开发者

Is that OK to use static IV value in Rijndael encryption for many files?

I have a question about IV in Rijndael encryption.

My current approach of using Rijndael is to use a pair of static Key and Iv for all encryption operations (I mean I use this pair of Key and Iv for all protected files in my computer).

开发者_如何学编程I heard that IV must be unique for each Rijndael encryption. Is that true? What is the problem (if any) for my current approach of using single static Key and Iv pair?


If you encrypt the same message twice, you'll get the same results - by varying either the key or the IV, that won't be the case. (Varying the IV is simpler as you can transmit that in plain text; it doesn't involve any sort of secret exchange.)

That means if you reuse the same IV, that can give information to an attacker: if they know the contents of one message, and they see the same encrypted data again, they'll know it's the same message.

So yes, I would vary the IV each time. (And try to avoid using the same key everywhere, ideally... it's like using the same password for multiple web sites: it means if you're compromised in one place, you've lost security everywhere.)


The initialization vector initializes the AES engine to a specific state. The main goal of using a dynamic IV is that two consecutive encryptions of the same file won't result in the same encrypted value. To decrypt the file, you also need to initialize the AES engine with this same IV. As a consequence, the IV has to be stored with your encrypted file.

I don't think that the initialization vector will offer much additional security in your use case. It's nice to have it when you're encrypting data that can be subject to dictionnary attacks (passwords on the wire, card numbers, PIN code). For files, it will hardly be possible..

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜