> There's no need to go to great lengths to find a place to store the IV.
Wouldn't it be much simpler (having in mind the low cost of storage), to simply append several random bits to the plaintext before ECB encrypton and discard them upon decryption ? For, say, 128-bit block cipher and 16-bit padding (112-bit plaintext and 16-bit random fill) the storage requirement is increased 14% but each block is completely independent, no IV is used at all, and as far as I can see all pitfails of ECB are done away with. Probability of the same plaintext encrypting to the same cyphertext is 1 in 65536. For typical unix disk use this *could* provide some hint that large space is being zeroed, for instance, but when realistic entropy plaintext is being written the danger is negligible. ===== end (of original message) Y-a*h*o-o (yes, they scan for this) spam follows: Yahoo! Health - your guide to health and wellness http://health.yahoo.com
