RE: cvs commit: openssl/crypto/evp bio_enc.c evp.h

Mon, 13 Nov 2000 18:02:08 -0800 

[Sorry if this is a duplicate - I seem to have problems sending mail]

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Rob Neff
> > >
> > > Eh? Isn't the IV length the same as the block length?
> >
> > Nope. Rijndael's biggest IV is 16 bytes, but the biggest block is 32
> > bytes. I haven't checked why, so if someone wants to enlighten me...
> >
> 
> I too was under the assumption that the IV in use needed to be
> the same size as the block length.  Since Rijndael encrypts at
> 128, 192, and 256 bits, the IV should be 16, 24, or 32 bytes
> in size.
> 
> Not being a cryptography expert myself I'm afraid I provide
> little help to Ben's request.  However, I DID notice that in the
> code downloaded from NIST that in the header file they
> specify a MAX_SIZE of 32 for the IV for cipher structure
> definition.  However, the code in use is hard-coded 16 byte
> memcpy and pointer operations.  Thus it appears that, no
> matter the size of block or key, the IV remains at 16 bytes
> for 128, 192, 256 bits keys.

Note, that this is the "optimized" version of the code. If you look
at the reference implementation, the IV size always corresponds (or,
rather, is supposed to correspond) to the block size. But there seems
to be a buffer overrun bug in there (see rijndael-api-ref.h):

#define BITSPERBLOCK            128             /* Default number of bits in a cipher 
block */
...
#define     MAX_IV_SIZE         BITSPERBLOCK/8  /* # bytes needed to
                                        represent an IV  */
...
typedef struct {
      BYTE  mode;            /* MODE_ECB, MODE_CBC, or MODE_CFB1 */
      BYTE  IV[MAX_IV_SIZE]; /* A possible Initialization Vector for 
                                        ciphering */
      /*  Add any algorithm specific parameters needed here  */
      int   blockLen;           /* Sample: Handles non-128 bit block sizes
                                        (if available) */
      } cipherInstance;

The code in rijndael-api-ref.c happily references blockLen/8 bytes
from IV! Obviously not good for block sizes above 128 bits.

Svenning
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to