Why use an IV when the message length is only one block?



  • I have read that IV's are used with block ciphers in case a sequence is repeated in a message and produces repeated sequences in the ciphertext.

    I see IV's being used in cases where the message is very short, though (e.g. 11 bytes in the example on the attr_encrypted Ruby gem README). Does the use of a unique IV also provide protection in this scenario? If so, how?



  • Now that I can comment I am taking a part of my answer to comment

    IV makes your encryption probabilistic and pseudo-random. No deterministic encryption scheme can be semantically secure and they are not IND-CPA, which is a requirement under all modern ciphers. It also allows for streaming mode ciphers to reuse key for many different messages (same as nonce for stream ciphers). Now, if you don't reuse your key at least not for same message and and the message is only one block, then it is OK I think as long as the block encryption is a pseudo random permutation. Repeating key for same message would allow detection of repeated messages (see ECB penguins) which would not be case with semantically-secure scheme with IV. It is notoriously difficult to avoid if you use same key. But it requires people building their own crypto and for InfoSec, it is much better to use state-of-the-art well tested method.

    I have read that IV's are used with block ciphers in case a sequence is repeated in a message and produces repeated sequences in the ciphertext.

    This is if you encrypt it in ECB mode, i.e. encrypting each block individually. There are ways to encrypt them without using IV to not detect such sequence. But semantic insecurity inherent in fully deterministic encryption scheme still remains if you do not use IV. For example if you use static number in place of IV (or first encrypted block) in CBC mode, you will likely not detect such sequences in the cipher. But you can not only recognize same messages encrypted with the same key but easily detect full block common prefixes in messages.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2