to properly initialize CBC operating block ciphers with a random IV or there value is lost.

Vulnerability Patterns

How Tos

Personal tools