0

This is a follow up for this question.

PHP AES encrypt / decrypt

I was wondering about the IV. As I see this an random IV is created for decrypt and encrypt separately. And it is not passed along with the data to be decrypted.

If I am not mistaken, an IV can very well be public and be transmitted along with the encrypted data. However it should be random and not re-used all the time (for example taking a series of zeros).

But to decrypt successfully the same IV must be used that has been used to encrypt.

How can the decrypt function work properly when generating a new, random IV?

And it does work, i tested it...

Community
  • 1
  • 1
The Surrican
  • 29,118
  • 24
  • 122
  • 168

1 Answers1

2

The mode being used in that question (MCRYPT_MODE_ECB) ignores the IV passed (as pointed out in this question).

"ECB doesn't perform chaining between blocks so there is no way to use IV. mcrypt uses the same APi for all modules. The IV is simply ignored for ECB because the ECB module has following function defined as int _has_iv() { return 0; }

From MSDN:

Important: This mode is not recommended because it opens the door for multiple security exploits. If the plain text to be encrypted contains substantial repetition, it is feasible for the cipher text to be broken one block at a time. It is also possible to use block analysis to determine the encryption key. Also, an active adversary can substitute and exchange individual blocks without detection, which allows blocks to be saved and inserted into the stream at other points without detection.

Community
  • 1
  • 1
naththedeveloper
  • 4,503
  • 6
  • 36
  • 44