Thursday, November 18, 2010

Spot the Crypto Bug

Had a fun crypto bug crop up in a discussion, today; the code in question, functions changed to protect the guilty:

   iv := read_cprng( 16 )
enc := aes_enc( key )
ciphertext := cbc_enc( iv, enc, iv + plaintext )


Where cbc_enc is a function that accepts an initialization vector, a block encryption function, and a buffer containing the plaintext to encrypt, and applies that function using the Cipher Block Chaining mode and the initialization vector.

Can you spot why, regardless of variance in the IV, given a constant plaintext and key, why the ciphertext never varies?

No comments:

Post a Comment