The false and dangerous using of IV and Key with AES
Posted: Sun Jul 16, 2017 2:13 pm
I have seen on a other place a large tutorial for IV and Key using with PB and CBC mode
It's written, as sample :
Use one from more different pre defined IV for encrypting data
A attacker must so try more before he can decrypt, on this way you have a multiple security against brute force
This is absolutely false
AES encrypt blockwise, ever 16 Bytes
The resulted encrypted data from the first block is ever the IV from the next block
So you can only not decrypt the first 16 bytes from the data
You can use millions different IV, you get never more security
You can ever get the iV from a encrypted block for decrypting all next blocks
The IV on AES has so ever a length from 16 Bytes, never from 32 Bytes
Use never a hash without converting to binary for using as IV or key, this is absolutely false
Use for each encrypted files a other crypt randomized binary IV,
then you can add the IV to the files end for getting it again to decrypting (the first block)
Use never a hash without converting to binary for using as key on the AES key register, this is absolutely false
The complexity from this construction can break absolutely each security
This false way cut the used hash, weak so the hash and reduce the security dramaticaly
AES128 has a key register length from 16 Bytes
AES256 has a key register length from 32 Bytes
Looking here a sample for AES128
Key register AES128 - 16 Bytes :
I self think, a admin should see and correct this simple things 
And it is helpfull, i self think, as author from a large tutorial, i should know a little from this, i written
It's written, as sample :
Use one from more different pre defined IV for encrypting data
A attacker must so try more before he can decrypt, on this way you have a multiple security against brute force
This is absolutely false
AES encrypt blockwise, ever 16 Bytes
The resulted encrypted data from the first block is ever the IV from the next block
So you can only not decrypt the first 16 bytes from the data
You can use millions different IV, you get never more security
You can ever get the iV from a encrypted block for decrypting all next blocks
The IV on AES has so ever a length from 16 Bytes, never from 32 Bytes
Use never a hash without converting to binary for using as IV or key, this is absolutely false
Use for each encrypted files a other crypt randomized binary IV,
then you can add the IV to the files end for getting it again to decrypting (the first block)
Use never a hash without converting to binary for using as key on the AES key register, this is absolutely false
The complexity from this construction can break absolutely each security
This false way cut the used hash, weak so the hash and reduce the security dramaticaly
AES128 has a key register length from 16 Bytes
AES256 has a key register length from 32 Bytes
Looking here a sample for AES128
Key register AES128 - 16 Bytes :
Code: Select all
173, 47 ,252 ,121 ,221 ,224 ,248 ,194 ,132 ,026 ,255 ,221 ,216 ,021 ,009 ,001 ; Binary - Available complexity 16 Bytes - 256^16
A ,D ,2 ,F ,F ,C ,7 ,9 ,D ,D ,E ,0 ,F ,8 ,C ,2 ; Ascii hash - Resulted complexity = 8 Bytes 16^16
A ,0 ,D ,0 ,2 ,0 ,F ,0 ,F ,0 ,C ,0 ,7 ,0 ,9 ,0 ; Unicode hash - Resulted complexity = 4 Bytes - 16^8And it is helpfull, i self think, as author from a large tutorial, i should know a little from this, i written