> IVs act to make the key appear longer. This is especially useful when humans
> are picking passphrases that are used to generate the key. If you control
> what the actual keys are, then you can make dictionary attacks impractical.
> However, there still would be the problem that identical items in the
> database would be identical. Which, depnding on your application, might
> be a problem because of information leakage.
I don't think this is true for CBC mode. Here the first block of plaintext is XORed with the IV then encrypted with a
blockciper like AES for example. The next plaintext block is than XORed with the previous cyphertext and so on.
So IV in CBC is used to make the encrypted cyphertext unique.
You can find some info in chapter 9.3 of "Appplied Cryptopgraphy" from Bruce Schneier.
In my application I do use a different IV for every encrypted plaintext:
$td = mcrypt_module_open('rijndael-128', '', 'cbc', '');
$iv = base64_encode(mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_DEV_URANDOM));
I do use base64 as it is easier to store it in the database.
The plaintext is then encrypted using:
$ciphertext = "encrypt_iv('" . $plaintext . "','" . $password] . "',decode('$iv','base64'),'aes')";
The IV is then stored together with the ciphertext in the database.
Daniel
--
Retrovirology Laboratory Luxembourg
Centre Hospitalier de Luxembourg
4, rue E. Barblé
L-1210 Luxembourg
phone: +352-44116105
fax: +352-44116113
web: http://www.retrovirology.lu
e-mail: struck.d@retrovirology.lu