> > the key, which would make me feel better). > > So at the moment, the data to be encrypted always begins with a 2-byte > length field followed by the bytes of the crypto key, and we leave the > IV initialized to all zeroes. > > Is there any actual advantage in initializing the IV to some hash > function of the crypto key?
Yeah, you don't have to stick it in the document, you could just put say 4 bytes of the encrypted crypto key in the storables to verify that you have the correct key. I'm not certain, but it just makes me uncomfortable using the encryption key as the IV. Perhaps it doesnt matter for good ciphers, but why take the risk. _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
